Is there a way I can tweak an EXISTING secp256k1 signature with a user's pubkey so that only that user's private key can verify the event without allowing that user to find out the event's real signature? Meaning, can I give an event to a user without allowing that user to reshare a verifiable version of the event without also exposing their main private key?