As a first pass, I'd model it like DNSSEC. The delegator (parent) has a DS record (event) having the delegatee (child) pubkey. Additional tags could be added for specific delegations.