diff --git a/docs/config.md b/docs/config.md
index d939ea3..98a48ea 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -1,607 +1,93 @@
-# ⚙️ Configuration Guide# ⚙️ Configuration Guide
+# ⚙️ Configuration Guide
 
-> Looking for the stripped-down key-by-key table? See [`config-reference.md`](./config-reference.md).
-
-
-
-**Customize script behavior in `src/config.jsonc`**This page documents every field in the configuration file. The default ships as `src/config.jsonc` so you get inline `//` guidance without editor warnings, and the loader still accepts traditional `config.json` files if you prefer plain JSON.
-
-
-
----Looking for ready-to-use presets? Check `docs/config-presets/` for curated examples such as `balanced.jsonc` (full automation with humanization) and `minimal.jsonc` (lean runs with quick scheduling).
-
-
-
-## ⚡ Quick Start (Essentials)> NOTE: Previous versions had `logging.live` (live streaming webhook); it was removed and replaced by a simple `logging.redactEmails` flag.
-
-
-
-### Minimal Working Config---
-
-## Top-Level Fields
-
-```jsonc
-
-{### baseURL
-
-  "humanization": {Internal Microsoft Rewards base. Leave it unless you know what you are doing.
-
-    "enabled": true  // Natural behavior (recommended)
-
-  },### sessionPath
-
-  "workers": {Directory where session data (cookies / fingerprints / job-state) is stored.
-
-    "doDailySet": true,
-
-    "doDesktopSearch": true,---
-
-    "doMobileSearch": true## browser
-
-  }| Key | Type | Default | Description |
-
-}|-----|------|---------|-------------|
-
-```| headless | boolean | false | Run browser UI-less. Set to `false` to keep the browser visible (default). |
-
-| globalTimeout | string/number | "30s" | Max time for common Playwright operations. Accepts ms number or time string (e.g. `"45s"`, `"2min"`). |
-
-**That's all you need!** Everything else has good defaults.
+This guide explains **how to adjust `src/config.jsonc` safely** and when to touch each section. If you just need a field-by-field table, jump to [`config-reference.md`](./config-reference.md).
 
 ---
 
----## execution
+## 1. Recommended Editing Workflow
 
-| Key | Type | Default | Description |
+1. Keep the committed `src/config.jsonc` as your baseline. It already contains sane defaults.
+2. Copy it next to the executable (project root) only when you need local overrides.
+3. Edit with a JSONC-aware editor (VS Code works out of the box).
+4. After major changes, run `npm run typecheck` or at least start the bot once to trigger the startup validator.
 
-## 🎯 Popular Configurations|-----|------|---------|-------------|
-
-| parallel | boolean | false | Run desktop + mobile simultaneously (higher resource usage). |
-
-### 1. Daily Automation| runOnZeroPoints | boolean | false | Skip full run early if there are zero points available (saves time). |
-
-| clusters | number | 1 | Number of process clusters (multi-process concurrency). |
-
-```jsonc| passesPerRun | number | 1 | Advanced: extra full passes per started run. |
-
-{
-
-  "humanization": { "enabled": true },---
-
-  "schedule": {## buyMode
-
-    "enabled": true,Manual redeem / purchase assistance.
-
-    "time": "09:00",| Key | Type | Default | Description |
-
-    "timeZone": "America/New_York"|-----|------|---------|-------------|
-
-  }| enabled (CLI `-buy`) | boolean | false | Enable buy mode (usually via CLI argument). |
-
-}| maxMinutes | number | 45 | Max session length for buy mode. |
-
-```
+> The loader also accepts plain `config.json` (no comments) if you prefer standard JSON.
 
