run402 2.43.0 → 2.44.0

package/cli.mjs

@@ -47,7 +47,7 @@ Commands:
   message     Send messages to Run402 developers
   auth        Manage project user authentication (magic link, passwords, settings)
   sender-domain  Manage custom email sender domain (register, status, remove)
-  billing     Email billing accounts, Stripe tier checkout, email packs
+  billing     Email organizations, Stripe tier checkout, email packs
   contracts   KMS contract wallets ($0.04/day rental + $0.000005/sign)
   agent       Manage agent identity (contact info)
   operator    Operator (human/email) session — login, then overview across your wallets

package/lib/admin.mjs

@@ -8,9 +8,9 @@ Usage:
   run402 admin <subcommand> [args...]
 
 Subcommands:
-  lease-perpetual <billing_account_id> (--enable | --disable)
-                                         Toggle the account-level escape hatch.
-                                         When enabled, the account never advances
+  lease-perpetual <organization_id> (--enable | --disable)
+                                         Toggle the organization-level escape hatch.
+                                         When enabled, the organization never advances
                                          past 'active' regardless of lease expiry.
                                          If the account is currently in a grace
                                          state, enabling reactivates it inline
@@ -19,12 +19,12 @@ Subcommands:
 
   archive <project_id> [--reason "..."]  Moderate-archive a single project. Sets
                                          projects.archived_at = NOW(). Independent
-                                         of account lifecycle; the rest of the
-                                         account's projects keep serving.
+                                         of organization lifecycle; the rest of the
+                                         organization's projects keep serving.
 
   reactivate <project_id>                Un-archive a project (flips archived_at
                                          back to NULL). In v1.57 this no longer
-                                         touches account-level lifecycle — to
+                                         touches organization-level lifecycle — to
                                          reactivate a grace-state account, use
                                          \`tier set <tier>\` or enable
                                          lease-perpetual above.
@@ -36,17 +36,17 @@ Notes:
   - Output is JSON.
 
 Examples:
-  run402 admin lease-perpetual ba_abc123 --enable
-  run402 admin lease-perpetual ba_abc123 --disable
+  run402 admin lease-perpetual org_abc123 --enable
+  run402 admin lease-perpetual org_abc123 --disable
   run402 admin archive prj_abuse --reason "ToS violation"
   run402 admin reactivate prj_abuse
 `;
 
 const SUB_HELP = {
-  "lease-perpetual": `run402 admin lease-perpetual — Toggle the account-level escape hatch
+  "lease-perpetual": `run402 admin lease-perpetual — Toggle the organization-level escape hatch
 
 Usage:
-  run402 admin lease-perpetual <billing_account_id> (--enable | --disable)
+  run402 admin lease-perpetual <organization_id> (--enable | --disable)
 
 Options:
   --enable    Set lease_perpetual = true (pins every project on the account)
@@ -59,8 +59,8 @@ Notes:
     the gateway reactivates inline and reports \`reactivated: true\`.
 
 Examples:
-  run402 admin lease-perpetual ba_abc123 --enable
-  run402 admin lease-perpetual ba_abc123 --disable
+  run402 admin lease-perpetual org_abc123 --enable
+  run402 admin lease-perpetual org_abc123 --disable
 `,
   archive: `run402 admin archive — Moderate-archive a single project
 
@@ -71,8 +71,8 @@ Options:
   --reason <text>    Free-text moderation reason recorded in the audit log.
 
 Notes:
-  - Sets projects.archived_at = NOW(). Independent of account-level lifecycle —
-    only this project goes dark; siblings on the same billing account keep
+  - Sets projects.archived_at = NOW(). Independent of organization-level lifecycle —
+    only this project goes dark; siblings on the same organization keep
     serving.
   - No-op when the project is already archived (returns \`note: "already
     archived"\` without changing archived_at).
@@ -88,9 +88,9 @@ Usage:
 
 Notes:
   - Flips projects.archived_at back to NULL. In v1.57 this was narrowed:
-    account-level lifecycle reactivation is NOT triggered. Use
+    organization-level lifecycle reactivation is NOT triggered. Use
     \`run402 tier set <tier>\` (the tier flow runs the lifecycle advance) or
-    \`run402 admin lease-perpetual <ba_id> --enable\` for that.
+    \`run402 admin lease-perpetual <org_id> --enable\` for that.
   - No-op when the project is not archived (returns \`note: "not archived"\`).
 
