feat: update documentation and improve error reporting features

README.md

@@ -2,40 +2,126 @@
 
 <p align="center">
 	<img src="assets/logo.png" alt="Microsoft Rewards Bot logo" width="180" />
-	<br />
-	<a href="https://discord.gg/k5uHkx9mne">Join the Discord</a> · <a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/stargazers">Star the project</a>
 </p>
 
-Automates Microsoft Rewards tasks so you collect points with minimal setup.
+<p align="center">
+	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/releases"><img src="https://img.shields.io/badge/version-3.5.0-blue?style=flat-square" alt="Version 3.5.0" /></a>
+	<a href="https://nodejs.org/"><img src="https://img.shields.io/badge/node-≥20-brightgreen?style=flat-square&logo=nodedotjs" alt="Node.js 20+" /></a>
+	<a href="https://www.typescriptlang.org/"><img src="https://img.shields.io/badge/TypeScript-strict-3178c6?style=flat-square&logo=typescript" alt="TypeScript" /></a>
+	<a href="https://discord.gg/k5uHkx9mne"><img src="https://img.shields.io/badge/Discord-Join-5865F2?style=flat-square&logo=discord&logoColor=white" alt="Discord" /></a>
+	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/stargazers"><img src="https://img.shields.io/github/stars/LightZirconite/Microsoft-Rewards-Bot?style=flat-square&color=gold" alt="Stars" /></a>
+</p>
 
-## Install
-- Install Node.js 20 or newer.
-- Clone this repository.
-- Run `npm install` inside the project folder.
+<p align="center">
+	<b>v3.5 Remaster</b> — The most advanced Microsoft Rewards automation tool.<br />
+	Human-like behavior · Anti-detection · Multi-account · Dashboard · Scheduling
+</p>
 
-## Setup
-- Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and add your accounts.
-- Adjust `src/config.jsonc` only if you want to change defaults.
-- (Optional) set `DISCORD_WEBHOOK_URL` for alerts.
+---
 
-## Run
-- `npm start` to build if needed and run once.
-- `npm run dashboard` to view the web dashboard.
-- `npm run dev` for local development mode.
-- `npm run creator` for account creation mode (see warning below).
-- `npm run docker:compose` to run in Docker.
+## ⚡ Quick Start
 
-## Modes
-- Default: runs daily tasks once, then stops.
-- Dashboard: serves a simple web panel to monitor runs.
-- Dev: runs from source with fast restarts for editing.
-- Account creation: creates new Microsoft accounts.
-- Docker: runs the bot in a container with built-in scheduling.
+```bash
+# 1. Clone the repository
+git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git
+cd Microsoft-Rewards-Bot
 
-## Account Creation Warning
-- New accounts can be flagged if they earn points immediately.
-- Let fresh accounts sit for a few weeks before using them.
-- Use account creation mode only if you accept this risk.
+# 2. Setup accounts
+cp src/accounts.example.jsonc src/accounts.jsonc
+# Edit src/accounts.jsonc with your Microsoft account(s)
+
+# 3. Run
+npm start
+```
+
+## Features
+
+| Feature | Description |
+|---------|-------------|
+| 🤖 **Full Automation** | Daily Set, More Promotions, Punch Cards, Read to Earn, Daily Check-in |
+| 🔍 **Smart Searches** | Desktop & Mobile with diverse query sources (Google Trends, Reddit) |
+| 🛡️ **Anti-Detection** | Advanced fingerprinting, humanized delays, natural mouse movements |
+| 📊 **Web Dashboard** | Real-time monitoring panel for all accounts |
+| ⏰ **Built-in Scheduler** | Run automatically at specified times with jitter |
+| 📱 **Multi-Account** | Process multiple accounts in parallel clusters |
+| 🐳 **Docker Ready** | Production-ready containerization |
+| 🔔 **Notifications** | Discord webhooks, NTFY push notifications |
+| 🛠️ **Account Creator** | Automated Microsoft account registration |
+| 💾 **Job State** | Resume-on-crash, skip completed accounts |
 
