Erc draft

.gitignore

@@ -30,7 +30,7 @@ ignition/deployments/chain-84532
 *apps/notes/
 .claudeignore
 *.claude/
-*.md
+/*.md
 *myplans
 .vercel/
 /tests/scan-engine.test.ts

README.md

@@ -7,9 +7,9 @@
 </p>
 
 <p align="center">
-    <!-- <a href="https://www.npmjs.com/package/@verbeth/sdk">
+    <a href="https://www.npmjs.com/package/@verbeth/sdk">
         <img src="https://img.shields.io/npm/v/@verbeth/sdk?style=flat-square">
-    </a> -->
+    </a>
     <a href="LICENSE">
         <img src="https://img.shields.io/badge/license-MPL--2.0-blue?style=flat-square">
     </a>
@@ -32,28 +32,63 @@
 - [**TweetNaCl**](https://tweetnacl.js.org/) – for encryption/decryption with NaCl box
 - [**Ethers v6**](https://docs.ethers.org/v6/) – for all Ethereum interactions
 - [**Viem**](https://viem.sh/) – specific for EIP-1271/6492 verification
-- [**Dexie**](https://dexie.org/) – used for the local IndexedDB storage in the [demo app](https://verbeth-demo.vercel.app/)
 
----
+
 
 ## How it works
 
-To start a conversation, Alice emits a `Handshake` event with her ephemeral keys and an identity proof. Bob sees it, verifies her, and replies with a `HandshakeResponse`. They combine X25519 and ML-KEM-768 secrets to derive a shared root key that's secure even against future quantum computers.
+To start a conversation, Alice emits a `Handshake` event with her ephemeral keys and an identity proof. Bob sees it, verifies her, and replies with a `HandshakeResponse`. They combine X25519 and ML-KEM-768 secrets to derive a shared root key that's secure against future quantum computers.
+
+From there it's just encrypted `MessageSent` events back and forth. A Double Ratchet keeps churning keys forward so old messages stay safe even if something leaks later. Topics rotate too, making it hard for observers to link conversations across time.
+
+
+### Deployed Address
+
+Verbeth goes through the proxy at `0x82C9c5475D63e4C9e959280e9066aBb24973a663`. The current implementation behind it is `VerbethV1` at `0x51670aB6eDE1d1B11C654CCA53b7D42080802326`. Every deployment uses deterministic CREATE2, so the same address shows up on every supported chain:
+
+| Chain | Chain ID |
+| --- | --- |
+| Base mainnet | 8453 |
+| Base Sepolia | 84532 |
+| Ethereum Sepolia | 11155111 |
+
+For mor in-depth explanations on like discoverability, identity key binding and non-repudiation head over to the [docs](https://docs.verbeth.xyz).
+
+
+## Install
+
+The SDK is published on npm as [`@verbeth/sdk`](https://www.npmjs.com/package/@verbeth/sdk). Drop it into any project with
+
+```bash
+npm install @verbeth/sdk
+```
 
-From there it's just encrypted `MessageSent` events back and forth. A Double Ratchet keeps churning keys forward so old messages stay safe even if something leaks later. Topics rotate too, making it hard for observers to link conversations across time. More info [here]().
+or with pnpm
 
+```bash
+pnpm add @verbeth/sdk
+```
 
-### Deployed Addresses (base mainnet)
 
-VerbethV1 (singleton) `0x51670aB6eDE1d1B11C654CCA53b7D42080802326`
+## Build from source
 
-ERC1967Proxy `0x82C9c5475D63e4C9e959280e9066aBb24973a663`
+If you want to hack on the protocol locally, clone the repo and build everything from scratch. You'll need pnpm since the workspace relies on it.
 
+```bash
+git clone https://github.com/okrame/verbeth.git
+cd verbeth
+pnpm install
+pnpm run build
+```
 
-### Notes on the current model
+That compiles both the SDK and the contracts. The SDK lands in `packages/sdk/dist` with CJS and ESM outputs ready to be consumed.
 
-**Discoverability**: If the sender does not yet know the recipient’s long-term public key (X25519), the sender (i.e. initiator) must emit a `Handshake` event. The recipient (i.e. reponder) replies with their keys and identity proof, after which the sender caches the verified mapping. If the key is already known (from a past `HandshakeResponse`, an on-chain announcement, or a static mapping), the handshake can be skipped.
+To run the test suite
 
-**Identity key binding**: The message (es. “VerbEth Key Binding v1\nAddress: …\nPkEd25519: …\nPkX25519: …\nContext: …\nVersion: …”) is signed by the evm account directly binding its address to the long-term keys (i.e. preventing impersonation).
+```bash
+pnpm run test:unit         
+pnpm run test:contracts     
+pnpm run test:integration   
+```
 
-**Non-repudiation**: By default, confidentiality and integrity are guaranteed by AEAD with NaCl box. Additionally, the sender can attach a detached Ed25519 signature over using the Ed25519 key bound in the handshake. This effectively provides per-message origin authentication that is verifiable: a recipient (or any third party) can prove the message was produced by the holder of that specific Ed25519 key. Otherwise, attribution relies on context, making sender spoofing at the application layer harder to detect.                                                                                                                                                                                                                                                             |
+The integration tests need Anvil running, so run it in another terminal first with `pnpm run anvil:start`.