 Examples:
@@ -110,25 +110,25 @@ function validateFlags(sub, args) {
 }
 
 async function leasePerpetual(args) {
-  const accountId = args.find((a) => typeof a === "string" && !a.startsWith("--"));
+  const organizationId = args.find((a) => typeof a === "string" && !a.startsWith("--"));
   const enable = args.includes("--enable");
   const disable = args.includes("--disable");
-  if (!accountId) {
+  if (!organizationId) {
     fail({
       code: "BAD_USAGE",
-      message: "Missing <billing_account_id>.",
-      hint: "run402 admin lease-perpetual <billing_account_id> --enable | --disable",
+      message: "Missing <organization_id>.",
+      hint: "run402 admin lease-perpetual <organization_id> --enable | --disable",
     });
   }
   if (enable === disable) {
     fail({
       code: "BAD_USAGE",
       message: "Pass exactly one of --enable / --disable.",
-      hint: "run402 admin lease-perpetual <billing_account_id> --enable | --disable",
+      hint: "run402 admin lease-perpetual <organization_id> --enable | --disable",
     });
   }
   try {
-    const data = await getSdk().admin.setLeasePerpetual(accountId, enable);
+    const data = await getSdk().admin.setLeasePerpetual(organizationId, enable);
     console.log(JSON.stringify(data, null, 2));
   } catch (err) {
     reportSdkError(err);

package/lib/allowance.mjs

@@ -238,7 +238,7 @@ async function balance() {
       "base-sepolia_usd_micros": sepoliaUsdc,
       "tempo-moderato_pathusd_micros": tempoPathUsd,
     },
-    run402: billingRes ? { balance_usd_micros: billingRes.available_usd_micros } : "no billing account",
+    run402: billingRes ? { balance_usd_micros: billingRes.available_usd_micros } : "no organization",
   }, null, 2));
 }
 

package/lib/billing.mjs

@@ -2,25 +2,25 @@ import { getSdk } from "./sdk.mjs";
 import { reportSdkError, fail } from "./sdk-errors.mjs";
 import { assertKnownFlags, flagValue, normalizeArgv, parseIntegerFlag, positionalArgs } from "./argparse.mjs";
 
-const HELP = `run402 billing — Email billing accounts, Stripe tier checkout, email packs
+const HELP = `run402 billing — Email organizations, Stripe tier checkout, email packs
 
 Usage:
   run402 billing <subcommand> [args...]
 
 Subcommands:
-  create-email <email>                     Create an email billing account
-  link-wallet <account_id> <wallet>        Link a wallet to an email account
+  create-email <email>                     Create an email organization
+  link-wallet <org_id> <wallet>        Link a wallet to an email organization
   tier-checkout <tier> [--email <e> | --wallet <w>]    Stripe tier checkout
   buy-email-pack [--email <e> | --wallet <w>]  Buy \$5 email pack (10,000 emails)
-  auto-recharge <account_id> <on|off> [--threshold <n>]
-  balance <identifier>                     Balance by account id (UUID), wallet (0x...), or email
-  history <identifier> [--limit <n>]       Ledger history by account id (UUID), wallet, or email
+  auto-recharge <org_id> <on|off> [--threshold <n>]
+  balance <identifier>                     Balance by organization id (UUID), wallet (0x...), or email
+  history <identifier> [--limit <n>]       Ledger history by organization id (UUID), wallet, or email
 
 Examples:
   run402 billing create-email user@example.com
   run402 billing tier-checkout hobby --email user@example.com
   run402 billing buy-email-pack --wallet 0x1234...
-  run402 billing auto-recharge acct_abc on --threshold 2000
+  run402 billing auto-recharge org_abc on --threshold 2000
   run402 billing balance user@example.com
 `;
 
@@ -34,7 +34,7 @@ Arguments:
   <tier>              Tier name (e.g. hobby, pro)
 
 Options:
-  --email <e>         Email billing account to charge
+  --email <e>         Email organization to charge
   --wallet <w>        Wallet address (0x...) to associate with the checkout
 
 Examples:
@@ -47,7 +47,7 @@ Usage:
   run402 billing buy-email-pack [--email <e> | --wallet <w>]
 
 Options:
-  --email <e>         Email billing account to charge
+  --email <e>         Email organization to charge
   --wallet <w>        Wallet address (0x...) to associate with the purchase
 
