Remote LUKS disk decryption over mTLS

I have two VPSs with full disk encryption. Sadly, neither provides a TPM so I've always had to connect by SSH to type my password. I've spent the last weekend thinking of a way to automate the process without weakening the threat model and came up with this protocol. You can find the sequence diagram in the README, consider that the spec.

This is the threat model:

- Internal network is trusted, nodes are not. However, a compromised network unlock server won't collude with a network attacker.

- Attacker has full access to the public network.

- Attacker has eventual access to the disk and can recover any deleted file.

Any full disk encryption unlocking scheme of a remote machine without a TPM, e.g. SSH-ing into a dropbear initramfs, is vulnerable to the same attacker: someone who can read your unencrypted /boot partition and sit on your network. Against dropbear, they extract the SSH host key from the initramfs, impersonate your server, and capture the passphrase you type.

This protocol doesn't strive to be stronger than that, it accepts the same threat model. An attacker with disk access + network access within the TTL window can steal the ephemeral TLS cert + key from /boot, connect to the server, and retrieve Na. The protocol just removes the human from the loop while being no worse than typing a password over SSH.

I'm running this on my pair of VPSs, so if anyone finds a hole inside the threat model please let me know! I don't run anything critical but would rather not get hacked by playing with homebrew protocols. This wasn't vibe coded, so you'd be arguing with my ideas and not an LLM.