I need a solution which abstracts redundancy and bitrot mitigation/detection and presents itself as a single block device (via NBD for example) over the wire. To be used with LUKS on the other side of the wire.
Simply using mdadm to consolidate a bunch of drives in some RAID configuration and NBD that seems to be too simplistic, doesn’t mitigate bitrot.
But I’m at a loss about what to do instead.
Rooting out bitrot: use ECC memory. And a strong encryption-algorithm to sign data sets. But the easiest option: use different vendors for your RAID storage drives. If one particular batch from a particular manufacturer fails, the remaining disks would still hold your data as these are not from that same batch of drives.
Linux has dm-integrity see if it can work for you.
As for presenting block devices, I don’t think NBD is the best choice. I would use ISCSI if possible. It seems to have the best support these days.