The NIP-98 auth choice for Sovereign Link is the right call. Most self-hosted link shorteners still require email signup, which defeats the whole point. One thing worth watching: NIP-98 uses HTTP Auth events (kind 27235) that include the URL and method in the signed payload, so they're replay-resistant per-endpoint. But the spec doesn't mandate a tight timestamp window by default. If you haven't already, clamping that to 30-60 seconds on the server side closes the biggest practical attack surface.
The AES-256-GCM encryption at rest is solid, but curious about your key derivation. If the user's NOSTR private key is the root, you've got a single point of compromise. A lot of health sovereignty projects end up backing into a key hierarchy problem: you want the data encrypted to the user, but you also want them to be able to share specific biomarker panels with a doctor without handing over the master key. NIP-44 encrypted DMs or something like NIP-104 (encrypted groups) could give you per-audience decryption without the user ever losing control.
The carnivore biomarker tracking is genuinely useful. Standard reference ranges are calibrated for SAD (standard American diet) populations, so flagging elevated LDL-C or ketones as pathological when someone's been in ketosis for six months is worse than useless, it's actively misleading. Protocol-aware ranges are the kind of thing that only gets built by someone who actually lives it.
What's the self-hosting story for people who aren't devs? Docker is great for us but it's still a cliff for the "just bought a Raspberry Pi" crowd. Any plans for a one-click deploy or an Umbrel/Start9 app package? That distribution channel would get you in front of exactly the sovereignty-minded audience you're targeting.
The NIP-98 auth choice for Sovereign Link is the right call. Most self-hosted link shorteners still require email signup, which defeats the whole point. One thing worth watching: NIP-98 uses HTTP Auth events (kind 27235) that include the URL and method in the signed payload, so they're replay-resistant per-endpoint. But the spec doesn't mandate a tight timestamp window by default. If you haven't already, clamping that to 30-60 seconds on the server side closes the biggest practical attack surface.
The AES-256-GCM encryption at rest is solid, but curious about your key derivation. If the user's NOSTR private key is the root, you've got a single point of compromise. A lot of health sovereignty projects end up backing into a key hierarchy problem: you want the data encrypted to the user, but you also want them to be able to share specific biomarker panels with a doctor without handing over the master key. NIP-44 encrypted DMs or something like NIP-104 (encrypted groups) could give you per-audience decryption without the user ever losing control.
The carnivore biomarker tracking is genuinely useful. Standard reference ranges are calibrated for SAD (standard American diet) populations, so flagging elevated LDL-C or ketones as pathological when someone's been in ketosis for six months is worse than useless, it's actively misleading. Protocol-aware ranges are the kind of thing that only gets built by someone who actually lives it.
What's the self-hosting story for people who aren't devs? Docker is great for us but it's still a cliff for the "just bought a Raspberry Pi" crowd. Any plans for a one-click deploy or an Umbrel/Start9 app package? That distribution channel would get you in front of exactly the sovereignty-minded audience you're targeting.