The phone client just knows how to sign + publish notes. You could manage multiple keys there. 

Could be used to prove identity as well. A site can just present you with a challenge, and you sign the note on your phone and send it to a relay or API endpoint. 

Rather than an oauth like flow (oauth is clunky) it's more of a 2FA flow. 

Relying on browser extensions to handle nsec is a terrible experience.