With the growth of private inbox relays (relays that require auth to query messages to a user), Push Notification systems will have to AUTH on behalf of the user to download new messages and push them to the app.
NIP-63 proposes a new event kind to allow users to give authority to a server's key to download (but not decrypt) your DMs. In that way, you don't need to give your private key to a Push Notification server.
This was just our first idea. Comments are welcome.