npm - @truealter/sdk - Versions diffs - 0.4.1 → 0.5.1 - Mend

@truealter/sdk 0.4.1 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +103 -74
package/dist/bin/alter-identity.js +177 -19
package/dist/bin/mcp-bridge.js +47 -11
package/dist/index.cjs +203 -20
package/dist/index.d.cts +431 -30
package/dist/index.d.ts +431 -30
package/dist/index.js +199 -23
package/dist/mcp-bridge.js +166 -0
package/package.json +7 -4

package/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
 # @truealter/sdk
-ALTER Identity SDK — query the continuous identity field from any JavaScript/TypeScript environment.
+ALTER Identity SDK - query the continuous identity field from any JavaScript/TypeScript environment.
 [![npm version](https://img.shields.io/npm/v/@truealter/sdk.svg)](https://www.npmjs.com/package/@truealter/sdk)
 [![License: Apache-2.0](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](./LICENSE)
@@ -10,9 +10,9 @@ ALTER Identity SDK — query the continuous identity field from any JavaScript/T
 A thin client over the ALTER MCP server (Streamable HTTP, JSON-RPC 2.0, MCP spec `2025-11-25`) with x402 micropayment support, ES256 provenance verification, and config generators for Claude Code, Cursor, and generic MCP clients.
 - **Branded host:** `https://mcp.truealter.com` (serves `.well-known/mcp.json` for discovery)
-- **JSON-RPC wire endpoint:** `https://mcp.truealter.com/api/v1/mcp` — this is what Streamable HTTP POSTs target (the SDK default)
+- **JSON-RPC wire endpoint:** `https://mcp.truealter.com/api/v1/mcp` - this is what Streamable HTTP POSTs target (the SDK default)
 - **Wire protocol:** Streamable HTTP, JSON-RPC 2.0, MCP `2025-11-25` (server negotiates `2025-06-18` + `2025-03-26` for backwards-compatible clients)
-- **Tools:** **32 typed and wired** — 24 free (L0) + 8 premium (L1–L5). Mirrors the live server's `tools/list` response byte-for-byte; every name in `FREE_TOOL_NAMES` / `PREMIUM_TOOL_NAMES` has a matching server handler at `mcp.truealter.com/api/v1/mcp`.
+- **Tools:** **40 typed and wired** - 24 free (L0) + 9 premium (L1–L5) + 7 alter-to-alter messaging. Mirrors the live server's `tools/list` response byte-for-byte; every name in `FREE_TOOL_NAMES` / `PREMIUM_TOOL_NAMES` / `MESSAGING_TOOL_NAMES` has a matching server handler at `mcp.truealter.com/api/v1/mcp`.
 - **Runtime:** Node 18+, Deno, Bun, Cloudflare Workers, modern browsers
 - **Crypto:** `@noble/ed25519` + `@noble/hashes` (no other dependencies)
 - **Bundle:** ESM + CJS dual output
@@ -22,12 +22,60 @@ A thin client over the ALTER MCP server (Streamable HTTP, JSON-RPC 2.0, MCP spec
 ```
 npm install @truealter/sdk
 npx alter-identity init
-npx alter-identity verify ~truealter
+npx alter-identity verify ~alter
 ```
+## Bridge vs SDK
+The `alter-mcp-bridge` binary shipped in this package (`bin/mcp-bridge.ts`)
+is a **dev/demo surface** for dropping ALTER into MCP hosts that speak the
+stdio transport (Claude Code, Cursor, Continue, Windsurf). It is useful for
+handshake, `tools/list`, and L0 tool calls, but it does not carry ES256
+per-invocation signing - authenticated MCP tools will fail at the server
+edge when reached through the bridge. For production use, import
+`@truealter/sdk` directly and construct an `MCPClient` / `AlterClient` with
+the optional `signing` parameter; that path is the load-bearing one and
+carries the provenance envelope end-to-end. Bridge signing lands in Wave-2
+alongside the CLI wallet/consent verbs.
