There are a few major things:

• A strict permission system: On most other systems, every app can do pretty much anything. Nirvati isolates apps from each other and also from your home network unless they explicitly request permission and you allow it.
• HTTPS only (after install): After installation, Nirvati uses only HTTPS
• Passkey support: Passkeys provide better security than passwords
• Revokable Lightning Node Connections: For other projects, when you install an app that has access to your Lightning Node, it often gets access to an irrevokable admin.macaroon. Same for connections to mobile wallets. If that app ever has a security issue, the macaroon can get stolen and not revoked. On Nirvati, when you uninstall an app (or disconnect a mobile wallet via the UI), the macaroon for that app gets revoked and it can no longer access your node.