Why encrypted alerts matter
Operational messages often contain hostnames, deployment status, internal URLs, or failure context. Nerve is designed so senders post encrypted payloads into a pipe.
Separate credentials
Sender credentials are not agent credentials. This reduces blast radius when CI/CD secrets leak.
Designed for workflows
Nerve is not a consumer messenger. It is a small ops pipe for developer signals and optional signed actions.
What encryption does and does not solve
Encryption protects the alert payload from the relay and limits what a third party can read. It does not make a bad message safe. Do not include passwords, private keys, raw database dumps, or complete CI logs with secrets.
Good encrypted alert payloads
deploy failed service=api env=prod sha=abc123backup stale db=production age=29h host=db-1ssl expires domain=example.com days=6ssh login user=deploy host=prod-1
Credential boundaries
A CI pipeline should usually get a sender DSN only. A server that needs signed actions can run an agent with a separate token. Keeping those credentials separate is what reduces blast radius when one environment leaks.
Quick start
go install github.com/nerve-ink/nerve-cli/cmd/nerve@latest
export NERVE_DSN="nerve://TOKEN:[email protected]"
echo "deploy failed" | nerve sendFAQ
Are push notifications encrypted end to end?
Nerve encrypts operational payloads before routing them through the relay. Push services receive notification metadata needed for delivery.
Is Nerve a webhook receiver?
It can receive send-only signals, but it is designed around encrypted envelopes and scoped sender credentials.
Can I use it without the agent?
Yes. Send-only signals are the default path.