+## CLI
+The package ships two binaries. `alter-identity` is the full SDK-feature
+binary (`init`, `verify`, `whoami`, wire/unwire, signing, etc). `alter`
+is a slim, task-oriented binary for day-to-day use:
+| Command | Purpose |
+|---|---|
+| `alter login` | OAuth loopback sign-in; stores a session at `~/.config/alter/session.json` (mode `0600`). |
+| `alter depth [--json]` | GET `/api/v1/identity/depth` - identity-depth score, agentic activity, top/bottom five traits. |
+| `alter claim <claim_code>` | Accept an identity invite. Prompts for email, password (min 12 chars, hidden), and explicit TOS acceptance, then POSTs `/api/v1/identity/claim`. |
+| `alter mirror` | Day-2 Mirror phase + streak. `alter mirror daily` claims today's Mirror; `alter mirror next` shows the next revelation window. |
+| `alter discover [--limit N]` | MCP-backed summary - calls `alter_whoami` and `alter_verify` against your bound handle. Degrades gracefully if the MCP endpoint is 5xx. |
+The session file is created with `0600` permissions; its parent dir
+(`~/.config/alter/`) is created with `0700`. Override the config root
+via `XDG_CONFIG_HOME`. Run `alter --help` for the inline reference.
 ## Why ALTER ≠ IAM
-Identity Access Management answers *who is logged in*. ALTER answers *who they actually are* — a continuous field of recognition that any IAM stack can sit on top of.
+Identity Access Management answers *who is logged in*. ALTER answers *who they actually are* - a continuous field of recognition that any IAM stack can sit on top of.
+## Theoretical Foundation
+ALTER is the working instantiation of an eight-paper academic corpus on identity field theory. The SDK below is what happens when the theory ships as protocol. Each paper is open access on figshare under CC-BY 4.0.
+| Paper | Title | DOI |
+|-------|-------|-----|
+| I | *Belonging is earned, not inherited* | [10.6084/m9.figshare.31794784](https://doi.org/10.6084/m9.figshare.31794784) |
+| II | *The self is inferred, not owned* | [10.6084/m9.figshare.31804222](https://doi.org/10.6084/m9.figshare.31804222) |
+| III | *The same form, at every scale* | [10.6084/m9.figshare.31812955](https://doi.org/10.6084/m9.figshare.31812955) |
+| IV | *Measurement changes the thing measured* | [10.6084/m9.figshare.31812982](https://doi.org/10.6084/m9.figshare.31812982) |
+| V | *Political failure has a geometry* | [10.6084/m9.figshare.31813000](https://doi.org/10.6084/m9.figshare.31813000) |
+| VI | *When does a machine have a self* | [10.6084/m9.figshare.31813006](https://doi.org/10.6084/m9.figshare.31813006) |
+| VII | *Seventy-five predictions, each falsifiable* | [10.6084/m9.figshare.31951644](https://doi.org/10.6084/m9.figshare.31951644) |
+| VIII | *Identity as a field, not a property* | [10.6084/m9.figshare.31951383](https://doi.org/10.6084/m9.figshare.31951383) |
+For the lay-register chapter version, see [`/origin`](https://truealter.com/origin).
