But honestly one of the reasons why these sorts of apps dont take off, is they rigidly adhere to security properties that dont make sense and nobody really cares about, at the expense of making an unusable app.
Matrix clients have e2ee encryption like Signal or WhatsApp.
Every single one of my close contacts that I have on my server have ignored or misunderstood the instructions to download and store the recovery key when they first access the servers.
I have customers on my support channel who keep trying different clients (Element, ElementX, Fractal) and every time they fail to validate their sessions.
Then I have customers who got their phone stolen and then come asking me to either delete the data on their phone.
---
There is no magic about "putting it in a app to manage it". If any "app approach" you come up with creates a sandbox between user and device, then the user can not even see their private keys, then they effectively do not own it.
If you are doing "nostr, but with keys sandboxed on the device", then you are just recreating Signal - which is not decentralized - then what's the point?
Nostr's whole shtick is about "users owning their keys". If I can not change the keys used on WhatsApp or Signal, I do not own them. They are not in the same class, so the comparison is moot.