@askalf/dario 3.4.5 → 3.5.0

package/README.md

@@ -1,11 +1,6 @@
 <p align="center">
   <h1 align="center">dario</h1>
-  <p align="center"><strong>Use your Claude subscription as an API. The only proxy that bills correctly.</strong></p>
-  <p align="center">
-    No API key needed. Your Claude Max/Pro subscription becomes a local API endpoint<br/>
-    that any tool, SDK, or framework can use. Template replay makes every request<br/>
-    indistinguishable from real Claude Code — so your Max plan limits actually work.
-  </p>
+  <p align="center"><strong>Use your Claude subscription inside your local tools and scripts — without moving to API billing or rebuilding your workflow around a separate stack.</strong></p>
 </p>
 
 <p align="center">
@@ -18,220 +13,252 @@
 
 <p align="center">
   <a href="#quick-start">Quick Start</a> &bull;
-  <a href="#openai-compatibility">OpenAI Compat</a> &bull;
-  <a href="#usage-examples">Examples</a> &bull;
-  <a href="#askalf">askalf</a> &bull;
+  <a href="#who-this-is-for">Who it's for</a> &bull;
+  <a href="#why-switch">Why switch</a> &bull;
+  <a href="#how-it-works">How it works</a> &bull;
+  <a href="#from-standalone-to-askalf">Standalone → askalf</a> &bull;
   <a href="#trust--transparency">Trust</a> &bull;
   <a href="#faq">FAQ</a>
 </p>
 
 ---
 
-```bash
-npx @askalf/dario login   # detects Claude Code credentials, starts proxy
+## What it is
 
-# now use it from anywhere — Anthropic or OpenAI SDK
-export ANTHROPIC_BASE_URL=http://localhost:3456   # or OPENAI_BASE_URL=http://localhost:3456/v1
-export ANTHROPIC_API_KEY=dario                    # or OPENAI_API_KEY=dario
-```
+dario is a local process that turns your Claude Max or Pro subscription into an API endpoint that any tool on your machine can use. It talks to Anthropic the same way Claude Code does, so your subscription's rate limits are what you spend against — not a separate API billing tier.
 
-Opus, Sonnet, Haiku — all models, streaming, tool use. **Zero dependencies.** ~2,000 lines of TypeScript. Works with Cursor, Continue, Aider, LiteLLM, Hermes, OpenClaw, or any tool that speaks the Anthropic or OpenAI API. Auto-launches under [Bun](https://bun.sh) when available for TLS fingerprint fidelity. **Auto-detects OAuth config from your installed CC binary** so dario stays in sync forever — Anthropic can rotate client IDs and dario picks them up on the next run.
+Install it once, log in once (using your existing Claude Code credentials if you have them), and from that point on every tool that speaks the Anthropic API or the OpenAI chat completions API — Cursor, Continue, Aider, LiteLLM, your own scripts, whatever — can reach Claude through `http://localhost:3456`.
 
-dario is the **per-request layer** — one account, one workload, every request indistinguishable from CC on the wire. Session-level and account-level concerns (multi-account pooling, behavioral-classifier shaping, 24/7 fleets) live a layer above dario, in [askalf](https://askalf.org) — [see below](#askalf). Both are built by the same team on the same OAuth and billing infrastructure.
+**Single-account mode is the default.** You don't need an account anywhere, you don't need to wait for anything, and nothing phones home. Install and run.
 
-<table>
-<tr>
-<td colspan="3" align="center"><br/><strong>Independently reviewed by 3 competing AI companies</strong><br/><br/></td>
-</tr>
-<tr>
-<td width="33%" valign="top">
+**Pool mode** (new in v3.5.0) lifts multi-account routing into dario itself. Add two or more Claude subscriptions with `dario accounts add`, and dario starts selecting per request by the account with the most headroom, marking exhausted accounts rejected until they reset. No hosted platform required — you run the pool on your machine, against your own subscriptions. See [Multi-Account Pool Mode](#multi-account-pool-mode) below for the details.
 
-**Grok** (xAI)
+Separately, [askalf](https://askalf.org) is the hosted platform that does the things a local proxy on your machine can't — browser and desktop control, scheduling, persistent memory, 24/7 hosted fleets. Different problem, different tool. Dario does not depend on askalf, and askalf is not required to use any dario feature.
 
-*"Dario works great and is safe. Fully functional with OpenClaw / Hermes. Gives you Opus, Sonnet & Haiku using your existing Claude Max/Pro sub. No extra API key or billing needed. Streaming + tools work perfectly. 100% open-source, runs locally only, proper OAuth (PKCE), no telemetry. Highly recommended if you want a clean local proxy."*
+---
 
-</td>
-<td width="33%" valign="top">
+## Who this is for
 
-**Copilot** (Microsoft)
+**Best fit:**
+- Power users already paying for Claude Max or Pro who want Claude available inside their local stack — editors, terminals, scripts, internal tools — without moving to API billing.
+- Small teams that work in terminals and IDEs, not in hosted agent stacks, and want Claude as a drop-in provider for whatever tools they already use.
+- Anyone who wants Claude Code's billing behavior on their own requests, from their own code.
 
-*"Verdict: Safe for local use — well-implemented with strong security practices. Minimal attack surface: zero runtime dependencies, PKCE OAuth, localhost-only binding, timing-safe auth, zero telemetry. The main risk vector is operator error rather than code defects."*
+**Not a fit:**
+- You need vendor-managed production SLAs on every request. Use the Anthropic API directly.
+- You need high-scale agent orchestration, multi-account pooling, or session-level classifier shaping. That's [askalf](https://askalf.org), which dario bridges into.
+- You want a hosted chat UI. Use claude.ai.
 
-</td>
-<td width="33%" valign="top">
+---
 
-**Gemini** (Google)
+## First use case
 
-*"Highly recommended for personal, local development. Solves a massive pain point for developers by bridging Claude Max/Pro subscriptions with developer IDEs, saving substantial API costs. Modular & lean, modern PKCE auth, SSRF protection, mature CI/CD pipeline with CodeQL and npm provenance attestations."*
+> Use Claude in your local automation and developer workflows the way you'd normally reach for an API — but backed by the subscription you already pay for.
 
-</td>
-</tr>
-<tr>
-<td colspan="3" align="center"><br/><strong>In production</strong><br/><br/></td>
-</tr>
-<tr>
-<td colspan="3" valign="top">
+You install dario, point your existing tool at `http://localhost:3456`, and that tool now sees Claude. The tool doesn't know it's going through a proxy; from its perspective dario *is* the Anthropic API. Your subscription handles the billing. Your Max plan limits are what count against usage.
 