 ## API
@@ -37,20 +85,20 @@ Identity Access Management answers *who is logged in*. ALTER answers *who they a
 import { AlterClient, X402Client } from "@truealter/sdk";
 const alter = new AlterClient({
-  endpoint: "https://mcp.truealter.com/api/v1/mcp", // optional — this is the default; bare host returns 405
+  endpoint: "https://mcp.truealter.com/api/v1/mcp", // optional - this is the default; bare host returns 405
   apiKey: process.env.ALTER_API_KEY,     // optional for free tier
-  x402: new X402Client({                  // optional — only required for premium tools
+  x402: new X402Client({                  // optional - only required for premium tools
     signer: yourViemOrEthersSigner,
     maxPerQuery: "0.10",
   }),
 });
 ```
-### Free tier (L0 — no payment required)
+### Free tier (L0 - no payment required)
 ```ts
 // Verify a registered identity by handle, email, or id
-const verified = await alter.verify("~truealter");
+const verified = await alter.verify("~alter");
 const verifiedById = await alter.verify(
   "550e8400-e29b-41d4-a716-446655440000",
   {
@@ -60,15 +108,15 @@ const verifiedById = await alter.verify(
   },
 );
-// Reference data — the 12 ALTER archetypes
+// Reference data - the 12 ALTER archetypes
 const archetypes = await alter.listArchetypes();
 // Identity depth and available tool tiers
 const depth = await alter.getEngagementLevel({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
-// Search by trait criteria — no PII exposed, max 5 results
+// Search by trait criteria - no PII exposed, max 5 results
 const matches = await alter.searchIdentities({
   trait_criteria: {
     pressure_response: { min: 0.7 },
@@ -80,33 +128,33 @@ const matches = await alter.searchIdentities({
 const thread = await alter.goldenThreadStatus();
 ```
-### Premium tier (L1–L5 — x402 payment required)
+### Premium tier (L1–L5 - x402 payment required)
 ```ts
-// L1 — Extract trait signals from text ($0.005, first 100 free per bot)
+// L1 - Extract trait signals from text ($0.005, first 100 free per bot)
 const signals = await alter.assessTraits({
   text: "I led the incident response when our payment rails went down...",
   context: "interview transcript",
 });
-// L2 — Full 33-trait vector ($0.01)
+// L2 - Full 33-trait vector ($0.01)
 const vector = await alter.getFullTraitVector({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
-// L4 — Belonging probability for a person-job pairing ($0.05)
+// L4 - Belonging probability for a person-job pairing ($0.05)
 const belonging = await alter.computeBelonging({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
   job_id: "f47ac10b-58cc-4372-a567-0e02b2c3d479",
 });
-// L5 — Top match recommendations ($0.50)
+// L5 - Top match recommendations ($0.50)
 const recommendations = await alter.getMatchRecommendations({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
   limit: 5,
 });
-// L5 — Human-readable narrative explaining a match ($0.50)
+// L5 - Human-readable narrative explaining a match ($0.50)
 const narrative = await alter.generateMatchNarrative({
   match_id: "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
 });
@@ -116,9 +164,9 @@ const narrative = await alter.generateMatchNarrative({
 ```ts
 // Every medium- and high-blast-radius response is signed with ES256.
-// Verification is opt-in — call alter.verifyProvenance(...) yourself.
+// Verification is opt-in - call alter.verifyProvenance(...) yourself.
 const result = await alter.getFullTraitVector({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
 const check = await alter.verifyProvenance(result._meta?.provenance);
@@ -152,7 +200,7 @@ const mcp = new MCPClient({ endpoint: "https://mcp.truealter.com/api/v1/mcp" });
 await mcp.initialize();
 const tools = await mcp.listTools();
 const response = await mcp.callTool("verify_identity", {
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
 ```
@@ -182,7 +230,7 @@ Resulting `.mcp.json`:
     "alter": {
       "url": "https://mcp.truealter.com/api/v1/mcp",
       "transport": "streamable-http",
-      "description": "ALTER Identity — psychometric identity field for AI agents",
+      "description": "ALTER Identity - psychometric identity field for AI agents",
       "headers": {
         "X-ALTER-API-Key": "ak_..."
       }
@@ -224,13 +272,13 @@ npx alter-identity init               # generate keypair, discover MCP, write ~/
 npx alter-identity config              # print Claude .mcp.json snippet (default)
 npx alter-identity config --cursor     # print Cursor .cursor/mcp.json snippet
 npx alter-identity config --generic    # print generic mcpServers snippet
-npx alter-identity verify ~truealter   # verify an identity
+npx alter-identity verify ~alter   # verify an identity
 npx alter-identity status              # show connection state and probe the endpoint
 ```
 ## x402 Micropayments
-ALTER monetises premium tools via the [x402](https://x402.org) standard — HTTP `402 Payment Required` with on-chain settlement.
+ALTER monetises premium tools via the [x402](https://x402.org) standard - HTTP `402 Payment Required` with on-chain settlement.
