# Developer Notes

### Goal

This file explains architecture and safe extension patterns for maintainers.

It intentionally excludes exploit-sensitive internal identifiers.

### Data Model

Main SQL tables:

* `economy_snapshots`: one row per snapshot.
* `economy_player_stats`: per-player values for each snapshot.
* `tax_settings`: persistent tax scheduler state.

### Extension Guidelines

* Prefer adding new server-side modules over modifying many unrelated sections.
* Keep permission checks near every privileged action.
* Add explicit clamps for any user-provided numeric values.
* Preserve framework compatibility (`esx`, `qb`, `qbox`) when touching money logic.

### Performance Notes

* Snapshot operations can be expensive on large player tables.
* Use cooldowns and retention limits to control load and table growth.
* Avoid repeated full-table scans in new features; cache where reasonable.

### Safe Integration Pattern

When another resource needs integration:

1. Add a dedicated server-only API surface.
2. Check caller authorization server-side.
3. Validate and clamp all payload values.
4. Return minimal data required by the caller.
5. Document the integration contract privately for trusted developers.

### Suggested Maintenance Checklist

* Verify DB mappings after framework/database updates.
* Re-test money edit behavior after framework updates.
* Re-check tax rates and thresholds for current economy size.
* Review access lists and remove stale identifiers.