 ## Documentation
-Explore the **[full documentation](docs/index.md)** for detailed guides on setup, running modes, scheduling, and troubleshooting.
+
+📚 **[Full Documentation](docs/index.md)** — Setup guides, configuration, scheduling, troubleshooting.
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `npm start` | Build and run the bot |
+| `npm run dashboard` | Start web monitoring panel |
+| `npm run creator` | Account creation wizard |
+| `npm run dev` | Development mode with hot reload |
+| `npm run docker:compose` | Run in Docker container |
+
+## Account Creation Warning
+
+⚠️ New accounts may be flagged if they earn points immediately. Let fresh accounts age 2-4 weeks before using them.
+
+---
+
+## 🔥 Why Choose This Bot?
+
+This fork is the **most feature-complete and actively maintained** Microsoft Rewards automation tool. Here's how we compare to the original [TheNetsky/Microsoft-Rewards-Script](https://github.com/TheNetsky/Microsoft-Rewards-Script):
+
+| Feature | **This Bot (v3.5 Remaster)** | Original Script |
+|---------|:----------------------------:|:---------------:|
+| **Anti-Detection System** | ✅ Advanced (fingerprints, humanization, gestures) | ⚠️ Basic |
+| **Query Diversity Engine** | ✅ Multi-source (Google Trends, Reddit, News) | ❌ Google Trends only |
+| **Web Dashboard** | ✅ Real-time monitoring | ❌ None |
+| **Built-in Scheduler** | ✅ Internal scheduler with jitter | ❌ External cron only |
+| **Account Creator** | ✅ Full automation wizard | ❌ None |
+| **Job State Management** | ✅ Resume-on-crash, skip completed | ❌ None |
+| **Error Reporting** | ✅ Automatic (helps improve project) | ❌ None |
+| **Vacation Mode** | ✅ Natural usage patterns | ❌ None |
+| **Risk Management** | ✅ Adaptive delays, ban prediction | ❌ None |
+| **Documentation** | ✅ Comprehensive guides | ⚠️ Minimal (TODO) |
+| **NTFY Push Notifications** | ✅ Supported | ❌ None |
+| **Semantic Deduplication** | ✅ Smart query filtering | ❌ Basic dedup |
+| **Human Typing Simulation** | ✅ Variable speed, typos | ⚠️ Fixed delay |
+| **Compromised Mode Recovery** | ✅ Auto-handles security prompts | ❌ None |
+| **Multi-Pass Runs** | ✅ Configurable passes per run | ❌ Single pass |
+
+### Why the Remaster?
+
+The original script served as a solid foundation, but lacked the sophisticated anti-detection measures required for long-term reliability. This remaster addresses:
+
+1. **Detection Risk** — Microsoft actively monitors for bot behavior. Our advanced humanization (random delays, mouse gestures, scroll patterns) significantly reduces ban risk.
+
+2. **Reliability** — Job state management means crashed runs resume where they left off. No more re-running completed accounts.
+
+3. **Usability** — Web dashboard, comprehensive documentation, and built-in scheduling make this accessible to everyone—not just developers.
+
+4. **Maintenance** — Active development with regular updates, bug fixes, and community support via Discord.
+
+### Migration from Original Script
+
+Already using TheNetsky's script? Migration is simple:
+
+```bash
+# Your accounts.jsonc format is compatible!
+# Just copy your accounts file to src/accounts.jsonc
+```
+
+---
+
+## Disclaimer
+
+> ⚠️ **Use at your own risk.** Automation of Microsoft Rewards may lead to account suspension. This software is for educational purposes only. The authors are not responsible for any actions taken by Microsoft.
+
+---
+
+<p align="center">
+	<a href="https://discord.gg/k5uHkx9mne">Discord</a> · 
+	<a href="docs/index.md">Documentation</a> · 
+	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/issues">Report Bug</a>
+</p>