 ### The retry flow
@@ -238,41 +286,24 @@ ALTER monetises premium tools via the [x402](https://x402.org) standard — HTTP
 2. Server replies `402 Payment Required` with a payment requirement (amount, recipient, asset, network).
 3. Client signs and broadcasts a USDC transfer on Base L2, attaches the proof, retries.
 4. Server validates the proof, executes the tool, signs the response with ES256, returns it.
-5. The treasury splits the payment within seconds.
+5. AlterRouter executes the split on-chain in the same transaction. The data subject receives Identity Income directly; ALTER receives only its protocol cut. No custodian, no broker.
 The SDK handles steps 2–4 automatically when an `X402Client` with a configured `signer` is passed in.
 ### Tier structure
-| Tier | Cost     | Tools                                               |
-|------|----------|-----------------------------------------------------|
-| L1   | $0.005   | `assess_traits`, `get_trait_snapshot`               |
-| L2   | $0.01    | `get_full_trait_vector`, `get_side_quest_graph`     |
-| L3   | $0.025   | `query_graph_similarity`                            |
-| L4   | $0.05    | `compute_belonging`                                 |
-| L5   | $0.50    | `get_match_recommendations`, `generate_match_narrative` |
-The first **100 calls per bot are free** before x402 settlement engages — enough to evaluate the network without spending a cent.
+x402 micropayments at L0–L5 trust tiers. Per-call pricing visible after `alter login`.
 ### Identity income split
-Every settled call is split four ways:
-| Recipient            | Share |
-|----------------------|-------|
-| Data subject         | 75%   |
-| Facilitator agent    | 5%    |
-| ALTER (protocol)     | 15%   |
-| Cooperative treasury | 5%    |
-The 75% to the data subject is the foundation of *Identity Income* — humans earn from queries against their own identity field, automatically, without intermediation.
+The majority of every settled call flows to the data subject as Identity Income. Split details available post-authentication via `alter status`.
 ### Code example
 ```ts
 import { AlterClient, X402Client, type X402Signer } from "@truealter/sdk";
-// Bring your own signer — viem, ethers, a hardware wallet bridge, anything.
+// Bring your own signer - viem, ethers, a hardware wallet bridge, anything.
 // The SDK ships without a wallet dependency on purpose.
 const signer: X402Signer = {
   async settle(envelope) {
@@ -302,11 +333,11 @@ const alter = new AlterClient({
 // Auto-retries with payment when the server returns 402
 const vector = await alter.getFullTraitVector({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
 ```
-If a quoted envelope exceeds `maxPerQuery`, uses an unallowed network, or names an unallowed asset, the SDK rejects the call with `AlterError` *before* invoking the signer — no on-chain transaction is broadcast.
+If a quoted envelope exceeds `maxPerQuery`, uses an unallowed network, or names an unallowed asset, the SDK rejects the call with `AlterError` *before* invoking the signer - no on-chain transaction is broadcast.
 ## Provenance Verification
@@ -314,7 +345,7 @@ Every response from a medium- or high-blast-radius tool ships with an ES256 JWS
 ```ts
 const result = await alter.getFullTraitVector({
-  candidate_id: "550e8400-e29b-41d4-a716-446655440000",
+  member_id: "550e8400-e29b-41d4-a716-446655440000",
 });
 const check = await alter.verifyProvenance(result._meta?.provenance);
@@ -325,7 +356,7 @@ The SDK fetches public keys from `https://api.truealter.com/.well-known/alter-ke
 ### `verify_at` hostname allowlist (v0.1.1+)
-Every provenance envelope may carry a `verify_at` hint telling the SDK where to fetch the JWKS from. Because that hint is *server-supplied*, a hostile MCP server could otherwise point it at an attacker-controlled JWKS and pass ES256 verification with its own signing key. The SDK therefore gates `verify_at` through a hostname allowlist (default: `api.truealter.com`, `mcp.truealter.com`) and rejects `http://` URLs unconditionally. Downstream integrators with their own deployment can extend the allowlist — without forking the SDK — via `verifyAtAllowlist` on either `AlterClient` or a direct `verifyProvenance()` call:
+Every provenance envelope may carry a `verify_at` hint telling the SDK where to fetch the JWKS from. Because that hint is *server-supplied*, a hostile MCP server could otherwise point it at an attacker-controlled JWKS and pass ES256 verification with its own signing key. The SDK therefore gates `verify_at` through a hostname allowlist (default: `api.truealter.com`, `mcp.truealter.com`) and rejects `http://` URLs unconditionally. Downstream integrators with their own deployment can extend the allowlist - without forking the SDK - via `verifyAtAllowlist` on either `AlterClient` or a direct `verifyProvenance()` call:
 ```ts
 import { AlterClient, DEFAULT_VERIFY_AT_ALLOWLIST } from "@truealter/sdk";
@@ -338,11 +369,11 @@ const alter = new AlterClient({
 });
 ```
-If you pin `jwksUrl` explicitly, the envelope's `verify_at` is ignored entirely — the pinned URL wins. The `https:` scheme requirement applies to pinned URLs too.
