You can't in general derive two different NPUBs from the same NSEC, or have two different NSECs for the same NPUB. There might be high order reflections/overrlaps, but they end up being mathematically equivalent. For example, these two NSECs are the same: 3501454135014541350145413501453fefb02227e449e57cf4d3a3ce05378683 cafebabecafebabecafebabecafebabecafebabecafebabecafebabecafebabe But most nsecs won't have a reflection. IMHO if nostr is to move to a masterkey-subkey situation, we should use that opportunity to allow for different kinds of keys and different cryptosystems. I want an ed25519 device key issued by my master nsec (and if nostr doesn't support it I don't care because I can still use it in my own projects). Ideally I'd want an ed25519 master key but I predict that nostr won't move in that direction because of the "one way" rule. Also, I want my current keypair to be a device key under a master key that doesn't even exist yet. Because everybody already knows me by this keypair. Clearly it cannot be derived from the future master key. For both of these reasons, I don't think deriving device keys from a master key is going to work. I think they should be independent and simply one signs the other.