-*"The 429s were driving us crazy running a multi-agent stack on Claude Max. You found the billing tag, fixed the checksum, reverse-engineered the per-request hash from the binary — running clean, zero reclassification."* — [@belangertrading](https://github.com/belangertrading), multi-agent stack on Claude Max
+Flow on a fresh machine:
 
-</td>
-</tr>
-</table>
+1. `npm install -g @askalf/dario`
+2. `dario login` — detects your installed Claude Code credentials, or runs its own OAuth flow if you don't have CC installed
+3. `dario proxy` — starts the local server on port 3456
+4. Set two environment variables in the tool you already use:
+   ```bash
+   ANTHROPIC_BASE_URL=http://localhost:3456
+   ANTHROPIC_API_KEY=dario
+   ```
+5. That tool now uses your Claude subscription. Streaming works, tool use works, prompt caching works.
+
+No separate API key. No Extra Usage charges. No rebuilding your workflow around a new provider.
 
 ---
 
-## Why dario
+## Why switch
 
-Most Claude subscription proxies have a critical billing problem: **Anthropic classifies their requests as third-party and routes all usage to Extra Usage billing** — even when you have Max plan limits available. You're paying for your subscription twice.
+**Use dario if** you already pay for Claude Max or Pro and you want Claude inside the tools you already use, without paying API rates for every request or routing your work through a second hosted stack.
 
-dario is the only proxy that solves this. Instead of transforming your requests signal by signal, dario uses **template replay** — it replaces the entire request with Claude Code's exact template. 25 tool definitions, 25KB system prompt, exact field order, exact beta headers, exact metadata structure. Only your conversation content is preserved. When Bun is installed, dario auto-relaunches under Bun for TLS fingerprint fidelity matching CC's runtime. Anthropic's classifier sees a genuine Claude Code request because it IS one.
+**Use dario pool mode if** you're running multi-agent workloads and hitting per-subscription rate limits — add 2–N accounts with `dario accounts add` and dario handles headroom-aware routing across them, all on your machine, against your own subscriptions. No hosted stack to sign up for. See [Multi-Account Pool Mode](#multi-account-pool-mode).
 
-| | dario | Other proxies |
-|---|---|---|
-| **Approach** | Template replay — sends CC's actual request | Signal matching or none |
-| **Tools** | CC's exact tool definitions sent upstream | Client tools (detected) |
-| **Max plan limits** | Used correctly | Bypassed — billed separately |
-| **Detection resistance** | Undetectable at the per-request level without flagging CC itself | Detected by tool names, field order, effort level, etc. |
-| **Dependencies** | 0 | Many |
+**Use the Anthropic API directly if** you need platform-native primitives, vendor-managed production usage, high-scale control, or SLAs your subscription tier doesn't cover. Dario isn't trying to replace the API — it's trying to unlock the subscription you already bought.
 
-<details>
-<summary><strong>vs competitors</strong></summary>
+**Don't use dario if** you want a subprocess bridge that shells out to `claude --print` under the hood. Those tools (openclaw-claude-bridge and similar) work well for single-team single-machine workloads that can accept a one-subscription rate ceiling and a one-machine deployment. Dario is the API-path alternative, which trades that simplicity for pooling-friendly behavior on the wire. Different tradeoffs, different tool.
 
-| Feature | dario | Meridian | CLIProxyAPI |
-|---------|-------|---------|------------|
-| Template replay (undetectable) | **Yes** | No | No |
-| Direct OAuth (streaming, tools) | **Yes** | Yes (SDK-based) | No |
-| OpenAI API compat | **Yes** | Yes | Yes |
-| Orchestration sanitization | **Yes** | Yes | No |
-| Token anomaly detection | **Yes** | Yes | No |
-| Codebase size | ~2,000 lines | ~9,000 lines | Platform |
-| Dependencies | 0 | Many | Many |
-| Setup | 2 commands | Config + build | Config + dashboard |
+---
 
-</details>
+## Quick Start
 
-## The Problem
+```bash
+# Install
+npm install -g @askalf/dario
 
-You pay $100-200/mo for Claude Max or Pro. But that subscription only works on claude.ai and Claude Code. If you want to use Claude with **any other tool** — Cursor, Continue, Aider, your own scripts — you need a separate API key with separate billing.
+# Log in (detects Claude Code credentials if installed)
+dario login
 
-**dario fixes this.** It creates a local proxy that translates API key auth into your subscription's OAuth tokens. Your subscription handles the billing. No API key needed.
+# Start the proxy
+dario proxy
 
-**Note:** Claude subscriptions have [usage limits](https://support.claude.com/en/articles/11647753-how-do-usage-and-length-limits-work) that reset on rolling 5-hour and 7-day windows. You can check your utilization via Claude Code's `/usage` command or the [statusline](https://code.claude.com/docs/en/statusline).
+# Anthropic SDK
+export ANTHROPIC_BASE_URL=http://localhost:3456
+export ANTHROPIC_API_KEY=dario
 
-## Quick Start
+# or OpenAI-compatible tools
+export OPENAI_BASE_URL=http://localhost:3456/v1
+export OPENAI_API_KEY=dario
+```
 
-### Prerequisites
+Opus, Sonnet, Haiku — all models, streaming, tool use, prompt caching, extended thinking. **Zero runtime dependencies.** ~2,000 lines of TypeScript. Auto-launches under [Bun](https://bun.sh) when available for TLS fingerprint fidelity with Claude Code's runtime. **Auto-detects OAuth config from your installed CC binary** so dario stays in sync forever — Anthropic can rotate client IDs and dario picks them up on the next run.
 
-[Claude Code](https://docs.anthropic.com/en/docs/claude-code/overview) installed and logged in (recommended). Dario detects your existing Claude Code credentials automatically and also auto-extracts the current OAuth client config from the installed CC binary so dario stays in sync with whatever CC version you have, even when Anthropic rotates client IDs.
+---
 
-If Claude Code isn't installed, dario runs its own OAuth flow — opens your browser, you authorize, done.
+## How It Works
 
-### Install
+Dario has two modes: **direct API mode** (the default) and **passthrough mode** (`--passthrough`).
 
-```bash
-npm install -g @askalf/dario
-```
+### Direct API Mode — Template Replay
 
-Or use npx (no install needed):
+This is the mode you want for almost every case. Dario takes each request you send it and replaces it with a Claude Code request: same 25 tool definitions, same 25KB system prompt, same field order, same beta headers, same metadata structure, same device identity. Only your conversation content is preserved. Anthropic's classifier sees what looks like a Claude Code session because, from the wire up, it *is* one — and that's what keeps your usage on subscription billing instead of Extra Usage.
 
