Yea I think it ultimately comes down to the pattern of API keys isn't going away for the reasons you described, a macaroon is still like an API key but with extra steps in most cases. Sounds like your persistent of them follows that pattern, seems inescapable to do so.
If we're going that route, may as well use an nsec for the other benefits. I think it'd be cool to wrap your endpoints in a CLINK offer, would be an interesting experiment in UX to use them directly from Nostr clients... will hit you up on slack.
Yea I think it ultimately comes down to the pattern of API keys isn't going away for the reasons you described, a macaroon is still like an API key but with extra steps in most cases. Sounds like your persistent of them follows that pattern, seems inescapable to do so.
If we're going that route, may as well use an nsec for the other benefits. I think it'd be cool to wrap your endpoints in a CLINK offer, would be an interesting experiment in UX to use them directly from Nostr clients... will hit you up on slack.