api/report-error.js

@@ -1,147 +0,0 @@
-const { randomUUID } = require('crypto')
-
-const MAX_BODY_SIZE = 10000
-const MAX_TEXT = 900
-const MAX_FIELD = 120
-const MAX_STACK_LINES = 8
-const AUTH_HEADER = 'x-error-report-token'
-
-function isPlainObject(value) {
-    return Boolean(value) && typeof value === 'object' && !Array.isArray(value)
-}
-
-function trimAndLimit(value, limit) {
-    if (typeof value !== 'string') {
-        return ''
-    }
-    const trimmed = value.trim()
-    return trimmed.length > limit ? `${trimmed.slice(0, limit)}…` : trimmed
-}
-
-function formatMetadata(metadata) {
-    if (!isPlainObject(metadata)) {
-        return 'Not provided'
-    }
-    const entries = Object.entries(metadata).filter(([key, val]) => typeof key === 'string' && (typeof val === 'string' || typeof val === 'number' || typeof val === 'boolean'))
-    if (entries.length === 0) {
-        return 'Not provided'
-    }
-    const limited = entries.slice(0, 6)
-    const lines = limited.map(([key, val]) => {
-        const valueText = trimAndLimit(String(val), MAX_FIELD)
-        return `${trimAndLimit(key, MAX_FIELD)}: ${valueText}`
-    })
-    return lines.join('\n')
-}
-
-async function readJsonBody(req) {
-    if (req.body) {
-        return req.body
-    }
-    let data = ''
-    for await (const chunk of req) {
-        data += chunk
-        if (data.length > MAX_BODY_SIZE) {
-            throw new Error('Payload too large')
-        }
-    }
-    if (!data) {
-        return {}
-    }
-    return JSON.parse(data)
-}
-
-module.exports = async function handler(req, res) {
-    res.setHeader('Content-Type', 'application/json')
-
-    if (req.method !== 'POST') {
-        res.setHeader('Allow', 'POST')
-        res.status(405).json({ error: 'Method not allowed' })
-        return
-    }
-
-    const webhookUrl = process.env.DISCORD_WEBHOOK_URL
-    const authToken = process.env.ERROR_REPORT_TOKEN
-
-    if (!webhookUrl) {
-        res.status(500).json({ error: 'Webhook not configured' })
-        return
-    }
-
-    if (!authToken) {
-        res.status(500).json({ error: 'Reporting token not configured' })
-        return
-    }
-
-    const providedHeader = req.headers?.[AUTH_HEADER]
-    const providedToken = Array.isArray(providedHeader) ? providedHeader[0] : providedHeader
-
-    if (!providedToken || providedToken !== authToken) {
-        res.status(401).json({ error: 'Unauthorized' })
-        return
-    }
-
-    let body
-    try {
-        body = await readJsonBody(req)
-    } catch (error) {
-        res.status(400).json({ error: 'Invalid JSON body' })
-        return
-    }
-
-    const errorText = trimAndLimit(body.error, MAX_TEXT)
-    if (!errorText) {
-        res.status(400).json({ error: 'Field \'error\' is required' })
-        return
-    }
-
-    const summary = trimAndLimit(body.summary || body.message || '', 140)
-    const errorType = trimAndLimit(body.type || 'unspecified', 80)
-    const environment = trimAndLimit((body.environment && (body.environment.name || body.environment)) || process.env.VERCEL_ENV || process.env.NODE_ENV || 'unspecified', 80)
-    const metadata = formatMetadata(body.metadata)
-    const stackSnippet = Array.isArray(body.stack)
-        ? body.stack.slice(0, MAX_STACK_LINES).join('\n')
-        : trimAndLimit(typeof body.stack === 'string' ? body.stack.split('\n').slice(0, MAX_STACK_LINES).join('\n') : '', MAX_TEXT)
-    const requestId = randomUUID()
-
-    const embed = {
-        title: 'Error Report',
-        description: summary || 'Automated error report received',
-        color: 0xef4444,
-        fields: [
-            { name: 'Error', value: errorText, inline: false },
-            { name: 'Type', value: errorType, inline: true },
-            { name: 'Environment', value: environment, inline: true },
-            { name: 'Request ID', value: requestId, inline: true }
-        ],
-        footer: { text: 'Microsoft Rewards Bot' },
-        timestamp: new Date().toISOString()
-    }
-
-    if (metadata && metadata !== 'Not provided') {
-        embed.fields.push({ name: 'Metadata', value: metadata, inline: false })
-    }
-
-    if (stackSnippet) {
-        embed.fields.push({ name: 'Stack (truncated)', value: stackSnippet })
-    }
-
-    const payload = { embeds: [embed] }
-
-    try {
-        const response = await fetch(webhookUrl, {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify(payload)
-        })
-
-        if (!response.ok) {
-            res.status(502).json({ error: 'Failed to deliver report' })
-            return
-        }
-
-        res.status(200).json({ status: 'reported' })
-    } catch (error) {
-        res.status(502).json({ error: 'Failed to deliver report' })
-    }
-}

docs/error-reporting.md

@@ -1,20 +1,38 @@
-# Error Reporting API
+# Error Reporting
 
 ## What it does
-Accepts structured error reports and forwards them to Discord in a clean format. Submissions require a shared secret header so random users cannot spam your webhook.
+Automatically sends anonymized error reports to help improve the project. When enabled, the bot reports genuine bugs (not user configuration errors) to a central Discord webhook.
 
