Hmm, I guess to regenerate a secret you can request it back, then regenerate it?

If the idea is to keep the secrets off the permanent log, when your peers return the secret, they ought to encrypt it to a ephemeral key that you provide, so you can recover the secret, but if someone compromises your devices at a later point, they cannot recover the secret from looking at the private messages.

I think the next step should be to go through the DC protocol step by step and analyze what happens if a device is compromised at particular times.