Really enjoy the concept that each npub can have its own website no matter the domain name.

This also means going beyond just sha256 and now refer to filenames under a tree structure on that npub (virtual) folder. So we'd look up the most recent sha256 on that path with the same name.

There is the problem of the server side tampering the output, so I guess there would be note from the npub working like a recipe and detail all sha256 that belong to the most current snapshot so we can verify.  

 If clients or users want to verify that the file has not been tampered with then they could easily fetch the events themselves and check that the hash matches what was sent from the server