Subkeys or delegation would solve this problem more elegantly, but it would require all clients and relays to change.
I'm currently using nip46. Soapbox is a modified Mastodon client, so I could make it work. But for unmodified Mastodon clients, i have to have the user run a separate program that signs the events alongside the client, so they don't have to expose their key to the server.
Good clients change, bad clients get left behind. There might be a graceful way to do it that doesnt require everyone to upgrade.
For profile you can keep the same profile pic, maybe have a little dot on there to indicate subkey. It can be verified. Perhaps also something can go in NIP-05.
Tricky thing is pulling in all the replies etc. Worst case is that someone follows your subkey too. Then the WoT stuff gets more complex. Also NIP-98 gets more complext. It could be done in stages.
I do admit I'm probably over-simplifying things!
Oddbean new post about login | logout