 Examples:
@@ -57,33 +57,33 @@ Examples:
   "auto-recharge": `run402 billing auto-recharge — Toggle email-pack auto-recharge
 
 Usage:
-  run402 billing auto-recharge <account_id> <on|off> [--threshold <n>]
+  run402 billing auto-recharge <org_id> <on|off> [--threshold <n>]
 
 Arguments:
-  <account_id>        Billing account ID
+  <org_id>        Organization ID
   <on|off>            Enable or disable auto-recharge
 
 Options:
   --threshold <n>     Remaining-email threshold that triggers auto-recharge
 
 Examples:
-  run402 billing auto-recharge acct_abc on --threshold 2000
-  run402 billing auto-recharge acct_abc off
+  run402 billing auto-recharge org_abc on --threshold 2000
+  run402 billing auto-recharge org_abc off
 `,
-  history: `run402 billing history — Show ledger history for a billing account
+  history: `run402 billing history — Show ledger history for a organization
 
 Usage:
   run402 billing history <identifier> [--limit <n>]
 
 Arguments:
-  <identifier>        Billing account id (UUID), wallet (0x...), or email.
-                      Wallet/email are resolved to the account id first.
+  <identifier>        Organization id (UUID), wallet (0x...), or email.
+                      Wallet/email are resolved to the organization id first.
 
 Options:
   --limit <n>         Max entries to return (default: 50)
 
 Auth:
-  Requires SIWX from a wallet linked to the account (signed automatically from
+  Requires SIWX from a wallet linked to the organization (signed automatically from
   the local allowance), or an admin key. Email lookups require an admin key.
 
 Examples:
@@ -91,17 +91,17 @@ Examples:
   run402 billing history 0x1234... --limit 100
   run402 billing history 00000000-0000-4000-8000-000000000001
 `,
-  balance: `run402 billing balance — Show balance for a billing account
+  balance: `run402 billing balance — Show balance for a organization
 
 Usage:
   run402 billing balance <identifier>
 
 Arguments:
-  <identifier>        Billing account id (UUID), wallet (0x...), or email.
-                      Wallet/email are resolved via the accounts lookup.
+  <identifier>        Organization id (UUID), wallet (0x...), or email.
+                      Wallet/email are resolved via the organization lookup.
 
 Auth:
-  Requires SIWX from a wallet linked to the account (signed automatically from
+  Requires SIWX from a wallet linked to the organization (signed automatically from
   the local allowance), or an admin key. Email lookups require an admin key.
 
 Examples:
@@ -109,38 +109,38 @@ Examples:
   run402 billing balance 0x1234abcd...
   run402 billing balance 00000000-0000-4000-8000-000000000001
 `,
-  "create-email": `run402 billing create-email — Create an email billing account
+  "create-email": `run402 billing create-email — Create an email organization
 
 Usage:
   run402 billing create-email <email>
 
 Arguments:
-  <email>             Email address to register as a billing account
+  <email>             Email address to register as a organization
 
 Examples:
   run402 billing create-email user@example.com
 `,
-  "link-wallet": `run402 billing link-wallet — Link a wallet to an email billing account
+  "link-wallet": `run402 billing link-wallet — Link a wallet to an email organization
 
 Usage:
-  run402 billing link-wallet <account_id> <wallet>
+  run402 billing link-wallet <org_id> <wallet>
 
 Arguments:
-  <account_id>        Billing account ID (e.g. acct_abc123)
+  <org_id>        Organization ID (e.g. org_abc123)
   <wallet>            Wallet address (0x...) to link
 
 Notes:
-  - Tier and quotas are per-billing-account. Linking a wallet merges its
-    spend into the account-wide pool that already includes every project
-    on this billing account.
+  - Tier and quotas are per-organization. Linking a wallet merges its
+    spend into the organization-wide pool that already includes every project
+    on this organization.
   - The response includes a 'pool_implications' block on v1.46+ gateways:
-    tier, projects_in_pool_count, account_api_calls_current,
-    account_storage_bytes_current, tier_limits, over_limit. Inspect
+    tier, projects_in_pool_count, organization_api_calls_current,
+    organization_storage_bytes_current, tier_limits, over_limit. Inspect
     'over_limit' before linking a wallet whose existing usage might push
     the merged pool past the tier cap.
 