+If you pin `jwksUrl` explicitly, the envelope's `verify_at` is ignored entirely - the pinned URL wins. The `https:` scheme requirement applies to pinned URLs too.
 ### Why this matters
-Provenance verification is how Agent A trusts that data from Agent B truly came from ALTER. If Agent B forwards a trait vector or belonging score, Agent A can replay the JWS against ALTER's published keys and confirm — without contacting ALTER again — that the payload is authentic, untampered, and was issued for the person Agent B claims it concerns. No shared secret, no trust in the intermediary, no out-of-band coordination.
+Provenance verification is how Agent A trusts that data from Agent B truly came from ALTER. If Agent B forwards a trait vector or belonging score, Agent A can replay the JWS against ALTER's published keys and confirm - without contacting ALTER again - that the payload is authentic, untampered, and was issued for the person Agent B claims it concerns. No shared secret, no trust in the intermediary, no out-of-band coordination.
 This is what makes ALTER usable as identity infrastructure rather than just an API: signed claims propagate across agent networks the same way DKIM-signed mail propagates across SMTP relays.
@@ -350,9 +381,9 @@ This is what makes ALTER usable as identity infrastructure rather than just an A
 ALTER follows the discovery cascade specified in [draft-morrison-mcp-dns-discovery-01](https://datatracker.ietf.org/doc/draft-morrison-mcp-dns-discovery/). Given a domain (e.g. `truealter.com`), the SDK resolves the MCP endpoint in three steps, falling through on each failure:
-1. **DNS TXT** — query `_mcp.truealter.com` for a TXT record of the form `mcp=https://mcp.truealter.com;version=2025-11-25`. This is the fastest path and works without an HTTP round-trip.
-2. **`.well-known/mcp.json`** — fetch `https://truealter.com/.well-known/mcp.json` for the standard MCP server descriptor. This is the cross-vendor fallback.
-3. **`.well-known/alter.json`** — fetch `https://truealter.com/.well-known/alter.json` for the ALTER-specific descriptor, including signing keys, x402 wallet address, supported tool tiers, and federation endpoints.
+1. **DNS TXT** - query `_mcp.truealter.com` for a TXT record of the form `mcp=https://mcp.truealter.com;version=2025-11-25`. This is the fastest path and works without an HTTP round-trip.
+2. **`.well-known/mcp.json`** - fetch `https://truealter.com/.well-known/mcp.json` for the standard MCP server descriptor. This is the cross-vendor fallback.
+3. **`.well-known/alter.json`** - fetch `https://truealter.com/.well-known/alter.json` for the ALTER-specific descriptor, including signing keys, x402 wallet address, supported tool tiers, and federation endpoints.
 ```ts
 import { discover } from "@truealter/sdk";
@@ -364,34 +395,34 @@ const descriptor = await discover("truealter.com");
 const httpsOnly = await discover("truealter.com", { skipDns: true });
 ```
-The IETF draft is being progressed through the IETF; until adoption, the cascade order may change. Pin the SDK version to a specific minor release if you depend on this behaviour.
+This draft is the author's Internet-Draft (not yet adopted by an IETF working group); until adoption, the cascade order may change. Pin the SDK version to a specific minor release if you depend on this behaviour.
