I’m really looking forward to seeing your implementation for authenticated feeds!
I recently set up Lasso for a private site that holds my notes and find it both a bit too heavy (I don’t want multi-domain SSO at the moment) and not flexible enough (no ACL support).
Yeah, Lasso is meant to just obtain and present a user identifier to the backend, but has no ACL or other policy knowledge. It's perfect for things like the indieweb wiki, and *could* be used to build private feeds, but you need more code for that.