-```bash
-npx @askalf/dario login
 ```
+┌───────────┐     ┌─────────────────────┐     ┌──────────────────┐
+│ Your App  │ ──> │   dario (proxy)     │ ──> │ api.anthropic.com│
+│           │     │   localhost:3456    │     │                  │
+│ sends     │     │                     │     │  sees a genuine  │
+│ its own   │     │  replaces request   │     │  Claude Code     │
+│ tools &   │     │  with CC template   │     │  request         │
+│ params    │     │  keeps only content │     │                  │
+└───────────┘     └─────────────────────┘     └──────────────────┘
+```
+
+The details that matter:
+
+- **Billing tag** reconstructed using CC's own algorithm extracted from the binary: `x-anthropic-billing-header: cc_version=<version>.<build_tag>; cc_entrypoint=cli; cch=<5-char-hex>;` where `build_tag = SHA-256(seed + chars[4,7,20] of user message + version).slice(0,3)`.
+- **Beta set** — CC's exact beta list in CC's order, minus any beta that would require Extra Usage to be enabled on your account.
+- **OAuth config** auto-detected from the installed CC binary at startup. When Anthropic rotates `client_id`, authorize URL, or scopes, dario picks up the new values on the next run without needing a new release. Falls back to hardcoded CC 2.1.104 prod values if CC isn't installed. Cache at `~/.dario/cc-oauth-cache-v3.json`, keyed by binary fingerprint.
+- **Session ID** rotates per request via `x-claude-code-session-id`, matching how `claude --print` behaves. A persistent session ID across rapid requests is a behavioral signal.
+- **Framework scrub** — framework identifiers and known fingerprint tokens (`OpenClaw`, `sessions_*` tool prefixes, orchestration tags, etc.) are stripped from both the system prompt and message content before the request goes upstream.
+- **Bun auto-relaunch** — when Bun is installed, dario relaunches under it so its TLS fingerprint matches CC's runtime. Without Bun, dario runs on Node.js and works fine; the TLS fingerprint is the only difference.
 
-### Login
+### Passthrough Mode — `--passthrough`
+
+For tools that need exact Anthropic protocol fidelity with nothing injected. This mode does an OAuth token swap and nothing else: no billing tag, no template, no device identity.
 
 ```bash
-dario login
+dario proxy --passthrough
 ```
 
-- **With Claude Code installed:** Detects your credentials automatically and starts the proxy. No browser needed.
-- **Without Claude Code:** Opens your browser to Claude's OAuth page. Authorize, and dario captures the token automatically via a local callback server. Then run `dario proxy` to start the server.
+Use it when the upstream tool already builds a Claude-Code-shaped request on its own and you just need the token auth.
+
+### Detection scope
+
+Dario is a **per-request layer**. Every request it sends upstream is designed to be indistinguishable from a Claude Code request, and the per-request scrubbing hardened in v3.4.5 makes that meaningfully harder to fingerprint than it was when v3.0 first shipped. What dario cannot do at the per-request level is defend against Anthropic's session-level behavioral classifiers — those operate on cumulative per-OAuth aggregates (token throughput, conversation depth, streaming duration, inter-arrival timing) and no amount of per-request hardening reaches them. The practical answer to that problem is *distributing* load across multiple subscriptions so no single account accumulates enough signal to trip the classifier — which is what pool mode (below) does.
+
+---
+
+## Multi-Account Pool Mode
 
-### Start the proxy
+*New in v3.5.0.* Dario can manage multiple Claude subscriptions and route each request to the account with the most headroom. Single-account dario is unchanged and remains the default — pool mode activates **only** when `~/.dario/accounts/` contains 2+ accounts.
 
 ```bash
+# Add accounts to the pool. Each runs its own OAuth flow.
+dario accounts add work
+dario accounts add personal
+dario accounts add side-project
+
+# List them
+dario accounts list
+
+# Start the proxy — pool mode activates automatically
 dario proxy
 ```
 
+### How it routes
+
+Each incoming request picks the account with the highest **headroom**:
+
+```
+headroom = 1 - max(util_5h, util_7d)
 ```
-dario — http://localhost:3456
 
-Your Claude subscription is now an API.
+The response's `anthropic-ratelimit-unified-*` headers are parsed back into the pool so the next request sees fresh utilization. An account that returns a 429 is marked `rejected` and routed around until its window resets. When every account is exhausted, incoming requests queue for up to 60 seconds waiting for headroom to reappear, with backoff-aware draining.
 
-Usage:
-  ANTHROPIC_BASE_URL=http://localhost:3456
-  ANTHROPIC_API_KEY=dario
+Accounts can use different plans — mix Max and Pro accounts freely. The pool doesn't care about tier, only headroom.
 
-Auth: open (no DARIO_API_KEY set)
-OAuth: healthy (expires in 11h 42m)
-Model: passthrough (client decides)
-```
+### Why pool over per-request tricks alone
+
+Per-request template replay is necessary but not sufficient for multi-agent workloads. Anthropic's classifier operates on cumulative per-OAuth-session aggregates (see the [FAQ entry](#faq) on multi-agent reclassification), and no amount of per-request hardening reaches that layer. The practical answer is *distribution* — spread load so no single account accumulates enough signal to trip anything. Pool mode is the piece that does that, and the headroom-aware selection means you don't have to think about which account is which; dario picks.
 
-### Use it
+### Inspection endpoints
 
 ```bash
-# Set these two env vars — every Anthropic SDK respects them
-export ANTHROPIC_BASE_URL=http://localhost:3456
-export ANTHROPIC_API_KEY=dario
+# Live pool snapshot — per-account utilization, claim, status
+curl http://localhost:3456/accounts
 
-# Now any tool just works
-openclaw start
-aider --model claude-opus-4-6
-continue  # in VS Code, set base URL in config
-python my_script.py
+# Pool analytics — per-account / per-model stats, burn-rate, exhaustion predictions
+curl http://localhost:3456/analytics
 ```
 
-## Passthrough Mode
+### Known scope for v3.5.0
 
-For tools that need exact Anthropic protocol fidelity with zero modification, use `--passthrough` (alias: `--thin`). This does OAuth swap only — no billing tag, no template replay, no device identity, no extra beta flags. Note: most tools (including Hermes and OpenClaw) work better through default mode, which handles billing classification automatically.
+Pool mode v3.5.0 ships **headroom-aware selection across requests**. It does not yet retry a single in-flight request against a different account when that request 429s — that ships in v3.5.1 along with analytics recording wiring. Across-request routing is already effective: a 429 on one request immediately marks that account rejected, and the next request goes somewhere else.
 
-```bash
-dario proxy --passthrough               # Thin proxy, zero injection
-dario proxy --thin --model=opus         # Thin proxy + model override
-```
+---
 
-## Model Selection
+## Dario and askalf
 
-Force a specific model for all requests — useful when your tool doesn't let you configure the model:
+Dario is fully useful on its own — single-account mode is the default, pool mode (above) scales to as many Claude subscriptions as you want to add, and neither mode requires an account anywhere. Everything dario does is open-source and self-hosted.
 
-```bash
-dario proxy --model=opus      # Force Opus 4.6
-dario proxy --model=sonnet    # Force Sonnet 4.6
-dario proxy --model=haiku     # Force Haiku 4.5
-dario proxy                   # Passthrough (client decides)
-```
+[askalf](https://askalf.org) is the hosted platform built on top of the same OAuth and billing infrastructure, targeting the things a local proxy can't deliver by design:
 
-Full model IDs also work: `--model=claude-opus-4-6`
+| | dario | askalf |
+|---|---|---|
+| **Accounts** | 1 (single) or N (pool mode) | Managed pool, no setup |
+| **Rate limits** | Distributed across your own pool | Distributed across the hosted fleet |
+| **Browser / desktop control** | No | Yes — full computer use |
+| **Scheduling** | No | Cron, webhooks, triggers |
+| **Persistent memory** | No | Per-agent context and state |
+| **Hosted dashboard** | No | Yes |
+| **Runs where** | Your machine | Hosted |
+| **Price** | Free | Paid |
 
-## OpenAI Compatibility
+Pool mode in dario covers the "I want multi-account routing on my own machine with my own subscriptions" case. askalf covers the "I want someone else to run this, with a dashboard, and 24/7 fleet capabilities my own machine can't give me" case. Dario is and will remain open-source and free.
 
