Add public readiness docs for Python SDK

CONTRIBUTING.md

@@ -42,6 +42,12 @@ git push --force-with-lease
 Commits that do not include a valid `Signed-off-by` trailer will
 be rejected by CI.
 
+## Trademark
+
+"IntentProof" and "Verified by IntentProof" are trademarks of
+IntentProof, Inc. Apache 2.0 grants a copyright license; it does not grant a
+trademark license. See [`TRADEMARK.md`](TRADEMARK.md).
+
 ## License
 
 By contributing as a maintainer, you agree your commits are licensed

README.md

@@ -1,23 +1,70 @@
 # intentproof-sdk-python
 
+[![CI](https://github.com/IntentProof/intentproof-sdk-python/actions/workflows/ci.yml/badge.svg)](https://github.com/IntentProof/intentproof-sdk-python/actions/workflows/ci.yml)
+
 Python SDK for emitting signed IntentProof execution events.
 
+## Who uses this
+
+Python application authors who need the same wrap/exporter/outbox contract as
+the Node and Go SDKs for signed execution events.
+
 ## Status
 
 Early scaffolding repo for IntentProof's Python SDK. Tracks the
 Node SDK's wrap()/exporter/outbox contract so a Python application
 can emit and verify the same signed execution events.
 
-## Development
+## Install
+
+```bash
+pip install intentproof
+```
+
+For development in this repository:
 
 ```bash
 pip install -e ".[dev]"
+```
+
+## Verify
+
+Cross-language signing fixtures in CI match
+[`intentproof-spec`](https://github.com/IntentProof/intentproof-spec) golden
+vectors. Run `pytest` locally before publishing.
+
+## Test
+
+```bash
 pytest
+bash ./scripts/check-coverage.sh 95
 ```
 
 CI enforces at least 95% line coverage on `src/intentproof/` (see
 `pyproject.toml` and `scripts/check-coverage.sh`).
 
+## Release
+
+PyPI packages are published from maintainer release workflows in
+[`intentproof-tools`](https://github.com/IntentProof/intentproof-tools) using
+Sigstore-attested artifacts. See
+[`docs/release-signing.md`](https://github.com/IntentProof/intentproof-tools/blob/main/docs/release-signing.md).
+
+## Documentation hub
+
+Per-repo README files plus
+[`intentproof-infra`](https://github.com/IntentProof/intentproof-infra) for
+self-host install and image verification. Docs site deferred — see
+[`docs-hub-decision.md`](https://github.com/IntentProof/intentproof-infra/blob/main/docs/docs-hub-decision.md).
+
+## Support
+
+Report bugs, API gaps, and conformance findings via
+[GitHub Issues](https://github.com/IntentProof/intentproof-sdk-python/issues).
+See [`CONTRIBUTING.md`](CONTRIBUTING.md). Security reports:
+[`SECURITY.md`](SECURITY.md).
+
 ## License
 
-Apache License 2.0 (`LICENSE`).
+Apache License 2.0 — see [`LICENSE`](LICENSE), [`NOTICE`](NOTICE), and
+[`TRADEMARK.md`](TRADEMARK.md).

TRADEMARK.md

@@ -0,0 +1,31 @@
+# IntentProof Trademark Policy
+
+**IntentProof** and **Verified by IntentProof** are trademarks of
+IntentProof, Inc.
+
+The Apache License 2.0 grants a copyright license for the code in this
+repository. It does **not** grant a trademark license.
+
+## Permitted use
+
+You may use the name **IntentProof** in plain text to describe
+compatibility with or use of this open-source software, provided you do
+not imply endorsement, sponsorship, or certification by IntentProof, Inc.
+
+## Not permitted without written permission
+
+- Using IntentProof trademarks in your product, company, or project name.
+- Displaying the **Verified by IntentProof** certification mark or any
+  IntentProof logo except as authorized in a written agreement.
+- Suggesting that IntentProof, Inc. certifies or warrantees your deployment
+  solely because you use this software.
+
+## Certification mark
+
+Operational use of the **Verified by IntentProof** certification mark is
+governed by a separate certification policy before certificate issuance
+ships. Contact `security@intentproof.io` for questions.
+
+## Questions
+
+Trademark or certification-mark questions: `security@intentproof.io`.