Morning,

Yes, in general, Bitcoin does not do anything to prevent users from discarding their keys.

I don't think this will be fixed anytime soon.

There are some protocols where, though, knowing that a key was once known to the recipients may make it legally valid to inflict a punitive measure (e.g., via HTLC), whereas if the key was never known that might be a breach of contract for the payment provider.

Best,

Jeremy

On Tue, May 21, 2019 at 7:52 PM ZmnSCPxj <ZmnSCPxj@protonmail.com> wrote:

Good morning Jeremy,

>If a sender needs to know the recipient can remove the covenant before spending, they may request a signature of an challenge string from the recipients

The recipients can always choose to destroy the privkey after providing the above signature.
Indeed, the recipients can always insist on not cooperating to sign using the taproot branch and thus force spending via the `OP_CHECKOUTPUTSHASHVERIFY`.

Regards,
ZmnSCPxj