diff --git a/go.mod b/go.mod
index f2dc4bb..7cfd691 100644
--- a/go.mod
+++ b/go.mod
@@ -132,4 +132,4 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-replace fiatjaf.com/nostr => gitea.coracle.social/Coracle/nostrlib v0.0.0-20260505183642-fefc85d50080
+replace fiatjaf.com/nostr => gitea.coracle.social/Coracle/nostrlib v0.0.0-20260620150617-d1bc98d0f85b
diff --git a/zooid/management.go b/zooid/management.go
index 323e28e..8ea4738 100644
--- a/zooid/management.go
+++ b/zooid/management.go
@@ -324,6 +324,19 @@ func (m *ManagementStore) ValidateJoinRequest(event nostr.Event) (reject bool, e
 	return true, "invalid: failed to validate invite code"
 }
 
+// Signing
+
+// SignEvent signs an unsigned event template with the relay's own (self) key and
+// returns the full signed event. Used by relay admins to mint events on behalf of
+// the relay — e.g. NIP-43 relay-level role events (NIP-86 signevent).
+func (m *ManagementStore) SignEvent(event nostr.Event) (nostr.Event, error) {
+	if err := m.Config.Sign(&event); err != nil {
+		return event, err
+	}
+
+	return event, nil
+}
+
 // Middleware
 
 func (m *ManagementStore) Enable(instance *Instance) {
@@ -386,4 +399,8 @@ func (m *ManagementStore) Enable(instance *Instance) {
 	instance.Relay.ManagementAPI.ListBannedEvents = func(ctx context.Context) ([]nip86.IDReason, error) {
 		return m.GetBannedEventItems(), nil
 	}
+
+	instance.Relay.ManagementAPI.SignEvent = func(ctx context.Context, event nostr.Event) (nostr.Event, error) {
+		return m.SignEvent(event)
+	}
 }