diff --git a/Dockerfile.local b/Dockerfile.local
new file mode 100644
index 0000000..55470f3
--- /dev/null
+++ b/Dockerfile.local
@@ -0,0 +1,44 @@
+FROM node:20.11-bullseye AS build
+
+WORKDIR /app
+
+# Install pnpm
+RUN npm install -g pnpm
+
+# Copy package files
+COPY package*.json pnpm-lock.yaml ./
+
+# Replace workspace:* with actual npm version for @nostr-dev-kit/ndk
+RUN sed -i 's/"@nostr-dev-kit\/ndk": "workspace:\*"/"@nostr-dev-kit\/ndk": "^2.10.0"/' package.json
+
+# Install dependencies
+RUN pnpm install --no-frozen-lockfile
+
+# Copy application files
+COPY . .
+
+# Generate prisma client and build the application
+RUN npx prisma generate
+RUN pnpm run build
+
+# Runtime stage
+FROM node:20.11-alpine as runtime
+
+WORKDIR /app
+
+RUN apk update && \
+    apk add --no-cache openssl && \
+    rm -rf /var/cache/apk/*
+
+# Copy built files from the build stage
+COPY --from=build /app .
+
+# Install only runtime dependencies
+RUN npm install -g pnpm && \
+    sed -i 's/"@nostr-dev-kit\/ndk": "workspace:\*"/"@nostr-dev-kit\/ndk": "^2.10.0"/' package.json && \
+    pnpm install --prod --no-frozen-lockfile
+
+EXPOSE 3000
+
+ENTRYPOINT [ "node", "./dist/index.js" ]
+CMD ["start"]
diff --git a/PULL_REQUEST_0.10.6.md b/PULL_REQUEST_0.10.6.md
new file mode 100644
index 0000000..e78196c
--- /dev/null
+++ b/PULL_REQUEST_0.10.6.md
@@ -0,0 +1,42 @@
+# Pull Request: nostr-tools v2 compatibility and null kind handling
+
+## Summary
+
+This PR fixes compatibility issues with nostr-tools v2 and a null pointer issue when creating policies with rules that have null kind values.
+
+## Changes
+
+### Bug Fixes
+
+1. **nostr-tools v2 Compatibility** (`src/daemon/run.ts`, `src/daemon/admin/commands/create_new_key.ts`, `src/daemon/admin/commands/create_account.ts`)
+   - nostr-tools v2 changed `generateSecretKey()` to return `Uint8Array` instead of hex string
+   - Added conversion using new `bytesToHex()` utility function
+
+2. **Null Kind Handling** (`src/daemon/admin/commands/create_new_policy.ts`)
+   - Fixed `TypeError: Cannot read properties of null (reading 'toString')` when creating policies with rules that have `null` kind values (e.g., method-only rules like `allowMethod("sign_event")`)
+   - Added null check before calling `.toString()` on `rule.kind`
+
+### New Files
+
+- **`src/utils/hex.ts`**: Utility functions for converting between `Uint8Array` and hex strings
+  - `bytesToHex(bytes: Uint8Array): string`
+  - `hexToBytes(hex: string): Uint8Array`
+
+### Version Bump
+
+- `package.json`: 0.10.5 → 0.10.6 (PATCH version for bug fixes)
+
+## Testing
+
+- Tested with nsecbunker-java E2E test suite
+- All admin operations (key creation, policy creation, key listing) working correctly
+- Policy rules with null kind values are now handled properly
+
+## Breaking Changes
+
+None. This is a backward-compatible bug fix release.
+
+## Related Issues
+
+- Fixes compatibility with nostr-tools v2.x
+- Fixes policy creation with method-only rules (no kind specified)
diff --git a/PULL_REQUEST_dockerfile_casing.md b/PULL_REQUEST_dockerfile_casing.md
new file mode 100644
index 0000000..72fc157
--- /dev/null
+++ b/PULL_REQUEST_dockerfile_casing.md
@@ -0,0 +1,22 @@
+# Pull Request: Dockerfile stage casing consistency
+
+## Summary
+
+Normalize the runtime stage declaration in the multi-stage Dockerfile to use uppercase `AS`, matching the build stage and eliminating a lint warning about inconsistent casing.