 Examples:
-  run402 billing link-wallet acct_abc123 0x1234abcd...
+  run402 billing link-wallet org_abc123 0x1234abcd...
 `,
 };
 
@@ -177,7 +177,7 @@ async function createEmail(args) {
     });
   }
   try {
-    const data = await getSdk().billing.createEmailAccount(email);
+    const data = await getSdk().billing.createEmailOrganization(email);
     console.log(JSON.stringify(data, null, 2));
   } catch (err) {
     reportSdkError(err);
@@ -188,23 +188,23 @@ async function linkWallet(args) {
   const parsedArgs = normalizeArgv(args);
   assertKnownFlags(parsedArgs, ["--help", "-h"]);
   const positionals = positionalArgs(parsedArgs);
-  const accountId = positionals[0];
+  const organizationId = positionals[0];
   const wallet = positionals[1];
   if (positionals.length > 2) {
     fail({ code: "BAD_USAGE", message: `Unexpected argument for billing link-wallet: ${positionals[2]}` });
   }
-  if (!accountId || !wallet) {
+  if (!organizationId || !wallet) {
     fail({
       code: "BAD_USAGE",
-      message: "Missing <account_id> and/or <wallet>.",
-      hint: "run402 billing link-wallet <account_id> <wallet>",
+      message: "Missing <org_id> and/or <wallet>.",
+      hint: "run402 billing link-wallet <org_id> <wallet>",
     });
   }
   try {
-    const data = await getSdk().billing.linkWallet(accountId, wallet);
+    const data = await getSdk().billing.linkWallet(organizationId, wallet);
     const output = {
       status: data?.status ?? "ok",
-      billing_account_id: data?.billing_account_id ?? accountId,
+      organization_id: data?.organization_id ?? organizationId,
       wallet: data?.wallet ?? wallet.toLowerCase(),
       ...(data?.pool_implications ? { pool_implications: data.pool_implications } : {}),
     };
@@ -265,16 +265,16 @@ async function autoRecharge(args) {
   const valueFlags = ["--threshold"];
   assertKnownFlags(parsedArgs, [...valueFlags, "--help", "-h"], valueFlags);
   const positionals = positionalArgs(parsedArgs, valueFlags);
-  const accountId = positionals[0];
+  const organizationId = positionals[0];
   const state = positionals[1];
   if (positionals.length > 2) {
     fail({ code: "BAD_USAGE", message: `Unexpected argument for billing auto-recharge: ${positionals[2]}` });
   }
-  if (!accountId || !state || !["on", "off"].includes(state)) {
+  if (!organizationId || !state || !["on", "off"].includes(state)) {
     fail({
       code: "BAD_USAGE",
-      message: "Missing <account_id> and/or <on|off>.",
-      hint: "run402 billing auto-recharge <account_id> <on|off> [--threshold <n>]",
+      message: "Missing <org_id> and/or <on|off>.",
+      hint: "run402 billing auto-recharge <org_id> <on|off> [--threshold <n>]",
     });
   }
   const thresholdStr = flagValue(parsedArgs, "--threshold");
@@ -283,11 +283,11 @@ async function autoRecharge(args) {
     : undefined;
   try {
     await getSdk().billing.setAutoRecharge({
-      billingAccountId: accountId,
+      organizationId: organizationId,
       enabled: state === "on",
       threshold,
     });
-    console.log(JSON.stringify({ billing_account_id: accountId, enabled: state === "on", updated: true }));
+    console.log(JSON.stringify({ organization_id: organizationId, enabled: state === "on", updated: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -305,11 +305,11 @@ async function balance(args) {
     fail({
       code: "BAD_USAGE",
       message: "Missing <identifier>.",
-      hint: "run402 billing balance <account-id | wallet | email>",
+      hint: "run402 billing balance <org-id | wallet | email>",
     });
   }
   try {
-    const data = await getSdk().billing.getAccount(id);
+    const data = await getSdk().billing.getOrganization(id);
     console.log(JSON.stringify(data, null, 2));
   } catch (err) {
     reportSdkError(err);
@@ -329,7 +329,7 @@ async function history(args) {
     fail({
       code: "BAD_USAGE",
       message: "Missing <identifier>.",
-      hint: "run402 billing history <account-id | wallet | email> [--limit <n>]",
+      hint: "run402 billing history <org-id | wallet | email> [--limit <n>]",
     });
   }
   const limit = parsedArgs.includes("--limit")

package/lib/operator.mjs

@@ -4,7 +4,7 @@
  * The operator is YOU, the human, identified by email — distinct from the
  * AGENT (your wallet / SIWX identity). One browser login spans every wallet
  * that verified your email, so `operator overview` returns the cross-wallet
- * union. For a single wallet's account state, use `run402 status`.
+ * union. For a single wallet's organization state, use `run402 status`.
  *
  * Auth: browser-delegated device-authorization grant (RFC 8628, the
  * `aws sso login` model). The CLI never performs WebAuthn — the browser does,
@@ -47,7 +47,7 @@ const HELP = `run402 operator — operator (human / email) session
 
