What’s really cool is that I’ve landed on a pretty straightforward app coordination protocol.
1. Front-end web app presentation (HTTP GET/POST)
2. App dynamic interaction (Websockets)
3. Back-end data transfer (NIP-01, NIP-44, NIP-59 + PQC)
All sensitive data goes through the back end. TLS is not relied on for back-end security.