+
+## Changes
+
+1. **Dockerfile Stage Casing** (`Dockerfile`)
+   - Switched `as runtime` to `AS runtime` for consistent multi-stage syntax
+
+## Testing
+
+- Not run (cosmetic Dockerfile change only)
+
+## Breaking Changes
+
+None.
+
+## Related Issues
+
+- Addresses Dockerfile lint warning for inconsistent `FROM`/`AS` casing
diff --git a/nostr-tools-v2-patch.md b/nostr-tools-v2-patch.md
new file mode 100644
index 0000000..f49bbfb
--- /dev/null
+++ b/nostr-tools-v2-patch.md
@@ -0,0 +1,51 @@
+# Patch to upgrade nsecbunkerd to nostr-tools v2
+
+## Step 1: Update package.json
+Change: "nostr-tools": "^1.17.0" → "nostr-tools": "^2.17.0"
+
+## Step 2: Add hex conversion utility
+Create file: src/utils/hex.ts
+
+```typescript
+export function bytesToHex(bytes: Uint8Array): string {
+  return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
+}
+
+export function hexToBytes(hex: string): Uint8Array {
+  const bytes = new Uint8Array(hex.length / 2);
+  for (let i = 0; i < hex.length; i += 2) {
+    bytes[i / 2] = parseInt(hex.substr(i, 2), 16);
+  }
+  return bytes;
+}
+```
+
+## Step 3: Patch files that decode nsec
+
+### src/daemon/run.ts (line ~41)
+```diff
++import { bytesToHex } from '../utils/hex.js';
+...
+-const hexpk = nip19.decode(nsec).data as string;
++const hexpk = bytesToHex(nip19.decode(nsec).data as Uint8Array);
+```
+
+### src/commands/add.ts (line ~37)  
+```diff
++import { bytesToHex } from '../utils/hex.js';
+...
+-decoded = nip19.decode(nsec);
++const decoded = nip19.decode(nsec);
++const hexpk = decoded.type === 'nsec' ? bytesToHex(decoded.data as Uint8Array) : decoded.data;
+```
+
+### src/daemon/admin/commands/create_new_key.ts (line ~16)
+```diff
++import { bytesToHex } from '../../../utils/hex.js';
+...
+-key = new NDKPrivateKeySigner(nip19.decode(_nsec).data as string);
++key = new NDKPrivateKeySigner(bytesToHex(nip19.decode(_nsec).data as Uint8Array));
+```
+
+## Note
+npubEncode/decode still uses hex strings in v2, so request-from-admin.ts works unchanged.
diff --git a/package-lock.json b/package-lock.json
index 01d49ba..7cd730f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,19 +1,19 @@
 {
   "name": "nsecbunkerd",
-  "version": "0.11.1",
+  "version": "0.11.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "nsecbunkerd",
-      "version": "0.11.1",
+      "version": "0.11.2",
       "license": "MIT",
       "dependencies": {
         "@fastify/formbody": "^7.4.0",
         "@fastify/view": "^8.2.0",
         "@inquirer/password": "^1.1.2",
         "@inquirer/prompts": "^1.2.3",
-        "@nostr-dev-kit/ndk": "^2.18.1",
+        "@nostr-dev-kit/ndk": "file:../ndk/core",
         "@prisma/client": "^5.4.1",
         "@scure/base": "^1.1.1",
         "@types/yargs": "^17.0.24",
diff --git a/package.json b/package.json
index ac7f55f..151f011 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "nsecbunkerd",
-  "version": "0.11.1",
+  "version": "0.11.2",
   "description": "nsecbunker daemon",
   "main": "dist/index.js",
   "bin": {
@@ -42,7 +42,7 @@
     "@fastify/view": "^8.2.0",
     "@inquirer/password": "^1.1.2",
     "@inquirer/prompts": "^1.2.3",
-    "@nostr-dev-kit/ndk": "^2.18.1",
+    "@nostr-dev-kit/ndk": "file:../ndk/core",
     "@prisma/client": "^5.4.1",
     "@scure/base": "^1.1.1",
     "@types/yargs": "^17.0.24",