-Dario implements `/v1/chat/completions` — any tool built for the OpenAI API works with your Claude subscription. No code changes needed.
+**[Join the askalf waitlist →](https://askalf.org)**
 
-```bash
-dario proxy --model=opus
+---
 
-export OPENAI_BASE_URL=http://localhost:3456/v1
-export OPENAI_API_KEY=dario
+## Commands
 
-# Cursor, Continue, LiteLLM, any OpenAI SDK — all work
-```
+| Command | Description |
+|---------|-------------|
+| `dario login` | Log in (detects CC credentials or runs its own OAuth flow) |
+| `dario proxy` | Start the local API proxy on port 3456 |
+| `dario status` | Show OAuth token health and expiry |
+| `dario refresh` | Force an immediate token refresh |
+| `dario logout` | Delete stored credentials |
+| `dario accounts list` | List accounts in the multi-account pool |
+| `dario accounts add <alias>` | Add a new account to the pool (runs OAuth flow) |
+| `dario accounts remove <alias>` | Remove an account from the pool |
+| `dario help` | Full command reference |
 
-Use `--model=opus` to force the model regardless of what the client sends. Or pass `claude-opus-4-6` as the model name directly — Claude model names work as-is.
+### Proxy options
 
-## Usage Examples
+| Flag / env | Description | Default |
+|---|---|---|
+| `--passthrough` / `--thin` | Thin proxy — OAuth swap only, no template injection | off |
+| `--preserve-tools` / `--keep-tools` | Keep client tool schemas instead of remapping to CC tools | off |
+| `--model=<name>` | Force a model (`opus`, `sonnet`, `haiku`, or full ID) | passthrough |
+| `--port=<n>` | Port to listen on | `3456` |
+| `--host=<addr>` / `DARIO_HOST` | Bind address. Use `0.0.0.0` for LAN, or a specific IP (e.g. a Tailscale interface). When non-loopback, also set `DARIO_API_KEY`. | `127.0.0.1` |
+| `--verbose` / `-v` | Log every request | off |
+| `DARIO_API_KEY` | If set, all endpoints (except `/health`) require a matching `x-api-key` or `Authorization: Bearer` header. Required when `--host` binds non-loopback. | unset (open) |
+| `DARIO_CORS_ORIGIN` | Override the browser CORS `Access-Control-Allow-Origin`. Useful for browser clients reaching dario over a mesh network. | `http://localhost:${port}` |
+| `DARIO_NO_BUN` | Disable automatic Bun relaunch | unset |
+| `DARIO_MIN_INTERVAL_MS` | Minimum ms between requests (rate governor) | `500` |
+| `DARIO_CC_PATH` | Override path to the Claude Code binary for OAuth detection | auto-detect |
 
-### curl
+---
 
-```bash
-curl http://localhost:3456/v1/messages \
-  -H "Content-Type: application/json" \
-  -H "anthropic-version: 2023-06-01" \
-  -d '{
-    "model": "claude-opus-4-6",
-    "max_tokens": 1024,
-    "messages": [{"role": "user", "content": "Hello!"}]
-  }'
-```
+## Usage
 
 ### Python
 
@@ -240,15 +267,15 @@ import anthropic
 
 client = anthropic.Anthropic(
     base_url="http://localhost:3456",
-    api_key="dario"
+    api_key="dario",
 )
 
-message = client.messages.create(
+msg = client.messages.create(
     model="claude-opus-4-6",
     max_tokens=1024,
-    messages=[{"role": "user", "content": "Hello!"}]
+    messages=[{"role": "user", "content": "Hello!"}],
 )
-print(message.content[0].text)
+print(msg.content[0].text)
 ```
 
 ### TypeScript / Node.js
@@ -261,222 +288,64 @@ const client = new Anthropic({
   apiKey: "dario",
 });
 
-const message = await client.messages.create({
+const msg = await client.messages.create({
   model: "claude-opus-4-6",
   max_tokens: 1024,
   messages: [{ role: "user", content: "Hello!" }],
 });
 ```
 
-### Streaming
+### OpenAI-compatible (Cursor, Continue, LiteLLM, Aider, …)
+
+```bash
+export OPENAI_BASE_URL=http://localhost:3456/v1
+export OPENAI_API_KEY=dario
+```
+
+Any tool that accepts an OpenAI base URL works as-is. Claude model names pass through directly; GPT-style names (`gpt-4`, `gpt-5.4`, etc.) map to their closest Claude equivalents so tools with hardcoded OpenAI model lists work without code changes.
+
+### curl
 
 ```bash
 curl http://localhost:3456/v1/messages \
   -H "Content-Type: application/json" \
   -H "anthropic-version: 2023-06-01" \
-  -d '{
-    "model": "claude-opus-4-6",
-    "max_tokens": 1024,
-    "stream": true,
-    "messages": [{"role": "user", "content": "Write a haiku about APIs"}]
-  }'
+  -d '{"model":"claude-opus-4-6","max_tokens":1024,"messages":[{"role":"user","content":"Hello!"}]}'
 ```
 
-### With Other Tools
+### Streaming, tool use, prompt caching, extended thinking
 
-```bash
-# Cursor / Continue / any OpenAI-compatible tool
-OPENAI_BASE_URL=http://localhost:3456/v1 OPENAI_API_KEY=dario cursor
+All supported in both Anthropic and OpenAI SSE formats. Tool-use streaming emits `input_json_delta` events. Prompt caching works as-is. Extended thinking is routed through `reasoning_effort` in OpenAI format or the native `thinking` field in Anthropic format.
 