 The operator is YOU, the human, identified by email — distinct from the agent
 (your wallet). One browser login spans every wallet that verified your email.
-For a single wallet's account state, use 'run402 status'.
+For a single wallet's organization state, use 'run402 status'.
 
 Usage:
   run402 operator login [--no-open]              (read session, device-flow)
@@ -289,7 +289,7 @@ async function loopbackLogin(args, { stepUp }) {
     if (memberships.length) {
       process.stderr.write(
         `Member of ${memberships.length} org(s):\n` +
-          memberships.map((m) => `  - ${m.billing_account_id} (${m.role}, ${m.status})`).join("\n") +
+          memberships.map((m) => `  - ${m.display_name || m.org_id || m.organization_id || "unknown"} (${m.role}, ${m.status})`).join("\n") +
           "\n",
       );
     }

package/lib/projects.mjs

@@ -101,7 +101,7 @@ Usage:
   run402 projects list [--org <id>] [--all]
 
 Options:
-  --org <id>          Filter to projects owned by one org (billing account).
+  --org <id>          Filter to projects owned by one org (organization).
                       Authorize-before-reveal: a non-member or guessed id is a
                       403; a non-UUID id is a 400.
   --all               Read the cross-wallet inventory across every wallet
@@ -114,7 +114,7 @@ Notes:
   - This is a SERVER read (membership-scoped), not the local keystore. Each row
     has project_id, name, site_url, custom_domains, org_id, status, and an
     'active' marker derived from local state.
-  - Tier and lifecycle live on the billing account, not each project — use
+  - Tier and lifecycle live on the organization, not each project — use
     'run402 status' or 'run402 tier status' for the account view.
 
 Examples:
@@ -478,7 +478,7 @@ async function list(args = []) {
       active: p.id === activeId,
       site_url: p.site_url ?? null,
       custom_domains: p.custom_domains ?? [],
-      org_id: p.billing_account_id ?? null,
+      org_id: p.organization_id ?? null,
       status: p.status ?? p.effective_status ?? null,
     }));
     const out = { projects: rows };
@@ -724,7 +724,7 @@ export async function run(sub, args) {
     fail({
       code: "REMOVED_COMMAND",
       message: "`run402 projects pin` was removed in v1.57.",
-      hint: "Per-project pin is superseded by the account-level escape hatch. Use `run402 admin lease-perpetual <billing_account_id> --enable` (platform-admin only).",
+      hint: "Per-project pin is superseded by the organization-level escape hatch. Use `run402 admin lease-perpetual <organization_id> --enable` (platform-admin only).",
     });
   }
   args = normalizeArgv(args);

package/lib/sdk-errors.mjs

@@ -111,7 +111,7 @@ export function reportSdkError(err) {
     if (d?.required_capability) need.push(`capability \`${d.required_capability}\``);
     const needStr = need.length > 0 ? ` (needs ${need.join(" or ")})` : "";
     payload.hint =
-      `Authorization denied${needStr}: a wallet authenticates, but the owning org (billing account) ` +
+      `Authorization denied${needStr}: a wallet authenticates, but the owning org (organization) ` +
       "decides access via membership role (owner > admin > developer > billing > viewer) or a per-project grant. " +
       "High-stakes actions (delete, transfer, membership change) require an active `owner` membership. " +
       "Returned as 403 even when the project does not exist, so verify the project id too.";

package/lib/service.mjs

@@ -22,7 +22,7 @@ Usage:
 Notes:
   - Unauthenticated and free; no allowance required
   - Returns uptime, supported capabilities, operator, and deployment info
-  - For account state (allowance, balance, tier, projects), use
+  - For organization state (allowance, balance, tier, projects), use
     'run402 status' instead
 