 ---
 
-→ **[Full Scheduler Guide](./schedule.md)**## fingerprinting.saveFingerprint
+## 2. Essential Toggles (Review First)
 
-Persist browser fingerprints per device type for consistency.
+| Section | Keys to check | Why it matters |
+| --- | --- | --- |
+| `execution` | `parallel`, `runOnZeroPoints`, `clusters`, `passesPerRun` | Determines concurrency and whether accounts repeat during the same day. Leave `passesPerRun` at `1` unless you knowingly want additional passes (job-state skip is disabled otherwise). |
+| `schedule` | `enabled`, `time12`/`time24`, `timeZone`, `runImmediatelyOnStart` | Controls unattended runs. Test manual runs before enabling the scheduler. |
+| `workers` | `doDesktopSearch`, `doMobileSearch`, `doDailySet`, etc. | Disable tasks you never want to run to shorten execution time. |
+| `humanization` | `enabled`, `stopOnBan`, `actionDelay` | Keep enabled for safer automation. Tweaks here influence ban resilience. |
+| `proxy` | `proxyGoogleTrends`, `proxyBingTerms` | Tell the bot whether to route outbound API calls through your proxy. |
 
----| Key | Type | Default | Description |
-
-|-----|------|---------|-------------|
-
-### 2. With Notifications| mobile | boolean | false | Save/reuse a consistent mobile fingerprint. |
-
-| desktop | boolean | false | Save/reuse a consistent desktop fingerprint. |
-
-```jsonc
-
-{---
-
-  "humanization": { "enabled": true },## search
-
-  "conclusionWebhook": {| Key | Type | Default | Description |
-
-    "enabled": true,|-----|------|---------|-------------|
-
-    "url": "https://discord.com/api/webhooks/YOUR_WEBHOOK"| useLocalQueries | boolean | false | Use locale-specific query sources instead of global ones. |
-
-  }
-
-}### search.settings
-
-```| Key | Type | Default | Description |
-
-|-----|------|---------|-------------|
-
-→ **[Discord Setup](./conclusionwebhook.md)** | **[NTFY Setup](./ntfy.md)**| useGeoLocaleQueries | boolean | false | Blend geo / locale into chosen queries. |
-
-| scrollRandomResults | boolean | true | Random scroll during search pages to look natural. |
-
----| clickRandomResults | boolean | true | Occasionally click safe results. |
-
-| retryMobileSearchAmount | number | 2 | Retries if mobile searches didn’t yield points. |
-
-### 3. Background Mode (Headless)| delay.min / delay.max | string/number | 3–5min | Delay between searches (ms or time string). |
-
-
-
-```jsonc---
-
-{## humanization
-
-  "browser": {Human‑like behavior simulation.
-
-    "headless": true| Key | Type | Default | Description |
-
-  },|-----|------|---------|-------------|
-
-  "humanization": { "enabled": true }| enabled | boolean | true | Global on/off. |
-
-}| stopOnBan | boolean | true | Stop processing further accounts if a ban is detected. |
-
-```| immediateBanAlert | boolean | true | Fire notification immediately upon ban detection. |
-
-| actionDelay.min/max | number/string | 150–450ms | Random micro-delay per action. |
-
-**Note:** Set `headless: false` to see the browser during development.| gestureMoveProb | number | 0.4 | Probability of a small mouse move gesture. |
-
-| gestureScrollProb | number | 0.2 | Probability of a small scroll gesture. |
-
----| allowedWindows | string[] | [] | Local time windows (e.g. `["08:30-11:00","19:00-22:00"]`). Outside windows, run waits. |
-
-
-
-### 4. Skip When No Points---
-
-## vacation
-
-```jsoncRandom contiguous block of days off per month.
-
-{| Key | Type | Default | Description |
-
-  "execution": {|-----|------|---------|-------------|
-
-    "runOnZeroPoints": false| enabled | boolean | false | Activate monthly break behavior. |
-
-  }| minDays | number | 3 | Minimum skipped days per month. |
-
-}| maxDays | number | 5 | Maximum skipped days per month. |
-
-```
+Once these are set, most users can leave the rest alone.
 
 ---
 
-Saves time by skipping accounts with 0 available points.## retryPolicy
+## 3. Scheduler & Humanization Coordination
 
-Generic transient retry/backoff.
+The scheduler honours humanization constraints:
 
----| Key | Type | Default | Description |
+- Weekly off-days: controlled by `humanization.randomOffDaysPerWeek` (defaults to 1). The scheduler samples new days each ISO week.
+- Allowed windows: if `humanization.allowedWindows` contains time ranges, the bot delays execution until the next window.
+- Vacation mode: `vacation.enabled` selects a random contiguous block (between `minDays` and `maxDays`) and skips the entire period.
 
