Could you please elaborate on your second point. You can already delete app perms without deleting the app connections to trigger the popup on any further action. And maybe you are right, we should inform the user that if they login to nsec.app on some device then their main key will be downloaded and stored here. We could also include an option to auto-logout (delete key from device) after a while.