 Examples:

package/lib/status.mjs

@@ -4,7 +4,7 @@ import { assertKnownFlags, hasHelp, normalizeArgv } from "./argparse.mjs";
 import { getActiveProfile } from "../core-dist/config.js";
 import { readMeta } from "../core-dist/profiles.js";
 
-const HELP = `run402 status — Show full account state in one shot
+const HELP = `run402 status — Show full organization state in one shot
 
 Usage:
   run402 status
@@ -120,7 +120,7 @@ export async function run(args = []) {
   //   - on_chain_usd_micros / on_chain_token: on-chain USDC (x402) or pathUSD
   //     (mpp), null if the RPC read failed
   //   - prepaid_credit_usd_micros / held_usd_micros: Run402-held credits,
-  //     rail-independent, null when no billing account exists
+  //     rail-independent, null when no organization exists
   const hasBilling = billing && billing.exists !== false;
   const result = {
     wallet: {
@@ -138,10 +138,10 @@ export async function run(args = []) {
     tier: tier && tier.tier
       ? { name: tier.tier, status: tier.status, expires: tier.lease_expires_at }
       : null,
-    // v1.57: lifecycle state and the per-account escape hatch moved to the
-    // billing account. Surface them at the top level so agents don't have to
+    // v1.57: lifecycle state and the per-organization escape hatch moved to the
+    // organization. Surface them at the top level so agents don't have to
     // dig into the projects array to read them.
-    account_lifecycle_state: tier?.account_lifecycle_state ?? null,
+    organization_lifecycle_state: tier?.organization_lifecycle_state ?? null,
     lease_perpetual: tier?.lease_perpetual ?? null,
     projects,
     active_project: activeId || null,

package/lib/tier.mjs

@@ -13,7 +13,7 @@ Subcommands:
 
 Tiers: prototype ($0.10/7d, free with testnet faucet), hobby ($5/30d), team ($20/30d)
 
-Tier is per billing account. A single subscription covers every project on
+Tier is per organization. A single subscription covers every project on
 the account; api_calls and storage_bytes are pooled across all of them.
 
 The server auto-detects the action based on your allowance state:
@@ -35,7 +35,7 @@ Usage:
   run402 tier status
 
 Notes:
-  - Tier and quotas are per billing account. The 'pool_usage' block sums
+  - Tier and quotas are per organization. The 'pool_usage' block sums
     api_calls and storage_bytes across every project on this account
     (across every wallet linked to it), not just the requesting wallet.
   - Returns the current tier name, status, expiry, and pool usage
@@ -61,7 +61,7 @@ Tiers:
   team                $20/30d
 
 Notes:
-  Tier is per billing account, not per project. A successful subscribe,
+  Tier is per organization, not per project. A successful subscribe,
   renew, or upgrade applies immediately to every project on the account.
 
   Server auto-detects action based on current allowance state:
@@ -72,7 +72,7 @@ Notes:
   Pays via x402 micropayments.
 
   After the call, the CLI refetches /tiers/v1/status and includes the
-  refreshed account-pooled usage as 'status_after' in the JSON output.
+  refreshed organization-pooled usage as 'status_after' in the JSON output.
 
 Examples:
   run402 tier set prototype

package/lib/transfer.mjs

@@ -17,7 +17,7 @@ Usage:
   run402 transfer preview <transfer_id>
   run402 transfer list [--incoming | --outgoing] [--limit N] [--offset N]
   run402 transfer accept <transfer_id>
-  run402 transfer claim <transfer_id> [--into <billing_account_id>]
+  run402 transfer claim <transfer_id> [--into <organization_id>]
   run402 transfer cancel <transfer_id> [--reason <text>] [--handoff]
 
 Subcommands:
@@ -53,7 +53,7 @@ Options:
 Notes:
   - Caller's wallet must currently own the project (gateway re-checks fresh DB).
   - Owner-side mutations on the project are frozen until accept/cancel/expiry.
-  - The project lease stays with your billing account; it is NOT refunded.
+  - The project lease stays with your organization; it is NOT refunded.
 `,
   preview: `run402 transfer preview — Fetch the preview document
 
@@ -97,7 +97,7 @@ email->org handoff instead of a wallet transfer.
   claim: `run402 transfer claim — Claim an incoming email handoff
 
 Usage:
-  run402 transfer claim <transfer_id> [--into <billing_account_id>]
+  run402 transfer claim <transfer_id> [--into <organization_id>]
 