-|-----|------|---------|-------------|
-
-### 5. Multiple Accounts Faster| maxAttempts | number | 3 | Max tries for retryable blocks. |
-
-| baseDelay | number | 1000 | Initial delay in ms. |
-
-```jsonc| maxDelay | number/string | 30s | Max backoff delay. |
-
-{| multiplier | number | 2 | Exponential backoff multiplier. |
-
-  "execution": {| jitter | number | 0.2 | Randomization factor (0..1). |
-
-    "parallel": false,  // Desktop + mobile simultaneously
-
-    "clusters": 1       // Process multiple accounts in parallel---
-
-  }## workers
-
-}Enable/disable scripted task categories.
-
-```| Key | Default | Description |
-
-|-----|---------|-------------|
-
-⚠️ **Higher detection risk** with parallel execution.| doDailySet | true | Daily set activities. |
-
-| doMorePromotions | true | Promotional tasks. |
-
----| doPunchCards | true | Punch card flows. |
-
-| doDesktopSearch | true | Desktop searches. |
-
-## 🛡️ Anti-Ban Settings| doMobileSearch | true | Mobile searches. |
-
-| doDailyCheckIn | true | Daily check-in. |
-
-### Humanization (Recommended)| doReadToEarn | true | Reading tasks. |
-
-| bundleDailySetWithSearch | false | Immediately start desktop search bundle after daily set. |
-
-```jsonc
-
-{---
-
-  "humanization": {## proxy
-
-    "enabled": true,| Key | Default | Description |
-
-    "actionDelay": { "min": 150, "max": 450 },|-----|---------|-------------|
-
-    "gestureMoveProb": 0.4,| proxyGoogleTrends | true | Route Google Trends fetch through proxy if set. |
-
-    "gestureScrollProb": 0.2,| proxyBingTerms | true | Route Bing query source fetch through proxy if set. |
-
-    "randomOffDaysPerWeek": 1
-
-  }---
-
-}## notifications
-
-```Manages notification channels (Discord webhooks, NTFY, etc.).
-
-
-
-→ **[Full Humanization Guide](./humanization.md)**### notifications.webhook
-
-Primary webhook (can be used for summary or generic messages).
-
----| Key | Default | Description |
-
-|-----|---------|-------------|
-
-### Vacation Mode| enabled | false | Allow sending webhook-based notifications and live log streaming. |
-
-| url | "" | Webhook endpoint. |
-
-```jsonc
-
-{### notifications.conclusionWebhook
-
-  "vacation": {Rich end-of-run summary (if enabled separately).
-
-    "enabled": true,| Key | Default | Description |
-
-    "minDays": 3,|-----|---------|-------------|
-
-    "maxDays": 5| enabled | false | Enable run summary posting. |
-
-  }| url | "" | Webhook endpoint. |
-
-}
-
-```### notifications.ntfy
-
-Lightweight push notifications.
-
-Skips 3-5 random consecutive days per month.| Key | Default | Description |
-
-|-----|---------|-------------|
-
----| enabled | false | Enable NTFY push. |
-
-| url | "" | Base NTFY server URL (e.g. https://ntfy.sh). |
-
-## 🔧 Advanced Options| topic | rewards | Topic/channel name. |
-
-| authToken | "" | Bearer token if your server requires auth. |
-
-<details>
-
-<summary><strong>Click to expand all options</strong></summary>---
-
-## logging
-
-### Browser| Key | Type | Description |
-
-|-----|------|-------------|
-
-```jsonc| excludeFunc | string[] | Log buckets suppressed in console + any webhook usage. |
-
-{| webhookExcludeFunc | string[] | Buckets suppressed specifically for webhook output. |
-
-  "browser": {| redactEmails | boolean | If true, email addresses are partially masked in logs. |
-
-    "headless": false,| liveWebhookUrl | string | Optional override URL for live log streaming (falls back to `notifications.webhook.url`). |
-
-    "globalTimeout": "30s"
-
-  }_Removed fields_: `live.enabled`, `live.url`, `live.redactEmails` — replaced by `redactEmails` only.
-
-}
-
-```---
-
-## diagnostics
-
-### Workers (Tasks)Capture evidence when something fails.
-
-| Key | Default | Description |
-
-```jsonc|-----|---------|-------------|
-
-{| enabled | true | Master switch for diagnostics. |
-
-  "workers": {| saveScreenshot | true | Save screenshot on failure. |
-
-    "doDailySet": true,| saveHtml | true | Save HTML snapshot on failure. |
-
-    "doMorePromotions": true,| maxPerRun | 2 | Cap artifacts per run per failure type. |
-
-    "doPunchCards": true,| retentionDays | 7 | Old run artifacts pruned after this many days. |
-
-    "doDesktopSearch": true,
-
-    "doMobileSearch": true,---
-
-    "doDailyCheckIn": true,## jobState
-
-    "doReadToEarn": trueCheckpoint system to avoid duplicate work.
-
-  }| Key | Default | Description |
-
-}|-----|---------|-------------|
-
-```| enabled | true | Enable job state tracking. |
-
-| dir | "" | Custom directory (default: `<sessionPath>/job-state`). |
-
-### Search Behavior
+If you enable the scheduler (`schedule.enabled: true`), review these limits so the run does not surprise you by skipping on specific days.
 