-# Aider
-ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario aider --model claude-opus-4-6
+### Library mode
 
-# Any tool that uses ANTHROPIC_BASE_URL
-ANTHROPIC_BASE_URL=http://localhost:3456 ANTHROPIC_API_KEY=dario your-tool-here
-```
-
-### Hermes
+Dario is also importable:
 
-Add to `~/.hermes/config.yaml`:
+```typescript
+import { startProxy, getAccessToken, getStatus } from "@askalf/dario";
 
-```yaml
-model:
-  base_url: "http://localhost:3456/v1"
-  api_key: "dario"
-  default: claude-opus-4-6
+await startProxy({ port: 3456, verbose: true });
+const token = await getAccessToken();
+const status = await getStatus();
 ```
 
-### OpenClaw
+### Health check
 
-Add to your `openclaw.json` models config:
+```bash
+curl http://localhost:3456/health
+```
 
 ```json
 {
-  "models": {
-    "providers": {
-      "anthropic": {
-        "baseUrl": "http://127.0.0.1:3456",
-        "apiKey": "dario",
-        "api": "anthropic-messages",
-        "models": [
-          {
-            "id": "claude-sonnet-4-6",
-            "name": "claude-sonnet-4-6",
-            "contextWindow": 1000000,
-            "maxTokens": 64000,
-            "input": ["text"],
-            "reasoning": true
-          },
-          {
-            "id": "claude-opus-4-6",
-            "name": "claude-opus-4-6",
-            "contextWindow": 1000000,
-            "maxTokens": 64000,
-            "input": ["text"],
-            "reasoning": true
-          }
-        ]
-      }
-    }
-  }
+  "status": "ok",
+  "oauth": "healthy",
+  "expiresIn": "11h 42m",
+  "requests": 47
 }
 ```
 
-**Note:** Use `http://127.0.0.1:3456` without `/v1` — OpenClaw adds the path itself.
-
 ---
 
-## How It Works
-
-### Direct API Mode (default) — Template Replay
-
-```
-┌───────────┐     ┌─────────────────────┐     ┌──────────────────┐
-│ Your App  │ ──> │   dario (proxy)     │ ──> │ api.anthropic.com│
-│           │     │   localhost:3456    │     │                  │
-│ sends     │     │                     │     │  sees a genuine  │
-│ its own   │     │  replaces request   │     │  Claude Code     │
-│ tools &   │     │  with CC template   │     │  request         │
-│ params    │     │  keeps only content │     │                  │
-└───────────┘     └─────────────────────┘     └──────────────────┘
-```
-
-Your app sends whatever it wants — any tools, any parameters. dario replaces the entire request with Claude Code's template and injects only your conversation content. The upstream sees CC's exact tool definitions, field structure, and parameters.
-
-### Passthrough Mode (`--passthrough`)
-
-```
-┌───────────┐     ┌─────────────────┐     ┌──────────────────┐
-│ Your App  │ ──> │  dario (proxy)  │ ──> │ api.anthropic.com│
-│           │     │  localhost:3456 │     │                  │
-│ sends     │     │  swaps API key  │     │  sees valid      │
-│ API       │     │  for OAuth      │     │  OAuth bearer    │
-│ request   │     │  nothing else   │     │  token           │
-└───────────┘     └─────────────────┘     └──────────────────┘
-```
-
-### What dario actually sends upstream
-
-In direct mode, every request dario sends to Anthropic is a genuine Claude Code request. Key fields injected or enforced:
-
-**Billing tag** — reconstructed using Claude Code's own algorithm extracted from the CC binary:
-```
-x-anthropic-billing-header: cc_version=<version>.<build_tag>; cc_entrypoint=cli; cch=<5-char-hex>;
-```
-The build tag is `SHA-256(seed + chars[4,7,20] of user message + version).slice(0,3)`. The `cch` is a fresh random 5-char hex per request. Both were extracted via MITM capture.
-
-**Beta set** — exactly 8 betas from CC, in CC's order:
-```
-claude-code-20250219, oauth-2025-04-20, context-1m-2025-08-07,
-interleaved-thinking-2025-05-14, context-management-2025-06-27,
-prompt-caching-scope-2026-01-05, advisor-tool-2026-03-01, effort-2025-11-24
-```
-
-**Request headers** — CC's exact Stainless SDK headers, including `x-stainless-runtime-version: v24.3.0` (the Node.js compat version CC reports when running on Bun), `x-app: cli`, `user-agent: claude-cli/<version>`, `anthropic-dangerous-direct-browser-access: true`.
-
-**Upstream URL** — `api.anthropic.com/v1/messages?beta=true`, matching CC's own request format.
-
-**Device identity** — `metadata.user_id` loaded from `~/.claude/.claude.json`. Without this, Anthropic classifies the request as third-party and routes it to Extra Usage billing instead of the Max plan allocation.
-
-**Session ID** — rotates per request via `x-claude-code-session-id`. A persistent session ID across many rapid requests is a behavioral detection signal; CC `--print` creates a new session each invocation.
-
-**Rate governor** — 500ms minimum between requests (configurable via `DARIO_MIN_INTERVAL_MS`). Configurable for agent workloads that need tighter pacing.
-
-### OAuth Config Auto-Detection
-
-Anthropic periodically rotates the OAuth `client_id`, authorize URL, token URL, and scopes that Claude Code uses. Historically this caused `"Invalid client id"` errors until a new dario release shipped.
-
-Dario scans the installed CC binary at startup and extracts the current config directly:
-
-- **Anchor**: `BASE_API_URL:"https://api.anthropic.com"` — this literal appears only inside CC's live prod OAuth config block, so the scanner reliably lands in the right object even when the minifier reorders fields across CC releases.
-- **Extracted**: `CLIENT_ID`, `CLAUDE_AI_AUTHORIZE_URL`, `TOKEN_URL`, and the full `user:*` scope string. A defensive check rejects any scan result that matches a known-dead internal client_id.
-- **Cached**: Results stored at `~/.dario/cc-oauth-cache-v2.json` keyed by binary fingerprint (first 64KB sha256 + size + mtime). Cold scan ~500ms, cache hit ~5ms. Re-scans only when CC is upgraded.
-- **Fallback**: If CC is not installed or scanning fails, dario uses the CC 2.1.104 prod config values hardcoded in-tree. No user action needed.
-- **Override**: Set `DARIO_CC_PATH=/path/to/claude` to point dario at a non-standard CC binary location.
-
-CC ships three OAuth config factories (`local`, `staging`, `prod`) in one binary, selected at runtime by a function that is hardcoded to `prod` in shipped builds. Only the prod block is live; the other two are dead code paths CC uses when pointing at internal dev/staging infrastructure. The scanner targets the prod block specifically.
-
-End-to-end verification lives at [`test/oauth-detector.mjs`](test/oauth-detector.mjs).
-
----
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `dario login` | Detect credentials and start proxy |
-| `dario proxy` | Start the local API proxy |
-| `dario status` | Check if your token is healthy |
-| `dario refresh` | Force an immediate token refresh |
-| `dario logout` | Delete stored credentials |
-| `dario help` | Show usage information |
-
-### Proxy Options
-
-| Flag/Env | Description | Default |
-|----------|-------------|---------|
-| `--passthrough` / `--thin` | Thin proxy — OAuth swap only, no injection | off |
-| `--preserve-tools` / `--keep-tools` | Keep client tool schemas instead of remapping to CC tools | off |
-| `--model=MODEL` | Force a model (`opus`, `sonnet`, `haiku`, or full ID) | passthrough |