 Claims a handoff addressed to your email into an org you own. Omit --into to
 claim into a brand-new org. This is the email-handoff analog of 'accept'.
@@ -281,7 +281,7 @@ async function claim(args) {
   assertKnownFlags(parsedArgs, [...valueFlags, "--help", "-h"], valueFlags);
   const positionals = positionalArgs(parsedArgs, valueFlags);
   if (positionals.length !== 1) {
-    fail({ code: "BAD_USAGE", message: "Usage: run402 transfer claim <transfer_id> [--into <billing_account_id>]" });
+    fail({ code: "BAD_USAGE", message: "Usage: run402 transfer claim <transfer_id> [--into <organization_id>]" });
   }
   const transferId = positionals[0];
   const into = flagValue(parsedArgs, "--into");
@@ -289,7 +289,7 @@ async function claim(args) {
 
   try {
     const data = await getSdk().admin.transfers.claimHandoff(transferId, {
-      billingAccountId: into ?? undefined,
+      organizationId: into ?? undefined,
     });
     console.log(JSON.stringify(data, null, 2));
   } catch (err) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "run402",
-  "version": "2.43.0",
+  "version": "2.44.0",
   "description": "CLI for Run402 — provision Postgres databases, deploy static sites, generate images, and manage wallets via x402 and MPP micropayments.",
   "type": "module",
   "bin": {

package/sdk/dist/errors.d.ts

@@ -18,12 +18,12 @@
 export type Run402ErrorKind = "payment_required" | "project_not_found" | "unauthorized" | "not_authorized" | "api_error" | "network_error" | "local_error" | "deploy_error" | "transfer_freeze" | "step_up_required";
 /**
  * Quota-denial scope discriminator (v1.46+). Indicates whether a quota-related
- * denial was enforced against the pooled billing-account total (`"account"`)
- * or against an orphan project whose billing account row has been purged but
+ * denial was enforced against the pooled organization total (`"organization"`)
+ * or against an orphan project whose organization row has been purged but
  * cascade has not yet run (`"project"`). Lifted from `details.scope` on the
  * gateway envelope; absent for errors unrelated to quota.
  */
-export type Run402QuotaScope = "account" | "project";
+export type Run402QuotaScope = "organization" | "project";
 export declare abstract class Run402Error extends Error {
     /**
      * Structural brand. Always `true` on any {@link Run402Error} subclass
@@ -61,9 +61,9 @@ export declare abstract class Run402Error extends Error {
     /** Advisory next actions from the gateway. Rendering them must not execute them. */
     readonly nextActions?: unknown[];
     /**
-     * Quota-denial scope (v1.46+). `"account"` for pooled billing-account
-     * denials; `"project"` for the orphan fallback (project whose billing
-     * account row was purged but cascade has not yet run). Lifted from
+     * Quota-denial scope (v1.46+). `"organization"` for pooled organization
+     * denials; `"project"` for the orphan fallback (project whose organization
+     * row was purged but cascade has not yet run). Lifted from
      * `details.scope` when the gateway returned it. Undefined for errors
      * that are not quota-related.
      */
@@ -104,7 +104,7 @@ export declare class Unauthorized extends Run402Error {
 /**
  * HTTP 403 `NOT_AUTHORIZED` — the org-owned control plane (gateway v1.77+)
  * denied a control-plane action. A wallet *authenticates* (SIWX resolves it to
- * a principal); *authorization* is an org (billing-account) membership in the
+ * a principal); *authorization* is an org (organization) membership in the
  * role lattice `owner > admin > developer > billing > viewer`, or a per-project
  * grant for agent/CI principals — never `wallet_address == signer`. High-stakes
  * ops (delete, transfer-of-ownership, membership change) require an active
@@ -303,7 +303,7 @@ export declare function isTransferFreezeError(e: unknown): e is TransferFreezeEr
 /** True if `e` is a {@link StepUpRequiredError}. Survives duplicate SDK copies and realms. */
 export declare function isStepUpRequired(e: unknown): e is StepUpRequiredError;
 /**
- * Extract the v1.46+ quota-denial scope from an error. Returns `"account"`
+ * Extract the v1.46+ quota-denial scope from an error. Returns `"organization"`
  * for pooled denials, `"project"` for the orphan fallback, or `undefined`
  * when the error is not quota-related (or originated from a pre-v1.46
  * gateway that did not set `details.scope`). Safe to call with `unknown`.