Exactly… NIP96 always uses the original file’s hash in the url even when the content was transformed, I.e. then the content returned does not match the hash in the url. Mirroring/Reupload with the same hash is therefore impossible.

When transforms are disabled (there is an option) then NIP96 behaves very similar to blossom in terms of hash usage (except for paths and auth events). 

Kieran nudged me to implement both on bouquet.slidestr.net and they play along nicely when not using server side transformations.