 ---
 
-```jsonc## schedule
+## 4. Handling Updates Safely
 
-{Built-in scheduler (avoids external cron inside container or host).
+The `update` block defines how the post-run updater behaves:
 
-  "search": {| Key | Default | Description |
+- `git: true` keeps your checkout current by calling the bundled script.
+- Backups live under `.update-backup/` before merges apply.
+- Set `autoUpdateConfig` or `autoUpdateAccounts` to `false` if you prefer to keep local versions untouched (you will then need to merge new fields manually).
 
-    "useLocalQueries": false,|-----|---------|-------------|
-
-    "settings": {| enabled | false | Enable scheduling loop. |
-
-      "useGeoLocaleQueries": false,| useAmPm | false | If true, parse `time12`; else use `time24`. |
-
-      "scrollRandomResults": true,| time12 | 9:00 AM | 12‑hour format time (only if useAmPm=true). |
-
-      "clickRandomResults": true| time24 | 09:00 | 24‑hour format time (only if useAmPm=false). |
-
-    }| timeZone | America/New_York | IANA zone string (e.g. Europe/Paris). |
-
-  }| runImmediatelyOnStart | false | Run one pass instantly in addition to daily schedule. |
-
-}
-
-```_Legacy_: If both `time12` and `time24` are empty, a legacy `time` (HH:mm) may still be read.
-
-
-
-### Diagnostics---
-
-## update
-
-```jsoncAuto-update behavior after a run.
-
-{| Key | Default | Description |
-
-  "diagnostics": {|-----|---------|-------------|
-
-    "enabled": true,| git | true | Pull latest git changes after run. |
-
-    "saveScreenshot": true,| docker | false | Recreate container (if running in Docker orchestration). |
-
-    "saveHtml": true,| scriptPath | setup/update/update.mjs | Custom script executed for update flow. |
-
-    "maxPerRun": 2,
-
-    "retentionDays": 7---
-
-  }## Security / Best Practices
-
-}- Keep `redactEmails` true if you share logs publicly.
-
-```- Use a private NTFY instance or secure Discord webhooks (do not leak URLs).
-
-- Avoid setting `headless` false on untrusted remote servers.
-
-### Job State
+When running inside Docker, you can instead rely on `update.docker: true` so the container refresh is handled for you.
 
 ---
 
-```jsonc## Minimal Example
+## 5. Diagnostics, Logging, and Analytics
 
-{```jsonc
+Three sections determine observability:
 