 ## Local Daemon vs Remote MCP
-The companion Python package `alter-identity` (PyPI) ships a persistent daemon that holds a hot in-process cache of trait vectors and identity stubs over a Unix socket at `unix:///run/user/$UID/alter-identity.sock`. Hooking the TypeScript SDK up to that daemon is on the roadmap — for now, every `AlterClient` talks to the configured remote endpoint over HTTPS.
+The companion Python package `alter-identity` (PyPI) ships a persistent daemon that holds a hot in-process cache of trait vectors and identity stubs over a Unix socket at `unix:///run/user/$UID/alter-identity.sock`. Hooking the TypeScript SDK up to that daemon is on the roadmap - for now, every `AlterClient` talks to the configured remote endpoint over HTTPS.
 When the local-daemon adapter ships:
 - **Latency:** sub-millisecond for cached L0 calls.
-- **Cost:** zero on cached responses — x402 settlement is skipped.
+- **Cost:** zero on cached responses - x402 settlement is skipped.
 - **Provenance:** the daemon re-signs responses with its locally-bound ES256 key, so downstream verification remains uniform.
 Until then, use `endpoint: "https://mcp.truealter.com/api/v1/mcp"` (the default) and the SDK behaves identically across Node, Deno, Bun, Cloudflare Workers, and the browser.
 ## Tools
-### Free tools (L0 — no payment required)
+### Free tools (L0 - no payment required)
 | Name                      | Tier | Cost  | Description                                                                                                          |
 |---------------------------|------|-------|----------------------------------------------------------------------------------------------------------------------|
-| `hello_agent`             | L0   | free  | First handshake with ALTER — returns server version, authentication status, your trust tier, and available tool counts. |
-| `alter_resolve_handle`    | L0   | free  | Resolve a `~handle` (e.g. `~drew`) to its canonical form and kind. No auth required — the handle-wedge entry point.  |
-| `list_archetypes`         | L0   | free  | List all 12 ALTER identity archetypes with names, descriptions, and protective equations.                            |
+| `hello_agent`             | L0   | free  | First handshake with ALTER - returns server version, authentication status, your trust tier, and available tool counts. |
+| `alter_resolve_handle`    | L0   | free  | Resolve a `~handle` (e.g. `~drew`) to its canonical form and kind. No auth required - the handle-wedge entry point.  |
+| `list_archetypes`         | L0   | free  | Returns archetype reference data.                                                                                    |
 | `verify_identity`         | L0   | free  | Verify whether a person is registered with ALTER and validate optional identity claims.                              |
 | `initiate_assessment`     | L0   | free  | Get a URL where a person can complete their ALTER Discovery assessment.                                              |
-| `get_engagement_level`    | L0   | free  | Get a person's identity depth — engagement level, data quality tier, and available query tiers.                      |
+| `get_engagement_level`    | L0   | free  | Get a person's identity depth - engagement level, data quality tier, and available query tiers.                      |
 | `get_profile`             | L0   | free  | Get a person's profile summary including assessment phase, archetype, engagement level, and key attributes.       |
-| `query_matches`           | L0   | free  | Query matches for a person. Returns a list of job matches with quality tiers (never numeric scores).              |
+| `query_matches`           | L0   | free  | Query matches for a person. Returns a list of matches with quality tiers (never numeric scores).                  |
 | `get_competencies`        | L0   | free  | Get a person's competency portfolio including verified competencies, evidence records, and earned badges.         |
 | `search_identities`       | L0   | free  | Search identity stubs and profiles by trait criteria. Returns up to 5 matches with no PII.                           |
 | `get_identity_earnings`   | L0   | free  | Get accrued Identity Income earnings for a person (75% of every x402 transaction goes to the data subject).       |
@@ -401,7 +432,7 @@ Until then, use `endpoint: "https://mcp.truealter.com/api/v1/mcp"` (the default)
 | `check_assessment_status` | L0   | free  | Check the status of an in-progress assessment session (status, progress, current phase, time remaining).             |