-| `--port=PORT` | Port to listen on | `3456` |
-| `--host=ADDRESS` / `DARIO_HOST` | Bind address. Use `0.0.0.0` to accept LAN connections, or a specific IP to bind selectively (e.g. a Tailscale interface). When non-loopback, also set `DARIO_API_KEY`. | `127.0.0.1` |
-| `--verbose` / `-v` | Log every request | off |
-| `DARIO_API_KEY` | If set, all endpoints (except `/health`) require matching `x-api-key` or `Authorization: Bearer`. **Required** when `--host` binds to anything other than loopback. | unset (open) |
-| `DARIO_CORS_ORIGIN` | Override the browser CORS `Access-Control-Allow-Origin`. Useful for browser-based clients (open-webui, librechat) connecting over a mesh network. | `http://localhost:${port}` |
-| `DARIO_NO_BUN` | Disable automatic Bun relaunch (stay on Node.js) | unset |
-| `DARIO_MIN_INTERVAL_MS` | Minimum ms between requests (rate governor) | `500` |
-| `DARIO_CC_PATH` | Override path to Claude Code binary for OAuth detection | auto-detect |
-
-## Supported Features
-
-### Direct API Mode
-- All Claude models (Opus 4.6, Sonnet 4.6, Haiku 4.5) + 1M extended context aliases (`opus1m`, `sonnet1m`)
-- **Template replay** — replaces the entire request with Claude Code's exact template. 25 tool definitions, 25KB system prompt, exact body key order, exact beta headers (model-conditional), exact metadata structure. Client tools are mapped to CC equivalents and reverse-mapped in responses. Template data stored as JSON for easy updates.
-- **`--preserve-tools` mode** — opt-out of CC tool schema replacement for agent frameworks that rely on their own custom tool definitions. Default mode still remaps for maximum detection resistance.
-- **OAuth auto-detect** — scans the installed CC binary for OAuth config at startup. Stays in sync with whatever CC version you have; falls back to known-good hardcoded values if no binary is found. Override with `DARIO_CC_PATH`.
-- **Bun auto-relaunch** — auto-detects Bun and relaunches under it for TLS fingerprint fidelity. CC runs on Bun; Node.js has a different TLS fingerprint visible at the network level.
-- **Session ID rotation** — each request gets a fresh session ID via `x-claude-code-session-id`, matching CC behavior.
-- **Rate governor** — configurable minimum interval between requests via `DARIO_MIN_INTERVAL_MS`.
-- **Enriched 429 errors** — rate limit errors include utilization %, limiting window, and reset time instead of Anthropic's default `"Error"` message.
-- **Auto-retry on long-context errors** — when Anthropic returns 400 or 429 with `"long context beta is not yet available"` or `"Extra usage is required"`, dario transparently retries without the `context-1m-2025-08-07` beta flag.
-- **OpenAI-compatible** (`/v1/chat/completions`) — works with any OpenAI SDK or tool.
-- Streaming and non-streaming (both Anthropic and OpenAI SSE formats, including tool_use streaming).
-- Tool use / function calling.
-- System prompts and multi-turn conversations.
-- Prompt caching and extended thinking.
-- **Billable beta filtering** — strips `extended-cache-ttl` from client betas (the only beta requiring Extra Usage enabled on the account).
-- **Beta deduplication** — client-provided betas are deduplicated against the base set before appending.
-- **Orchestration tag sanitization** — strips agent-injected XML (`<system-reminder>`, `<env>`, `<task_metadata>`, etc.) before forwarding.
-- **Token anomaly detection** — warns on context spike (>60% input growth) or output explosion (>2x previous).
-- Concurrency control (max 10 concurrent upstream requests).
-- CORS enabled (works from browser apps on localhost).
-
-### Passthrough Mode
-- All Claude models with native streaming and tool use.
-- OAuth token swap only — no billing tag, no template injection, no device identity.
-- Minimal beta flags (`oauth-2025-04-20` + client betas only).
-- For tools that need exact Anthropic protocol fidelity with zero modification.
-
 ## Endpoints
 
 | Path | Description |
@@ -487,182 +356,100 @@ End-to-end verification lives at [`test/oauth-detector.mjs`](test/oauth-detector
 | `GET /health` | Proxy health + OAuth status + request count |
 | `GET /status` | Detailed OAuth token status |
 
-## Health Check
-
-```bash
-curl http://localhost:3456/health
-```
-
-```json
-{
-  "status": "ok",
-  "oauth": "healthy",
-  "expiresIn": "11h 42m",
-  "requests": 47
-}
-```
-
-## Security
-
-| Concern | How dario handles it |
-|---------|---------------------|
-| Credential storage | Reads from Claude Code (`~/.claude/.credentials.json`) or its own store (`~/.dario/credentials.json`) with `0600` permissions |
-| OAuth flow | PKCE (Proof Key for Code Exchange) — no client secret needed |
-| OAuth config source | Auto-detected from local CC binary at runtime; cached at `~/.dario/cc-oauth-cache-v2.json`. Detector reads binary in read-only mode, never modifies it. |
-| Token exposure | Tokens never logged; redacted from all error messages. |
-| Network binding | Binds to `127.0.0.1` by default. Override with `--host` / `DARIO_HOST` for mesh/LAN use; dario refuses to treat non-loopback binds as safe and requires you to set `DARIO_API_KEY` to avoid an unauthenticated LAN-reachable proxy. Upstream traffic goes only to `api.anthropic.com` over HTTPS. |
-| Auth timing | `timingSafeEqual` used for `DARIO_API_KEY` comparison. |
-| SSRF protection | Only `/v1/messages` and `/v1/complete` are proxied upstream — hardcoded allowlist. |
-| Body size | 10MB hard cap per request. 30s read timeout prevents slow-loris. |
-| Token refresh | Auto-refreshes 30 minutes before expiry. Refresh tokens rotate on each use. Mutex prevents concurrent refresh races. |
-| Telemetry | None. Zero analytics, tracking, or data collection of any kind. |
-
 ---
 
-## askalf
-
-**dario and askalf solve different layers of the same problem.**
-
-dario is the per-request layer: one account, one workload, every request on the wire indistinguishable from Claude Code. It's what you reach for when you want your Max/Pro subscription usable from any tool that speaks the Anthropic or OpenAI API. It does not pool accounts, shape sessions, distribute load, or care about cumulative behavioral signals — those are not per-request concerns, and solving them at the per-request layer is a category error.
+## Trust & Transparency
 
-**askalf** is the layer above that: multi-account pooling behind one endpoint, session and workload shaping to stay under Anthropic's session-level classifiers, persistent browser and desktop sessions, scheduling, and a hosted fleet that runs 24/7. Built on the same OAuth and billing infrastructure as dario.
+Dario handles your OAuth tokens. Here's why you can trust it:
 
-| | dario | askalf |
-|---|---|---|
-| **What it is** | Local proxy, single account | Hosted agent fleet, multi-account |
-| **Rate limits** | Your subscription's limits | Distributed across fleet, near-zero 429s |
-| **Browser / desktop** | No | Yes — full computer use |
-| **Scheduling** | No | Yes — cron, webhooks, triggers |
-| **Persistent memory** | No | Yes — per-agent memory and context |
-| **Custom tools** | Via `--preserve-tools` | Native MCP tool server |
-| **Setup** | 2 commands | Waitlist → dashboard |