-## How to use
-- Set `DISCORD_WEBHOOK_URL` and `ERROR_REPORT_TOKEN` in your environment (e.g., Vercel project settings → Environment Variables).
-- Send a POST request to `/api/report-error` with header `x-error-report-token: <your token>` and JSON that includes at least `error`.
-- Optional fields: `summary`, `type`, `metadata` (object), `environment` (string or object with `name`).
+## Privacy
+- **No sensitive data is sent:** Emails, passwords, tokens, and file paths are automatically redacted.
+- **Only genuine bugs are reported:** User configuration errors (wrong password, missing files) are filtered out.
+- **Completely optional:** Disable in config.jsonc if you prefer not to participate.
 
-## Example
-```bash
-curl -X POST https://your-deployment.vercel.app/api/report-error \
-  -H "Content-Type: application/json" \
-  -H "x-error-report-token: YOUR_TOKEN" \
-  -d '{"error":"Search job failed","type":"search","metadata":{"account":"user@contoso.com"}}'
+## How to configure
+In src/config.jsonc:
+
+```jsonc
+{
+  "errorReporting": {
+    "enabled": true  // Set to false to disable
+  }
+}
 ```
 
+## What gets reported
+- Error message (sanitized)
+- Stack trace (truncated, paths removed)
+- Bot version
+- OS platform and architecture
+- Node.js version
+- Timestamp
+
+## What is filtered out
+- Login failures (your credentials are never sent)
+- Account suspensions/bans
+- Configuration errors (missing files, invalid settings)
+- Network timeouts
+- Expected errors (daily limit reached, activity not available)
+
 ---
-**[← Back to Documentation](index.md)**
+**[Back to Documentation](index.md)**

docs/index.md

@@ -1,16 +1,37 @@
 # Microsoft Rewards Bot Docs
 
-This folder contains short, task-focused guides. Pick what you need and keep runs simple.
+Welcome to the **v3.5 Remaster** documentation. These guides cover everything from first-time setup to advanced configuration.
 
-- **[Setup](setup.md)** — prerequisites and preparing account files.
-- **[Running](running.md)** — commands to start the bot.
-- **[Modes](modes.md)** — what each mode does and when to use it.
-- **[Configuration](configuration.md)** — adjust the core settings file.
-- **[Account Creation](account-creation.md)** — create new accounts safely.
-- **[Dashboard](dashboard.md)** — view progress in the web panel.
-- **[Scheduling](scheduling.md)** — automate runs on a schedule.
-- **[Notifications](notifications.md)** — send alerts to Discord or other webhooks.
-- **[Error Reporting](error-reporting.md)** — send structured error reports to Discord.
-- **[Docker](docker.md)** — run the bot in a container.
-- **[Update](update.md)** — keep the project up to date.
-- **[Troubleshooting](troubleshooting.md)** — quick fixes for common issues.
+## Getting Started
+- **[Setup](setup.md)** — Install prerequisites and configure your accounts.
+- **[Running](running.md)** — Commands to start the bot.
+- **[Modes](modes.md)** — Understand the different running modes.
+
+## Configuration
+- **[Configuration](configuration.md)** — Adjust bot behavior via `config.jsonc`.
+- **[Scheduling](scheduling.md)** — Automate daily runs with built-in scheduler.
+- **[Notifications](notifications.md)** — Discord webhooks and NTFY push alerts.
+
+## Features
+- **[Dashboard](dashboard.md)** — Real-time web monitoring panel.
+- **[Account Creation](account-creation.md)** — Create new Microsoft accounts (use with caution).
+- **[Error Reporting](error-reporting.md)** — Automatic anonymized bug reports.
+
+## Deployment
+- **[Docker](docker.md)** — Run the bot in a container with scheduling.
+- **[Update](update.md)** — Keep the project up to date.
