diff --git a/01-getting-started/INTEGRATION_GUIDE.md b/01-getting-started/INTEGRATION_GUIDE.md
index 5eb78cb..402c4ae 100644
--- a/01-getting-started/INTEGRATION_GUIDE.md
+++ b/01-getting-started/INTEGRATION_GUIDE.md
@@ -33,8 +33,8 @@ Add FIVUCSAS biometric auth to any page with a single script tag.
-
-
+
+
+
```
-**ESM import:**
+**CDN — ESM (for `
+
+
**npm packages (`@fivucsas/auth-*`) are not yet published.** Use the CDN instead:
+
+```html
+
+
+```
+
+```js
+// ESM build — for
-
-
-
-
-
+
+
+
+
```
-**Option B: React**
+**Option B: React — coming soon (npm not yet published)**
```tsx
-import { FivucsasProvider, VerifyButton } from '@fivucsas/auth-react';
-
-function App() {
- return (
-
- { /* exchange code */ }}
- />
-
- );
-}
+// @fivucsas/auth-react is not yet on npm.
+// In the meantime, use the CDN IIFE build (Option C) wrapped in a useEffect.
+// import { FivucsasProvider, VerifyButton } from '@fivucsas/auth-react'; // future
```
-**Option C: Programmatic**
+**Option C: Programmatic (CDN ESM)**
```typescript
-import { FivucsasAuth } from '@fivucsas/auth-js';
+import { FivucsasAuth } from 'https://verify.fivucsas.com/fivucsas-auth.esm.js';
+// or via IIFE: window.FivucsasAuth after loading fivucsas-auth.js
+// @fivucsas/auth-js npm package is not yet published
const auth = new FivucsasAuth({ clientId: 'fiv_live_abc123' });
const result = await auth.verify({
diff --git a/02-architecture/README.md b/02-architecture/README.md
index 65eee6b..c6e1093 100644
--- a/02-architecture/README.md
+++ b/02-architecture/README.md
@@ -12,12 +12,12 @@ System architecture, design decisions, and architectural diagrams.
- **[MODULE_STRUCTURE.md](MODULE_STRUCTURE.md)** - ⭐ Official module structure and organization (NEW)
- **[ARCHITECTURE_DIAGRAMS.md](ARCHITECTURE_DIAGRAMS.md)** - ⭐ Mermaid diagrams for SE (NEW)
- **[ARCHITECTURE_ANALYSIS.md](ARCHITECTURE_ANALYSIS.md)** - Comprehensive architecture analysis
-- **[SYSTEM_DESIGN_ANALYSIS_AND_DECISION.md](SYSTEM_DESIGN_ANALYSIS_AND_DECISION.md)** - Design decisions
+- **SYSTEM_DESIGN_ANALYSIS_AND_DECISION.md** - Design decisions
### Audits & Reports
-- **[PROJECT_DESIGN_AUDIT.md](PROJECT_DESIGN_AUDIT.md)** - Design audit report
-- **[DESIGN_AUDIT_REPORT.md](DESIGN_AUDIT_REPORT.md)** - Detailed audit findings
-- **[PROJECT_DESIGN_AND_STATUS_ANALYSIS.md](PROJECT_DESIGN_AND_STATUS_ANALYSIS.md)** - Design and status analysis
+- **PROJECT_DESIGN_AUDIT.md** - Design audit report
+- **DESIGN_AUDIT_REPORT.md** - Detailed audit findings
+- **PROJECT_DESIGN_AND_STATUS_ANALYSIS.md** - Design and status analysis
---
@@ -36,6 +36,19 @@ See **[ARCHITECTURE_DIAGRAMS.md](ARCHITECTURE_DIAGRAMS.md)** for:
- Entity Relationship Diagram
- Use Case Diagram
+### Draw.io Source Diagrams
+See [diagrams/](../diagrams/) folder for editable `.drawio` XML sources:
+- `system_architecture.drawio` — layered system view (JWT RS256, accurate as of 2026-05-28)
+- `hexagonal_architecture.drawio` — Ports & Adapters / DDD for Identity Core API
+- `er_diagram.drawio` — core database ER schema
+- `use_case_diagram.drawio` — actors and use cases
+- `biometric_puzzle_flow.drawio` — active liveness challenge protocol
+- `data_flow_diagram.drawio` — DFD Level 1
+- `nfc_handshake.drawio` — BAC handshake (ICAO 9303)
+
+Diagrams needing regeneration: `deployment_architecture.drawio`, `technology_stack.drawio` (NGINX→Traefik), `implementation_progress.drawio` (stale Fall-2025 percentages).
+See §11–12 of [ARCHITECTURE_DIAGRAMS.md](ARCHITECTURE_DIAGRAMS.md) for full per-diagram status.
+
### PlantUML Diagrams
See [diagrams/](diagrams/) folder for 35+ professional UML diagrams:
- Entity-Relationship (ER) diagrams
@@ -46,6 +59,11 @@ See [diagrams/](diagrams/) folder for 35+ professional UML diagrams:
- Network architecture diagrams
- Security architecture diagrams
+### Additional PNG Diagrams
+See [ADD_diagrams/](../ADD_diagrams/) for exported PNGs from the early development phase.
+Accurate: `diagram_01_use_cases_by_actor.png`, `diagram_02_domain_model___core_entities.png`, `diagram_03_entity_relationship_diagram.png`.
+Needs regeneration: `diagram_04_system_architecture_overview.png`, `diagram_05_docker_deployment.png` (NGINX→Traefik, MobileFaceNet removed).
+
---
## Module Overview
diff --git a/02-architecture/security.md b/02-architecture/security.md
index 88bcda8..dcdad13 100644
--- a/02-architecture/security.md
+++ b/02-architecture/security.md
@@ -605,8 +605,8 @@ Required elements:
### Security Contacts
```
-Security Team: security@fivucsas.com
-Vulnerability Disclosure: security@fivucsas.com (PGP key available)
+Security Team: info@fivucsas.com
+Vulnerability Disclosure: info@fivucsas.com (primary) | rollingcat.help@gmail.com (alternate)
Incident Hotline: +1-555-SECURITY (24/7)
```
diff --git a/SECURITY.md b/SECURITY.md
index 39622b1..27b6474 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,7 +4,7 @@
If you believe you've found a security vulnerability in docs — the documentation repository of the FIVUCSAS biometric authentication platform — please report it privately so we can fix it before disclosing publicly.
-**Email:** info@app.fivucsas.com (subject prefix: `[SECURITY] docs`)
+**Email:** info@fivucsas.com (subject prefix: `[SECURITY] docs`) — alternate: rollingcat.help@gmail.com
Please include:
- A clear description of the issue and its impact.
diff --git a/diagrams/system_architecture.drawio b/diagrams/system_architecture.drawio
index 7cd5df4..7ad3379 100644
--- a/diagrams/system_architecture.drawio
+++ b/diagrams/system_architecture.drawio
@@ -79,7 +79,7 @@
-
+