# Security

## 🛡️ Security

ELENASHOP includes multiple layers of security to prevent exploits.

***

### Security Features

| Feature                      | Description                                    |
| ---------------------------- | ---------------------------------------------- |
| Server-side price validation | Prices are verified on server not client       |
| Distance check               | Player must be within 10m of store             |
| Rate limiting                | 2 second cooldown between purchases            |
| Input validation             | Quantity, item names, payment method validated |
| Cart limit                   | Maximum items and quantity enforced            |
| Stock check                  | Server verifies stock availability             |
| Inventory space check        | Checks if player can carry items               |
| Exploit logging              | Suspicious activity logged to Discord          |
| Player cleanup               | Cooldown data cleared on disconnect            |

***

### Configuration

\-- Cooldown between purchases (seconds) Config.PurchaseCooldown = 2

\-- Maximum purchase distance from store Config.MaxPurchaseDistance = 10.0

\-- Enable all anti-exploit checks Config.AntiExploit = true

***

### How It Works

1. Player clicks Buy
2. Client sends purchase request to server
3. Server checks:
   * Is player near the store? (distance)
   * Is cooldown expired? (rate limit)
   * Does item exist in store? (validation)
   * Is price correct? (server-side price)
   * Does player have enough money? (balance)
   * Is stock available? (stock check)
   * Can player carry items? (inventory)
   * All passed? Process purchase
4. If any check fails then Reject + Log

Client-sent prices are NEVER trusted. The server always uses prices from config.lua.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://elena-scripts.gitbook.io/elenascripts/economy/shop/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.