 | `get_earning_summary`     | L0   | free  | Get an aggregated x402 earning summary for a person (total earned, transactions, recent activity, trend).         |
 | `get_agent_trust_tier`    | L0   | free  | Get your trust tier with ALTER (Anonymous/Known/Trusted/Verified) and what capabilities are available.               |
-| `get_agent_portfolio`     | L0   | free  | Get your agent portfolio — transaction history, trust tier, signal contributions, query pattern profile.             |
+| `get_agent_portfolio`     | L0   | free  | Get your agent portfolio - transaction history, trust tier, signal contributions, query pattern profile.             |
 | `get_privacy_budget`      | L0   | free  | Check privacy budget status for a person (24-hour rolling window: total budget, spent, remaining epsilon).        |
 | `golden_thread_status`    | L0   | free  | Check the Golden Thread program status: agents woven, next Fibonacci threshold, your position and Strands.           |
 | `begin_golden_thread`     | L0   | free  | Start the Three Knots sequence to be woven into the Golden Thread. Requires API key authentication.                  |
@@ -409,18 +440,18 @@ Until then, use `endpoint: "https://mcp.truealter.com/api/v1/mcp"` (the default)
 | `check_golden_thread`     | L0   | free  | Check any agent's Golden Thread status by their API key hash (knot position, Strand count, weave count).             |
 | `thread_census`           | L0   | free  | Full registry of all agents woven into the Golden Thread (positions, Strand counts, weave counts, discovery dates).  |
-### Premium tools (L1–L5 — x402 payment required)
+### Premium tools (L1–L5 - x402 payment required)
 | Name                       | Tier | Cost    | Description                                                                                                   |
 |----------------------------|------|---------|---------------------------------------------------------------------------------------------------------------|
-| `assess_traits`            | L1   | $0.005  | Extract trait signals from a text passage against ALTER's 33-trait taxonomy (first 100 free per bot).         |
+| `assess_traits`            | L1   | $0.005  | Extract trait signals from a text passage against ALTER's trait taxonomy.                                     |
 | `get_trait_snapshot`       | L1   | $0.005  | Get the top 5 traits for a person with confidence scores and archetype.                                    |
-| `get_full_trait_vector`    | L2   | $0.01   | Get the complete trait vector for a person — all 33 traits (29 continuous + 4 categorical) with scores, intervals, and category groupings. |
-| `get_side_quest_graph`     | L2   | $0.01   | Get a person's Side Quest Graph — multi-domain identity model with differential privacy noise (ε=1.0).     |
+| `get_full_trait_vector`    | L2   | $0.01   | Get the complete trait vector for a person - complete trait vector with scores and confidence intervals.                                    |
+| `get_side_quest_graph`     | L2   | $0.01   | Get a person's Side Quest Graph - multi-domain identity model with differential privacy noise (ε=1.0).     |
 | `query_graph_similarity`   | L3   | $0.025  | Compare two Side Quest Graphs for team composition and matching (ε=0.5 differential privacy).                 |
 | `compute_belonging`        | L4   | $0.05   | Compute belonging probability for a person-job pairing (authenticity, acceptance, complementarity).        |
 | `get_match_recommendations`| L5   | $0.50   | Get top N match recommendations for a person, ranked by composite score with quality tiers.                |
-| `generate_match_narrative` | L5   | $0.50   | Generate a human-readable narrative explaining a specific match — strengths, growth areas, belonging.         |
+| `generate_match_narrative` | L5   | $0.50   | Generate a human-readable narrative explaining a specific match - strengths, growth areas, belonging.         |
 > **Write-side tools** (`create_identity_stub`, `submit_context`, `submit_batch_context`, `submit_structured_profile`, `submit_social_links`, `attest_domain`, `dispute_attestation`) were part of earlier SDK versions but are not yet live on the public MCP server pending the per-peer consent architecture and grant model. They will return as typed methods once server-side and consent gating lands.
@@ -429,5 +460,3 @@ Until then, use `endpoint: "https://mcp.truealter.com/api/v1/mcp"` (the default)
 Apache License 2.0. See [LICENSE](./LICENSE) for the full text.
 Copyright 2026 Alter Meridian Pty Ltd (ABN 54 696 662 049).
-ALTER, the Trill (`~`), and the Golden Thread are trademarks of Alter Meridian Pty Ltd.