> ## Documentation Index
> Fetch the complete documentation index at: https://docs.botifymanager.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# architecture

> How Botify uses MongoDB Atlas for cloud storage, command routing, and multi-node coordination.

Botify uses **MongoDB Atlas** as its cloud backend for account storage, remote commands, logging, and multi-node coordination. The connection uses built-in credentials embedded in the application — no user configuration required.

***

## Collections Overview

| Collection                   | Purpose                                                                            |
| ---------------------------- | ---------------------------------------------------------------------------------- |
| `botify_nodes`               | PC registration, 30-second heartbeats, online/offline status, active accounts list |
| `botify_cookies`             | `.ROBLOSECURITY` cookies scoped per-user + per-PC (unique index)                   |
| `botify_commands`            | Remote command queue — polled by each node every few seconds                       |
| `botify_logs`                | Cloud log storage scoped per PC name and owner ID                                  |
| `botify_licenses`            | License keys with plan types (`standard` / `enterprise`) and HWID bindings         |
| `botify_command_history`     | Audit trail for all executed remote commands                                       |
| `botify_enterprise_clusters` | Enterprise Cluster node registration and deployment tracking                       |
| `botify_screenshots`         | Remote screenshot storage as Base64-encoded PNG                                    |
| `updates`                    | Auto-update version manifest records                                               |
| `update_history`             | Full history of all published updates                                              |

***

## Collection Details

### botify\_nodes

Registers each PC running Botify and tracks live status.

* Document created or updated on every app launch
* **Heartbeat:** `last_seen` field updated every **30 seconds**
* Nodes missing heartbeats for 90+ seconds are marked `offline`

| Field             | Description                                      |
| ----------------- | ------------------------------------------------ |
| `pc_name`         | Machine label from Settings                      |
| `owner_id`        | Discord User ID of the account owner             |
| `status`          | `online` or `offline`                            |
| `active_accounts` | List of currently running bot usernames          |
| `command_token`   | 32-byte random hex token for remote command auth |
| `last_seen`       | Timestamp of most recent heartbeat               |

***

### botify\_cookies

Stores all `.ROBLOSECURITY` cookies with per-user and per-PC scoping.

* **Unique index:** `(owner_id, pc_name, username)` — prevents cross-user cookie leakage
* Fields include: cookie value, username, age timestamp, validation status

***

### botify\_commands

The remote command queue. Botify polls this collection every few seconds for commands addressed to its node.

* Each command must include a valid `auth_token` matching the node's `command_token`
* Optionally verified against `owner_id`
* Executed commands are moved to `botify_command_history`

***

### botify\_licenses

Stores license key records for legacy key activation.

| Field    | Description                           |
| -------- | ------------------------------------- |
| `key`    | The license key string                |
| `plan`   | `standard` or `enterprise`            |
| `hwid`   | Hardware ID bound on first activation |
| `expiry` | Expiration date (if applicable)       |

***

### botify\_enterprise\_clusters

Tracks PCs registered under Enterprise Cluster deployments.

| Field         | Description                               |
| ------------- | ----------------------------------------- |
| `cluster_id`  | Unique identifier for the cluster         |
| `server_code` | ERLC private server code for this cluster |
| `nodes`       | List of PC names in this cluster          |
| `status`      | Deployment status                         |

***

## Data Flow Diagram

```text theme={null}
Botify App (your PC)
    │
    ├── Heartbeat every 30s ──────────► botify_nodes
    ├── Account CRUD ─────────────────► botify_cookies
    ├── Log writes ───────────────────► botify_logs
    ├── Polls for commands ◄──────────── botify_commands
    ├── Command results ──────────────► botify_command_history
    └── Screenshot uploads ───────────► botify_screenshots
```

***

## Security Model

| Layer                    | Implementation                                                                      |
| ------------------------ | ----------------------------------------------------------------------------------- |
| **Database Credentials** | Embedded in the Botify binary — users never configure this                          |
| **Command Auth**         | Per-node 32-byte random `command_token` — commands without it are silently rejected |
| **Cookie Scoping**       | `owner_id + pc_name` unique index — nodes cannot read other users' cookies          |
| **Local Encryption**     | Optional DPAPI encryption for `account_store.json`                                  |
| **Discord OAuth**        | Guild role verification (`"Client"` role required) on every login                   |