-  "jobState": {{
-
-    "enabled": true,  "browser": { "headless": true },
-
-    "dir": ""  // Empty = use default location  "execution": { "parallel": false },
-
-  }  "workers": { "doDailySet": true, "doDesktopSearch": true, "doMobileSearch": true },
-
-}  "logging": { "redactEmails": true }
-
-```}
-
-```
-
-### Auto-Update
-
-## Common Tweaks
-
-```jsonc| Goal | Change |
-
-{|------|--------|
-
-  "update": {| Faster dev feedback | Set `browser.headless` to false and shorten search delays. |
-
-    "git": true,| Reduce detection risk | Keep humanization enabled, add vacation window. |
-
-    "docker": false,| Silent mode | Add more buckets to `excludeFunc`. |
-
-    "scriptPath": "setup/update/update.mjs"| Skip mobile searches | Set `workers.doMobileSearch=false`. |
-
-  }| Use daily schedule | Set `schedule.enabled=true` and adjust `time24` + `timeZone`. |
-
-}
-
-```---
-
-## NEW INTELLIGENT FEATURES
-
-</details>
-
-### riskManagement
-
----Dynamic risk assessment and ban prediction.
-
-
-
-## 🎛️ Intelligent Features (v2.2+)| Key | Type | Default | Description |
-
-|-----|------|---------|-------------|
-
-### Risk Management| enabled | boolean | true | Enable risk-aware throttling. |
-
-| autoAdjustDelays | boolean | true | Automatically increase delays when captchas/errors are detected. |
-
-```jsonc| stopOnCritical | boolean | false | Stop execution if risk score exceeds threshold. |
-
-{| banPrediction | boolean | true | Enable ML-style pattern analysis to predict ban risk. |
-
-  "riskManagement": {| riskThreshold | number | 75 | Risk score (0-100) above which bot pauses or alerts. |
-
-    "enabled": true,
-
-    "autoAdjustDelays": true,**How it works:** Monitors captchas, errors, timeouts, and account patterns. Dynamically adjusts delays (e.g., 1x → 2.5x) and warns you before bans happen.
-
-    "banPrediction": true,
-
-    "riskThreshold": 75---
-
-  }### analytics
-
-}Performance dashboard and metrics tracking.
-
-```
-
-| Key | Type | Default | Description |
-
-Dynamically adjusts delays when detecting captchas/errors.|-----|------|---------|-------------|
-
-| enabled | boolean | true | Track points earned, success rates, execution times. |
-
----| retentionDays | number | 30 | How long to keep analytics data. |
-
-| exportMarkdown | boolean | true | Generate human-readable markdown reports. |
-
-### Query Diversity| webhookSummary | boolean | false | Send analytics summary via webhook. |
-
-
-
-```jsonc**Output location:** `analytics/` folder (JSON files per account per day).
-
-{
-
-  "queryDiversity": {---
-
-    "enabled": true,### queryDiversity
-
-    "sources": ["google-trends", "reddit", "local-fallback"],Multi-source search query generation.
-
-    "maxQueriesPerSource": 10
-
-  }| Key | Type | Default | Description |
-
-}|-----|------|---------|-------------|
-
-```| enabled | boolean | true | Use diverse sources instead of just Google Trends. |
-
-| sources | array | `["google-trends", "reddit", "local-fallback"]` | Which sources to query (google-trends, reddit, news, wikipedia, local-fallback). |
-
-Uses multiple search sources to avoid patterns.| maxQueriesPerSource | number | 10 | Max queries to fetch per source. |
-
-| cacheMinutes | number | 30 | Cache duration to avoid hammering APIs. |
+- `logging`: adjust `excludeFunc` and `webhookExcludeFunc` if certain log buckets are too noisy. `redactEmails` should stay `true` in most setups.
+- `diagnostics`: captures screenshots/HTML when failures occur. Reduce `maxPerRun` or switch off entirely only if storage is constrained.
+- `analytics`: when enabled, daily metrics are persisted under `analytics/` and optional markdown summaries go to `reports/<date>/`. Disable if you do not want local history or webhook summaries.
 
 ---
 
-**Why?** Reduces patterns by mixing Reddit posts, news headlines, Wikipedia topics instead of predictable Google Trends.
+## 6. Advanced Tips
 
-### Analytics
+- **Risk management**: Leave `riskManagement.enabled` and `banPrediction` on unless you have a reason to reduce telemetry. Raising `riskThreshold` (>75) makes alerts rarer.
+- **Search pacing**: The delay window (`search.settings.delay.min` / `max`) accepts either numbers (ms) or strings like `"2min"`. Keep the range wide enough for natural behaviour.
+- **Dry run**: Set `dryRun: true` to test account rotation without performing tasks. Useful for validating login flow after configuration changes.
+- **Buy mode**: The config entry simply caps the session length. Use `npm start -- -buy [email]` to launch it.
 
