feat: add proxy support for account creation and enhance logging for proxy usage

docs/account-creation.md

@@ -8,6 +8,18 @@ Creates new Microsoft accounts and prepares them for Rewards.
 2. Run `npm run creator` for prompts, or add `-y` plus a recovery email for faster setup.
 3. Let new accounts rest for a few weeks before earning points.
 
+### Use a proxy for creation (recommended)
+- One-off CLI flag: `npm run creator -- --proxy=http://user:pass@host:port -y you@example.com "<full referral url>"`
+- Or env var (keeps credentials out of shell history): `CREATOR_PROXY_URL=http://user:pass@host:port npm run creator -- -y you@example.com`
+- Each run now uses a unique session ID and does not persist fingerprints, so pair this with a residential/ISP proxy per account.
+
+### Anti-detection tips for fresh accounts
+- After creation, stay logged in for 2-3 minutes, browse Outlook/OneDrive/Bing manually, then sign out.
+- Do not run Rewards immediately; wait 48–72 hours, ideally 5–7 days, before first earn.
+- Use a recovery email you control and enable 2FA during creation.
+- Keep IP/region/timezone consistent between creation and the first Rewards run.
+- Space creations: at least 5–10 minutes between accounts; avoid bursts of many in one day.
+
 ## Example
 ```bash
 npm run creator -- -y backup@example.com

src/account-creation/cli.ts

@@ -1,10 +1,32 @@
 import Browser from '../browser/Browser'
 import { MicrosoftRewardsBot } from '../index'
+import type { AccountProxy } from '../interface/Account'
 import { log } from '../util/notifications/Logger'
 import { AccountCreator } from './AccountCreator'
 
 import * as readline from 'readline'
 
+function parseProxyArg(input?: string): AccountProxy | null {
+  if (!input) return null
+  try {
+    const candidate = input.match(/^[a-z]+:\/\//i) ? input : `http://${input}`
+    const parsed = new URL(candidate)
+    const url = `${parsed.protocol}//${parsed.hostname}`
+    const port = parsed.port ? Number(parsed.port) : parsed.protocol === 'https:' ? 443 : 80
+    return {
+      proxyAxios: true,
+      url,
+      port,
+      username: decodeURIComponent(parsed.username || ''),
+      password: decodeURIComponent(parsed.password || '')
+    }
+  } catch (error) {
+    const msg = error instanceof Error ? error.message : String(error)
+    log(false, 'CREATOR-CLI', `Invalid proxy provided: ${msg}`, 'warn', 'yellow')
+    return null
+  }
+}
+
 async function askForUrl(): Promise<string> {
   const rl = readline.createInterface({
     input: process.stdin,
@@ -25,6 +47,7 @@ async function main(): Promise<void> {
   let referralUrl: string | undefined
   let recoveryEmail: string | undefined
   let autoAccept = false
+  let proxyConfig: AccountProxy | null = parseProxyArg(process.env.CREATOR_PROXY_URL)
 
   // Parse arguments - ULTRA SIMPLE
   for (const arg of args) {
@@ -37,6 +60,8 @@ async function main(): Promise<void> {
     } else if (arg.includes('@')) {
       // Auto-detect email addresses
       recoveryEmail = arg
+    } else if (arg.startsWith('--proxy=')) {
+      proxyConfig = parseProxyArg(arg.substring('--proxy='.length))
     } else if (referralUrl && (arg.includes('=') || arg.startsWith('&'))) {
       // SMART FIX: Detect leftover URL fragments from CMD/PowerShell & splitting
       // When user forgets quotes, CMD splits at & and passes fragments as separate args
@@ -115,6 +140,12 @@ async function main(): Promise<void> {
     log(false, 'CREATOR-CLI', `✅ Recovery email: ${recoveryEmail}`, 'log', 'green')
   }
 
+  if (proxyConfig) {
+    log(false, 'CREATOR-CLI', `🔒 Using proxy: ${proxyConfig.url}:${proxyConfig.port}`, 'log', 'green')
+  } else {
+    log(false, 'CREATOR-CLI', '⚠️  No proxy provided for account creation; IP reuse increases ban risk. Pass --proxy=host:port or set CREATOR_PROXY_URL.', 'warn', 'yellow')
+  }
+
   if (autoAccept) {
     log(false, 'CREATOR-CLI', '⚡ Auto-accept mode ENABLED (-y flag detected)', 'log', 'green')
     log(false, 'CREATOR-CLI', '🤖 All prompts will be auto-accepted', 'log', 'cyan')
@@ -127,14 +158,16 @@ async function main(): Promise<void> {
 
   // Create a temporary bot instance to access browser creation
   const bot = new MicrosoftRewardsBot(false)
+  // Disable fingerprint persistence for creator to avoid reusing same fingerprint across many accounts
+  bot.config.saveFingerprint = { mobile: false, desktop: false }
+  bot.config.fingerprinting = { ...bot.config.fingerprinting, saveFingerprint: { mobile: false, desktop: false } }
   const browserFactory = new Browser(bot)
 
   try {
     // Create browser (non-headless for user interaction with CAPTCHA)
     log(false, 'CREATOR-CLI', 'Opening browser (required for CAPTCHA solving)...', 'log')
 
-    // Create empty proxy config (no proxy for account creation)
-    const emptyProxy = {
+    const effectiveProxy: AccountProxy = proxyConfig ?? {
       proxyAxios: false,
       url: '',
       port: 0,
@@ -142,7 +175,9 @@ async function main(): Promise<void> {
       username: ''
     }
 
-    const browserContext = await browserFactory.createBrowser(emptyProxy, 'account-creator')
+    // Use unique session id per creation to avoid fingerprint/cookie reuse between accounts
+    const sessionId = `account-creator-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 8)}`
+    const browserContext = await browserFactory.createBrowser(effectiveProxy, sessionId)
 
     log(false, 'CREATOR-CLI', '✅ Browser opened successfully', 'log', 'green')