start filling out deployment section

Author: okdistribute

deployment/iroh-doctor.mdx

@@ -1,5 +1,5 @@
 ---
-title: "iroh doctor"
+title: "Troubleshooting"
 ---
 
 [iroh doctor](https://github.com/n0-computer/iroh-doctor) is a command-line tool that helps you diagnose network connectivity issues with your iroh setup.

deployment/managing-relays.mdx

@@ -1,5 +1,22 @@
 ---
-title: "Managing Relays"
+title: "Custom Relays"
 ---
 
-Placeholder: Deploying and running relays at scale, configuration and tips.
+By default, iroh will use public shared relays to facilitate connections over
+DNS. These relays handle both forwarding traffic when direct peer-to-peer
+connections are not possible as well as facilitate holepunching for direct
+connections. These relays are managed and maintained by the n0des team, and are
+shared by a global public network of developers.
+
+By default, all iroh endpoints will use the public cloud relays unless you
+purchase a managed relay or deploy your own self-hosted relay.
+
+## Self-Hosted and Managed Relays
+
+If you require more control over your relay infrastructure, you can choose to
+[self-host your own relay](https://github.com/n0-computer/iroh/tree/main/iroh-relay) or [upgrade to a managed relay service](https://n0des.iroh.computer). This allows you
+to have full control over the relay servers, including their configuration,
+security settings, and access controls.
+
+[Sign up for a free trial of n0des](https://n0des.iroh.computer) to get access
+to purchase a managed relay with uptime SLAs.

deployment/security-privacy.mdx

@@ -2,4 +2,41 @@
 title: "Security & Privacy"
 ---
 
-Placeholder: Security considerations, threat model, and privacy guidance.
+iroh is designed with security and privacy as core principles. This document
+outlines the key security and privacy features of iroh, as well as best
+practices for deploying and using iroh in a secure manner.
+
+## End-to-End Encryption
+
+All data transmitted between iroh endpoints is protected with end-to-end
+encryption. This means that data is encrypted on the sender's device and can only
+be decrypted by the intended recipient. Even relay servers that facilitate
+connections between endpoints cannot read the data being transmitted.
+
+End-to-end encryption is achieved using modern cryptographic algorithms and protocols,
+ensuring that data remains confidential and secure during transit. By defaul;t,
+iroh uses Ed25519 keys for endpoint identities and encryption. If you require
+different cryptographic algorithms, you can configure iroh to use them during
+endpoint creation. 
+
+[Contact us for assistance](https://n0.computer/) with custom cryptographic configurations.
+
+## Public Relays
+
+All traffic sent through the public relays is end-to-end encrypted. The relays
+are not able to read any of the traffic that they forward or help connect.
+However, the relays are able to see metadata about connections, such as source
+and destination IP addresses, connection times, and the amount of data
+transferred.
+
+We recommend that you do not use the public relays for sensitive or confidential
+data. If you need more control over your relay infrastructure, we recommend that
+you upgrade to a managed relay or self-host your own relay.
+
+We monitor the public relays for abuse and malicious activity. If we detect
+abuse, we reserve the right to block offending IP addresses or users from
+accessing the public relays.
+
+To learn more about deploying and managing your own relays, see the
+[n0des](//managing-relays) documentation.
+

protocols/automerge.mdx

@@ -10,8 +10,8 @@ eventually converging to the same state on every replica.
 
 ## Example
 
-This example highlights how to integrate [automerge's sync protocol] with
-[iroh's peer-to-peer connectivity].
+This example highlights how to integrate [automerge's sync protocol](https://automerge.org/docs/hello/) with
+[iroh's peer-to-peer connectivity](/concepts/discovery).
 
 
 ```bash