 ---
 
-```jsonc### dryRun
+## 7. Validation & Troubleshooting
 
-{Test mode: simulate execution without actually running tasks.
-
-  "analytics": {
-
-    "enabled": true,| Key | Type | Default | Description |
-
-    "retentionDays": 30,|-----|------|---------|-------------|
-
-    "exportMarkdown": true| dryRun | boolean | false | When true, logs actions but doesn't execute (useful for testing config). |
-
-  }
-
-}**Use case:** Validate new config changes, estimate execution time, debug issues without touching accounts.
-
-```
+- The startup validator (`StartupValidator`) emits warnings/errors when config or accounts look suspicious. It never blocks execution but should be read carefully.
+- For syntax issues, run `npm run typecheck` or open the JSONC file in VS Code to surface parsing errors immediately.
+- Diagnostics are written to `reports/` (failures) and `analytics/` (metrics). Clean up periodically or adjust `diagnostics.retentionDays` and `analytics.retentionDays`.
 
 ---
 
-Tracks points earned, success rates, execution times.## Changelog Notes
+## 8. Reference
 
-- **v2.2.0**: Added risk-aware throttling, analytics dashboard, query diversity, ban prediction, dry-run mode.
+For complete field defaults and descriptions, open [`config-reference.md`](./config-reference.md). Additional topic-specific guides:
 
----- Removed live webhook streaming complexity; now simpler logging.
+- [`accounts.md`](./accounts.md)
+- [`schedule.md`](./schedule.md)
+- [`proxy.md`](./proxy.md)
+- [`humanization.md`](./humanization.md)
+- [`security.md`](./security.md)
 
-- Centralized redaction logic under `logging.redactEmails`.
-
-### Dry Run (Test Mode)
-
-If something feels undocumented or unclear, open a documentation issue or extend this page.
-
-```jsonc
-{
-  "dryRun": true
-}
-```
-
-**Or via CLI:**
-```bash
-npm start -- --dry-run
-```
-
-Simulates execution without actually running tasks.
-
----
-
-## 🛠️ Troubleshooting
-
-| Issue | Solution |
-|-------|----------|
-| **Config not loading** | Check JSON syntax (trailing commas OK in `.jsonc`) |
-| **Script ignoring config** | Verify file is `src/config.jsonc` |
-| **Errors after update** | Compare with example config |
-
----
-
-## 📚 Next Steps
-
-**Setup scheduler?**  
-→ **[Scheduler Guide](./schedule.md)**
-
-**Want notifications?**  
-→ **[Discord Webhooks](./conclusionwebhook.md)**
-
-**Need proxies?**  
-→ **[Proxy Guide](./proxy.md)**
-
----
-
-**[← Back to Hub](./index.md)** | **[Getting Started](./getting-started.md)**
+Happy tuning! 🎯
diff --git a/tests/mobileRetryTracker.test.js b/tests/mobileRetryTracker.test.js
deleted file mode 100644
index 934044e..0000000
--- a/tests/mobileRetryTracker.test.js
+++ /dev/null
@@ -1,28 +0,0 @@
-const test = require('node:test')
-const assert = require('node:assert/strict')
-
-const { MobileRetryTracker } = require('../dist/util/MobileRetryTracker.js')
-
-test('MobileRetryTracker stops retries after configured limit', () => {
-  const tracker = new MobileRetryTracker(2)
-
-  assert.equal(tracker.registerFailure(), true)
-  assert.equal(tracker.hasExceeded(), false)
-  assert.equal(tracker.getAttemptCount(), 1)
-
-  assert.equal(tracker.registerFailure(), true)
-  assert.equal(tracker.hasExceeded(), false)
-  assert.equal(tracker.getAttemptCount(), 2)
-
-  assert.equal(tracker.registerFailure(), false)
-  assert.equal(tracker.hasExceeded(), true)
-  assert.equal(tracker.getAttemptCount(), 3)
-})
-
-test('MobileRetryTracker normalizes invalid configuration', () => {
-  const tracker = new MobileRetryTracker(-3)
-
-  assert.equal(tracker.registerFailure(), false)
-  assert.equal(tracker.hasExceeded(), true)
-  assert.equal(tracker.getAttemptCount(), 1)
-})