+| Signal | Status |
+|---|---|
+| **Source code** | ~2,000 lines of TypeScript across 7 files — small enough to audit in one sitting |
+| **Dependencies** | 0 runtime dependencies. Verify: `npm ls --production` |
+| **npm provenance** | Every release is [SLSA-attested](https://www.npmjs.com/package/@askalf/dario) via GitHub Actions |
+| **Security scanning** | [CodeQL](https://github.com/askalf/dario/actions/workflows/codeql.yml) runs on every push and weekly |
+| **Credential handling** | Tokens never logged, redacted from errors, stored with `0600` permissions |
+| **OAuth flow** | PKCE (Proof Key for Code Exchange) — no client secret |
+| **Network scope** | Binds to `127.0.0.1` by default. `--host` allows LAN/mesh with `DARIO_API_KEY` gating. Upstream traffic goes only to `api.anthropic.com` over HTTPS |
+| **SSRF protection** | Only `/v1/messages` and `/v1/complete` proxy upstream — hardcoded allowlist |
+| **Telemetry** | None. Zero analytics, tracking, or data collection |
+| **Audit trail** | [CHANGELOG.md](CHANGELOG.md) documents every release |
 
-If you're running multi-agent workflows, hitting rate limits on Claude Max, or want agents that run 24/7 without babysitting, **[join the waitlist at askalf.org](https://askalf.org)**.
+Verify the npm tarball matches this repo:
 
-dario will always be open-source and free. askalf is the hosted tier for teams who need more.
+```bash
+npm audit signatures
+npm view @askalf/dario dist.integrity
+cd $(npm root -g)/@askalf/dario && npm ls --production
+```
 
 ---
 
 ## FAQ
 
 **Does this violate Anthropic's terms of service?**
-Dario uses your existing Claude Code credentials with the same OAuth tokens. It authenticates you as you, with your subscription, through Anthropic's official API.
+Dario uses your existing Claude Code credentials with the same OAuth tokens CC uses. It authenticates you as you, with your subscription, through Anthropic's official API endpoints.
 
 **What subscription plans work?**
 Claude Max and Claude Pro. Any plan that lets you use Claude Code.
 
-**Does it work with Claude Team / Enterprise?**
-Should work if your plan includes Claude Code access. Not tested yet — please open an issue with results.
+**Does it work with Team / Enterprise?**
+Should work if your plan includes Claude Code access. Not widely tested yet — open an issue with results.
 
 **Do I need Claude Code installed?**
-Recommended but not required. If Claude Code is installed and logged in, `dario login` picks up your credentials automatically. Without Claude Code, dario runs its own OAuth flow to authenticate directly.
+Recommended, not required. With CC installed, `dario login` picks up your credentials automatically. Without CC, dario runs its own OAuth flow against Anthropic's authorize endpoint.
+
+**Do I need Bun?**
+Optional, recommended. Dario auto-relaunches under Bun when it's available so the TLS fingerprint matches CC's runtime. Without Bun, dario runs on Node.js and works fine; the TLS fingerprint is the only difference. Install: `curl -fsSL https://bun.sh/install | bash`.
 
-**First time setup — account priming**
-If dario is the first thing you use with a new Claude account, run a few real Claude Code commands first to establish a session baseline:
+**First time setup on a fresh account.**
+If dario is the first thing you run against a brand-new Claude account, prime the account with a few real Claude Code commands first:
 ```bash
 claude --print "hello"
 claude --print "hello"
-claude --print "hello"
 ```
-This primes the account with legitimate Claude Code sessions. Then start dario normally. Without priming, new accounts may see billing classification issues on first use.
-
-**Do I need Bun installed?**
-Optional but recommended. If [Bun](https://bun.sh) is installed, dario auto-relaunches under it for TLS fingerprint fidelity with Claude Code's runtime. Without Bun, dario runs on Node.js and works fine — the TLS fingerprint is the only difference. Install Bun: `curl -fsSL https://bun.sh/install | bash`
+This establishes a session baseline. Without priming, brand-new accounts occasionally see billing classification issues on first use.
 
 **What happens when my token expires?**
-Dario auto-refreshes tokens 30 minutes before expiry. You should never see an auth error in normal use. If something goes wrong, `dario refresh` forces an immediate refresh.
+Dario auto-refreshes tokens 30 minutes before expiry. `dario refresh` forces an immediate refresh if something goes wrong.
 
 **What happens when Anthropic rotates the OAuth client_id or URL?**
-Dario auto-detects OAuth config from your installed Claude Code binary. When CC ships a new version with rotated values, dario picks them up on the next startup — no dario release needed. The detector is cached at `~/.dario/cc-oauth-cache-v2.json` and only re-scans when the binary fingerprint changes. If CC isn't installed, dario falls back to hardcoded CC 2.1.104 prod values.
+Dario auto-detects OAuth config from your installed Claude Code binary. When CC ships a new version with rotated values, dario picks them up on the next run — no dario release needed. Cache at `~/.dario/cc-oauth-cache-v3.json`, keyed by the CC binary fingerprint. If CC isn't installed, dario falls back to hardcoded CC 2.1.104 prod values.
 
 **I'm hitting rate limits. What do I do?**
-Claude subscriptions have rolling 5-hour and 7-day usage windows. Check your utilization with Claude Code's `/usage` command or the [statusline](https://code.claude.com/docs/en/statusline). Rate limit errors from dario include utilization percentages and reset times so you can see exactly when capacity returns.
+Claude subscriptions have rolling 5-hour and 7-day usage windows. Check utilization with Claude Code's `/usage` command or the [statusline](https://code.claude.com/docs/en/statusline). Dario's rate-limit errors include utilization percentages and reset times so you can see exactly when capacity returns.
 
 **My multi-agent workload is getting reclassified to overage even though dario template-replays per request. Why?**
-Because reclassification at high agent volume is not a per-request problem. Anthropic's classifier operates on cumulative per-OAuth-session behavioral aggregates — token throughput, conversation depth, streaming duration, inter-arrival timing, thinking-block volume. Dario can make each individual request indistinguishable from Claude Code and still hit this wall on a long-running agent session, because the wall isn't at the request level. Thorough diagnostic work on this was contributed by [@belangertrading](https://github.com/belangertrading) in [#23](https://github.com/askalf/dario/issues/23), including the per-request v3.4.3 hardening that landed as a result. For the session-layer shaping itself — multi-account pooling, session rotation, workload distribution that keeps any single account from concentrating the behavioral signal — that's what [askalf](https://askalf.org) is built for. Different layer, different tool.
-
-If you're running a multi-agent workload and consistently hitting limits, [askalf](https://askalf.org) distributes load across multiple accounts automatically.
-
