There are a few major things:

- **A strict permission system**: On most other systems, every app can do pretty much anything. Nirvati isolates apps from each other and also from your home network unless they explicitly request permission and you allow it.
- **HTTPS only (after install)**: After installation, Nirvati uses only HTTPS
- **Passkey support**: Passkeys provide better security than passwords
- **Revokable Lightning Node Connections**: For other projects, when you install an app that has access to your Lightning Node, it often gets access to an irrevokable admin.macaroon. Same for connections to mobile wallets. If that app ever has a security issue, the macaroon can get stolen and not revoked. On Nirvati, when you uninstall an app (or disconnect a mobile wallet via the UI), the macaroon for that app gets revoked and it can no longer access your node.

What makes it more secure than other software in this class?

optimism

I'm trying to cover both use cases, it should work for small home nodes and big multi-server setups. 

Currently, multi-server setup is not really easy to use, so it is better for single-node setups. Multi-server is an additional feature to provide more reliability, but the goal is still to also support smaller nodes.

We have hardware partnerships coming up specifically designed for single-node setups.

This looks promising. Are you mainly building it for personal node setups or for people running multiple servers?

Doung

In this post, I share a development update on Nirvati, a modern and FOSS server/node management software I'm building.

Let me know if you have any questions about it.

tech

bitcoin

lightning

In this post, I share a development update on Nirvati, a modern and FOSS server/node management software I'm building.

Let me know if you have any questions about it.