+
+## Help
+- **[Troubleshooting](troubleshooting.md)** — Quick fixes for common issues.
+
+---
+
+## Quick Reference
+
+| Command | Description |
+|---------|-------------|
+| `npm start` | Build and run the bot |
+| `npm run dashboard` | Start web monitoring panel |
+| `npm run creator` | Account creation wizard |
+| `npm run dev` | Development mode |
+| `npm run docker:compose` | Run in Docker |

docs/setup.md

@@ -1,25 +1,85 @@
 # Setup
 
-Get the bot ready before running it.
+Get the bot ready before your first run.
 
-## What it does
-Creates a safe baseline so your accounts and config are ready.
+## Prerequisites
+- **Node.js 20 or newer** - [Download here](https://nodejs.org/)
+- **Git** (optional) - For cloning the repository
 
-## How to use
-1. Install Node.js 20 or newer.
-2. Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and fill in your accounts.
-3. Review `src/config.jsonc`; defaults work for most people.
-4. (Optional) set `DISCORD_WEBHOOK_URL` in your environment for alerts.
+## Installation
+
+```bash
+# Clone the repository
+git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git
+cd Microsoft-Rewards-Bot
+
+# Install dependencies (happens automatically on first run)
+npm install
+```
+
+## Account Configuration
+
+1. Copy the example file:
+   ```bash
+   cp src/accounts.example.jsonc src/accounts.jsonc
+   ```
+
+2. Edit src/accounts.jsonc with your Microsoft account(s):
 
-## Example
 ```jsonc
 [
   {
-    "email": "you@example.com",
+    "email": "your-email@outlook.com",
     "password": "your-password"
+  },
+  {
+    "email": "second-account@outlook.com",
+    "password": "another-password",
+    "totp": "YOUR_2FA_SECRET"  // Optional: for accounts with 2FA
   }
 ]
 ```
 
+## Optional: 2FA Support
+If your account has two-factor authentication enabled, add the TOTP secret:
+- Extract the secret from your authenticator app setup QR code
+- Add it as the totp field in your account entry
+
+## Optional: Proxy Support
+For accounts that need a proxy:
+```jsonc
+{
+  "email": "account@outlook.com",
+  "password": "password",
+  "proxy": "http://user:pass@proxy.example.com:8080"
+}
+```
+
+## Optional: Discord Notifications
+Set up Discord webhook alerts:
+```bash
+# Windows
+set DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/...
+
+# Linux/Mac
+export DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/...
+```
+
+Or configure in src/config.jsonc:
+```jsonc
+{
+  "webhook": {
+    "enabled": true,
+    "url": "https://discord.com/api/webhooks/..."
+  }
+}
+```
+
+## Verify Setup
+Run the bot once to verify everything works:
+```bash
+npm start
+```
+
 ---
-**[← Back to Documentation](index.md)**
+**[Back to Documentation](index.md)**

package.json

@@ -1,6 +1,6 @@
 {
   "name": "microsoft-rewards-bot",
-  "version": "3.0.0",
+  "version": "3.5.0",
   "description": "Automate Microsoft Rewards points collection",
   "private": true,
   "main": "index.js",

src/util/notifications/ErrorReportingWebhook.ts

@@ -116,7 +116,8 @@ function shouldReportError(errorMessage: string): boolean {
 }
 
 // Hardcoded webhook URL for error reporting (obfuscated)
-const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQzNzExMTk2MjM5NDY4OTYyOS90bHZHS1phSDktckppcjR0blpLU1pwUkhTM1liZU40dlpudUN2NTBrNU1wQURZUlBuSG5aNk15YkFsZ0Y1UUZvNktIXw=='
+// This webhook receives anonymized error reports to help improve the project
+const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQ1MDU3NDQ4OTgwNDA4MzIzNC9SVGFQYXluNktVSUQtb2o2NVVQWHVrb2tpRXY1blJsdlJHc2R4MGZfVVZRMkJlN0hlOXc1bWxQb3lRQUV4OHlkc3Q4cA=='
 
 /**
  * Send error report to Discord webhook for community contribution