.planning/PROJECT.md

@@ -27,14 +27,18 @@ Secrets never enter the Claude Code environment. If a secret is accessible insid
 
 ### Active
 
-(No active requirements — start next milestone with `/gsd-new-milestone`)
+- [ ] Host `~/.claude` auth files mounted read-only for subscription passthrough
+- [ ] Per-project instance directories (`~/.claudebox/instances/<hash>/.claude/`) — conversation history scoped per project
+- [ ] Named profiles (`--profile foo` / `CLAUDEBOX_PROFILE=foo`) defining env vars, mounts, packages, network tier
+- [ ] Profile storage at `~/.claudebox/profiles/`
+- [ ] Nix devshell/package injection per profile
+- [ ] Tiered network isolation: full, internet-only (unshare-net + slirp4netns), none (offline)
 
 ### Out of Scope
 
-- Network isolation — trusting Claude Code's built-in proxy for domain allowlisting
 - NixOS module form — this is a wrapper script derivation, not a services/programs module
-- Configurable per-project profiles — v1 is one tool set, profiles come later
 - Shareability — personal tool first, not designed for others yet
+- Domain-level network allowlists — tiered isolation (full/internet-only/none) is sufficient for now
 
 ## Context
 
@@ -62,5 +66,33 @@ Non-NixOS support added via conditional `/etc/static` mount.
 | Claude Code via nix-claude-code flake | ryoppippi/nix-claude-code, not host PATH | ✓ Good |
 | SANDBOX.md as separate file with @import | Keeps user CLAUDE.md clean, sandbox instructions always fresh | ✓ Good |
 
+## Current Milestone: v2.0 Network Isolation & Profiles
+
+**Goal:** Add tiered network isolation, per-project instance isolation, named profiles, and host auth passthrough.
+
+**Target features:**
+- Host auth passthrough (read-only mount of auth files from `~/.claude`)
+- Per-project instance isolation (conversation history scoped per project automatically)
+- Named profiles with env vars, mounts, packages, and network tier
+- Nix devshell injection per profile
+- Tiered network: full, internet-only (no LAN/Tailscale), none (offline)
+
+## Evolution
+
+This document evolves at phase transitions and milestone boundaries.
+
+**After each phase transition** (via `/gsd-transition`):
+1. Requirements invalidated? → Move to Out of Scope with reason
+2. Requirements validated? → Move to Validated with phase reference
+3. New requirements emerged? → Add to Active
+4. Decisions to log? → Add to Key Decisions
+5. "What This Is" still accurate? → Update if drifted
+
+**After each milestone** (via `/gsd-complete-milestone`):
+1. Full review of all sections
+2. Core Value check — still the right priority?
+3. Audit Out of Scope — reasons still valid?
+4. Update Context with current state
+
 ---
-*Last updated: 2026-04-10 after v1.0 milestone*
+*Last updated: 2026-04-10 after v2.0 milestone started*

.planning/STATE.md

@@ -1,17 +1,17 @@
 ---
 gsd_state_version: 1.0
-milestone: v1.0
+milestone: v2.0
-milestone_name: MVP
+milestone_name: Network Isolation & Profiles
-status: complete
+status: active
-stopped_at: Milestone v1.0 complete
+stopped_at: null
 last_updated: "2026-04-10"
-last_activity: 2026-04-10 - Completed v1.0 milestone
+last_activity: 2026-04-10 - Milestone v2.0 started
 progress:
-  total_phases: 3
+  total_phases: 0
-  completed_phases: 3
+  completed_phases: 0
-  total_plans: 5
+  total_plans: 0
-  completed_plans: 5
+  completed_plans: 0
-  percent: 100
+  percent: 0
 ---
 
 # Project State
@@ -21,12 +21,14 @@ progress:
 See: .planning/PROJECT.md (updated 2026-04-10)
 
 **Core value:** Secrets never enter the Claude Code environment
-**Current focus:** Planning next milestone
+**Current focus:** Defining requirements for v2.0
 
 ## Current Position
 
-Milestone: v1.0 MVP — SHIPPED 2026-04-10
+Phase: Not started (defining requirements)
-All 3 phases complete, 5 plans executed.
+Plan: —
+Status: Defining requirements
+Last activity: 2026-04-10 — Milestone v2.0 started
 
 ## Accumulated Context