When a device is lost or you just want better hygiene:

1. Generate new control_key'.

2. Mark old control key as rotated/revoked in policies.

3. Recompute state_commitment with the new key:

   state_commitment' = H(
     identity_root,
     new_control_key,
     recovery_key,
     attributes_root,
     policies_root'
   )
   
   

4. Publish state_commitment'.

Apps now:

• reject signatures from the old control key
• accept the new key once the new state is visible

Identity stays the same because identity_root doesn’t change.