And once we find a good enough solution, educating new coming users on the trade-offs. 

 backup profile.json is MUST for everyone once a week 

 What is this? In which client is this available? 

 can use standalone web tool or builtin function within client(s) or self-host tool of code in github
one such example - metadata.nostr.com 

 some problems solved by user awareness n education can solve this - not spoonfeeding script / server in backend is solution always 

 Client? Pos 1 never happened w/ @Nostur  

 Local Backups, perhaps? 

 About key management, I like the idea of using a trusted domain (like github, or your own site, etc) to provide the link to the npub used.

This allows the user to let their ID in a centralized service to mitigate the risk of losing his private keys.
 
It would be nice if nostr clients had an option to give a big red alert if the "trusted domain" keys stopped matching the npub. 

It could be a big alert, or per default just switch to what the trusted domain is saying.

 

 That is what NIP-05 is for. It creates a binding between a website and your npub.

But this doesn't help you manage your private key safely, or recover if your private key is lost, or if you want to rollover because your private key was never kept very securely.