diff --git a/CLAUDE.md b/CLAUDE.md
index 6ec1d4de..d2540bd2 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -2,7 +2,7 @@
 
 ## Project Overview
 
-PolyPay is a privacy-preserving payroll platform built on Horizen blockchain. It enables organizations, DAOs, and global teams to run payroll privately using zero-knowledge proofs (Noir circuits). Key features: private payments, private multisig approvals, escrow/milestone-based transfers, real-time notifications via WebSocket, and JWT authentication.
+PolyPay is a privacy-preserving payroll & multisig platform built on Horizen (primary), Base, and Arbitrum (Stylus). It enables organizations, DAOs, and global teams to run payroll while keeping signer identities private, using zero-knowledge proofs (Noir circuits). Key shipped features: private multisig approvals (signer identities hidden — only a relayer appears on-chain), ZK authentication, single + batch transfers, gasless USDC deposits (x402), real-time notifications via WebSocket, and JWT auth. Note: confidential payment **amounts and recipients** ("private payments") are roadmap, **not yet implemented** — today's privacy covers signer identities only.
 
 ## Tech Stack
 
diff --git a/README.md b/README.md
index 97908552..6058a033 100644
--- a/README.md
+++ b/README.md
@@ -10,9 +10,11 @@ A privacy-preserving payroll platform built on Horizen. PolyPay enables organiza
 
 ## Features
 
-- **Private Payments**: Salary amounts and recipients stay confidential
-- **Private Multisig**: Team approvals without exposing signer identities
-- **Flexible Payment Logic**: Escrow, milestone-based, and recurring transfers
+- **Private Multisig**: Team approvals without exposing signer identities — only a relayer wallet appears on-chain
+- **ZK Authentication**: Login via zero-knowledge proof; secrets never leave your device
+- **Batch Payroll**: Single and batch transfers
+
+> **Roadmap:** Confidential payment amounts and recipients ("private payments") are in active development — not yet live. Today's privacy guarantee covers signer identities.
 
 ## Quick Start
 
diff --git a/REVIEW.md b/REVIEW.md
new file mode 100644
index 00000000..bc37e51b
--- /dev/null
+++ b/REVIEW.md
@@ -0,0 +1,54 @@
+# PolyPay PR Review Checklist
+
+Shared standard for reviewing pull requests — used by human reviewers and by the
+automated review in `.github/workflows/claude-review.yaml`. Read `CLAUDE.md` for
+the repo's architecture and conventions.
+
+## Priority order
+
+Report findings in this order; correctness always outranks cleanup.
+
+1. **Correctness bugs**
+2. **Security**
+3. **Convention adherence** (`CLAUDE.md`)
+4. **Reuse / simplification / efficiency cleanup**
+
+## Security
+
+PolyPay moves USDC and handles multisig approvals, ZK proofs, and auth. Scrutinise
+any change that touches:
+
+- **Signatures & payments** — EIP-3009 / x402 payloads, signature assembly and
+  the `v` recovery byte, nonce generation and replay protection, amount bounds.
+- **Key material** — anything that could log, leak, or widen access to private
+  keys, tokens, or OWS vault flows.
+- **Auth & access control** — JWT handling, route guards, `useAuthenticatedQuery`,
+  multisig signer/relayer logic, ZK proof verification.
+- **Secrets** — never approve committed secrets, hardcoded credentials, or
+  plaintext keys. Secret Manager bindings only (see `CLAUDE.md` deployment notes).
+
+## Convention adherence (see `CLAUDE.md`)
+
+- API contracts via `@polypay/shared` DTOs; all HTTP through `apiClient`.
+- Zod schemas for every form; `useAuthenticatedQuery` for authenticated queries.
+- Business logic in `hooks/app/`, not components; no hardcoded API URLs
+  (use `API_BASE_URL`).
+- Notifications via the existing `notification` utility / Sonner.
+- Zustand stores use `persist` unless state is truly ephemeral.
+
+## Correctness
+
+Bugs a careful reviewer catches in one sitting:
+
+- Inverted or wrong conditions, off-by-one on boundaries.
+- Missing `await`, unhandled promise rejections.
+- Null / undefined dereferences on reachable paths (error handlers, cold cache,
+  missing optional fields), falsy-zero treated as missing.
+- Errors swallowed in `catch`, copy-paste of the wrong variable.
+- Call sites broken by a changed signature, return shape, or new precondition.
+
+## Output
+
+- Top-level summary via `gh pr comment`; line-level issues as inline comments.
+- Cite `file:line`. Be specific and actionable.
+- If the diff is clean, say so briefly — do not invent issues.
diff --git a/docs/README.md b/docs/README.md
index 4126a6bf..1a4ea46b 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -16,12 +16,14 @@ This lack of privacy prevents businesses from adopting crypto payroll.
 
 ### Our Solution
 
-PolyPay uses **zero-knowledge proofs** and **multi-chain deployment** (Horizen and Base) to provide:
+PolyPay uses **zero-knowledge proofs** and **multi-chain deployment** (Horizen, Base, and Arbitrum) to provide:
 
-* **Private Payments**: Salary amounts and recipients stay confidential
-* **Private Multisig**: Team approvals without exposing signer identities
+* **Private Multisig**: Team approvals without exposing signer identities — only a relayer wallet appears on-chain
+* **ZK Authentication**: Login via zero-knowledge proof; secrets never leave your device
 * **Flexible Payment Logic**: Single and batch transfers
-* **Gasless USDC Deposit (x402)**: Fund a multisig on Base with one signature, no ETH required — works for human users and AI agents via the [x402 protocol](https://www.x402.org/)
+* **Gasless USDC Deposit (x402)**: Fund a multisig with one signature, no ETH required — works for human users and AI agents via the [x402 protocol](https://www.x402.org/)
+
+> **On the roadmap:** confidential payment amounts and recipients ("private payments"). Today's ZK privacy covers signer identities and authentication; we're actively building toward fully private transfers.
 
 ### Who Is It For?