# Architecture Draft

## Product Model

- Free plan:
- Includes full chat widget.
- Includes "Powered by Canvas Live Chat" branding.
- Single site usage, basic history.
- Pro plans (`pro`, `agency`):
- Remove branding.
- Extra features (multi-agent inbox, advanced automation, analytics, priority support).

## Components

1. WordPress Plugin (this folder)
- Handles install, UI embed, shortcode, WP admin page, and REST adapter.
- Stores local conversation cache/tables.

2. Chat Runtime Widget (`assets/js/widget.js`)
- Launcher + panel UI.
- Sends start/message/sync requests.
- Shows branding unless plan allows removal.

3. API Layer (`includes/class-clc-rest.php`)
- `/start`: create conversation.
- `/message`: append messages.
- `/sync`: poll updates.

4. Subscription Gate (`includes/class-clc-subscription.php`)
- Reads active plan.
- Controls Pro-only features at runtime.

## Target Next Architecture (SaaS + Plugin)

1. Keep plugin light:
- Site onboarding.
- Embed token provisioning.
- Admin settings.

2. Move chat intelligence to hosted backend:
- Multi-tenant conversation storage.
- AI orchestration.
- Human handoff.
- Billing webhooks.

3. Universal widget for any website:
- `<script src=".../widget.js" data-site-key="..."></script>`
- Works for WordPress and non-WordPress.

## Security Baseline

- Add signed site keys for public widget.
- Add nonce/rate limits for public endpoints.
- Verify origin/domain against registered tenant.