-**What are the usage limits?**
-Claude subscriptions have rolling 5-hour and 7-day usage windows shared across claude.ai and Claude Code. See [Anthropic's docs](https://support.claude.com/en/articles/11647753-how-do-usage-and-length-limits-work) for details.
-
-**Can I run this on a server?**
-Dario binds to localhost by default. For server use, handle the initial login on a machine with a browser, then copy `~/.claude/.credentials.json` (or `~/.dario/credentials.json`) to your server. Auto-refresh will keep it alive from there. If you want dario reachable from other machines on the same LAN or a Tailscale mesh, pass `--host=0.0.0.0` (or a specific interface IP) and set `DARIO_API_KEY` to gate access.
+Because reclassification at high agent volume is not a per-request problem. Anthropic's classifier operates on cumulative per-OAuth-session behavioral aggregates — token throughput, conversation depth, streaming duration, inter-arrival timing, thinking-block volume. Dario can make each individual request indistinguishable from Claude Code and still hit this wall on a long-running agent session, because the wall isn't at the request level. Thorough diagnostic work on this was contributed by [@belangertrading](https://github.com/belangertrading) in [#23](https://github.com/askalf/dario/issues/23), including the per-request v3.4.3 and v3.4.5 hardening that landed as a result. For the session-layer shaping itself — multi-account pooling, session rotation, workload distribution that keeps any single account from concentrating the behavioral signal — that's what [askalf](https://askalf.org) is built for. Different layer, different tool.
 
 **Why "dario"?**
-Named after [Dario Amodei](https://en.wikipedia.org/wiki/Dario_Amodei), CEO of Anthropic.
-
-## Programmatic API
-
-Use dario as a library in your own Node.js app:
-
-```typescript
-import { startProxy, getAccessToken, getStatus } from "@askalf/dario";
-
-// Start the proxy programmatically
-await startProxy({ port: 3456, verbose: true });
+It's a name, not an acronym. Don't overthink it.
 
-// Passthrough mode (OAuth swap only, no injection)
-await startProxy({ port: 3456, passthrough: true });
-
-// Preserve-tools mode (keep client tool schemas)
-await startProxy({ port: 3456, preserveTools: true });
-
-// Or just get a raw access token
-const token = await getAccessToken();
-
-// Check token health
-const status = await getStatus();
-console.log(status.expiresIn); // "11h 42m"
-```
-
-## Trust & Transparency
-
-Dario handles your OAuth tokens. Here's why you can trust it:
-
-| Signal | Status |
-|--------|--------|
-| **Source code** | ~2,000 lines of TypeScript — small enough to audit in one sitting |
-| **Dependencies** | 0 runtime dependencies. Verify: `npm ls --production` |
-| **npm provenance** | Every release is [SLSA attested](https://www.npmjs.com/package/@askalf/dario) via GitHub Actions |
-| **Security scanning** | [CodeQL](https://github.com/askalf/dario/actions/workflows/codeql.yml) runs on every push and weekly |
-| **Credential handling** | Tokens never logged, redacted from errors, stored with 0600 permissions |
-| **Network scope** | Binds to 127.0.0.1 by default; `--host` / `DARIO_HOST` allows LAN/mesh exposure with `DARIO_API_KEY` gating. Upstream traffic goes exclusively to `api.anthropic.com` over HTTPS |
-| **No telemetry** | Zero analytics, tracking, or data collection of any kind |
-| **Audit trail** | [CHANGELOG.md](CHANGELOG.md) documents every release |
-| **Branch protection** | CI must pass before merge. CODEOWNERS enforces review |
+---
 
-Verify the npm package matches this repo:
+## Technical Deep Dives
 
-```bash
-# Check provenance attestation
-npm audit signatures 2>/dev/null; npm view @askalf/dario dist.integrity
+Longer-form writing on how dario works and why it works that way:
 
-# Check dependency tree (should be minimal)
-cd $(npm root -g)/@askalf/dario && npm ls --production
-```
+- [v3.0 Template Replay — why we stopped matching signals](https://github.com/askalf/dario/discussions/14)
+- [Claude Code defaults are detection signals, not optimizations](https://github.com/askalf/dario/discussions/13)
+- [Why Opus feels worse through other proxies and how to fix it](https://github.com/askalf/dario/discussions/9)
+- [Billing tag algorithm and fingerprint analysis](https://github.com/askalf/dario/discussions/8)
+- [Rate limit header analysis](https://github.com/askalf/dario/discussions/1)
 
-## Technical Deep Dives
-
-| Topic | Link |
-|-------|------|
-| v3.0 Template Replay — why we stopped matching signals | [Discussion 14](https://github.com/askalf/dario/discussions/14) |
-| Claude Code defaults are detection signals, not optimizations | [Discussion 13](https://github.com/askalf/dario/discussions/13) |
-| Why Opus feels worse through other proxies and how to fix it | [Discussion 9](https://github.com/askalf/dario/discussions/9) |
-| Billing tag algorithm and fingerprint analysis | [Discussion 8](https://github.com/askalf/dario/discussions/8) |
-| Rate limit header analysis | [Discussion 1](https://github.com/askalf/dario/discussions/1) |
+---
 
 ## Contributing
 
 PRs welcome. The codebase is ~2,000 lines of TypeScript across 7 files:
 
 | File | Purpose |
-|------|---------|
+|---|---|
 | `src/proxy.ts` | HTTP proxy server, rate governor, billing tag, response forwarding |
-| `src/cc-template.ts` | Template engine, tool mapping, orchestration sanitization |
+| `src/cc-template.ts` | Template engine, tool mapping, orchestration & framework scrubbing |
 | `src/cc-template-data.json` | CC request template data (25 tools, 25KB system prompt) |
-| `src/cc-oauth-detect.ts` | Auto-detect OAuth config from the installed CC binary |
-| `src/oauth.ts` | Token storage, PKCE flow, auto-refresh, credential detection |
+| `src/cc-oauth-detect.ts` | OAuth config auto-detection from the installed CC binary |
+| `src/oauth.ts` | Token storage, PKCE flow, auto-refresh |
 | `src/cli.ts` | CLI entry point, command routing, Bun auto-relaunch |
 | `src/index.ts` | Library exports |
 
@@ -670,15 +457,20 @@ PRs welcome. The codebase is ~2,000 lines of TypeScript across 7 files:
 git clone https://github.com/askalf/dario
 cd dario
 npm install
-npm run dev   # runs with tsx (no build needed)
+npm run dev   # runs with tsx, no build step
 ```
 
+---
+
 ## Contributors
 
 | Who | Contributions |
-|-----|---------------|
+|---|---|
 | [@GodsBoy](https://github.com/GodsBoy) | Proxy authentication, token redaction, error sanitization ([#2](https://github.com/askalf/dario/pull/2)) |
 | [@belangertrading](https://github.com/belangertrading) | Billing classification investigation ([#4](https://github.com/askalf/dario/issues/4)), cache_control fingerprinting ([#6](https://github.com/askalf/dario/issues/6)), billing reclassification root cause ([#7](https://github.com/askalf/dario/issues/7)), OAuth client_id discovery ([#12](https://github.com/askalf/dario/issues/12)), multi-agent session-level billing analysis ([#23](https://github.com/askalf/dario/issues/23)) |
+| [@nathan-widjaja](https://github.com/nathan-widjaja) | README positioning rewrite structure ([#21](https://github.com/askalf/dario/issues/21)) |
+
+---
 
 ## License