docs: plan v2.0 features — multi-chain, mesh, mobile, AI, plugins (MAINT-05)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/roadmap-v2.0.md

@@ -0,0 +1,131 @@
+# Archipelago v2.0 Roadmap
+
+**Planned Release**: Q4 2029 (December)
+**Codename**: Pangea
+**Based on**: v1.0 production experience, v1.1 community feedback, ecosystem trends
+
+---
+
+## Vision
+
+Archipelago v2.0 transforms from a single-node Bitcoin OS into a **multi-chain, multi-node personal cloud platform** — while keeping the same self-sovereign, flash-and-run simplicity.
+
+---
+
+## Major Features
+
+### 1. Multi-Chain Support
+
+**Goal**: Run nodes for multiple cryptocurrency networks alongside Bitcoin.
+
+- **Monero node** — Full Monero daemon with wallet RPC, Tor-only mode
+- **Ethereum L2 nodes** — Arbitrum, Optimism, Base light clients for DeFi access
+- **Liquid sidechain** — Blockstream Liquid for confidential Bitcoin transactions
+- **Cross-chain atomic swaps** — Built-in swap UI between BTC, XMR, and L2 tokens
+- **Unified wallet dashboard** — Single view of all chain balances and transactions
+
+**Architecture**: Each chain runs in its own isolated container with chain-specific AppArmor profiles. No shared state between chains. Cross-chain operations use atomic swap protocols, never custodial bridges.
+
+### 2. Multi-Node Mesh Networking
+
+**Goal**: Scale beyond bilateral federation to N-node mesh clusters.
+
+- **Mesh discovery** — Automatic peer discovery via Nostr relays and mDNS on LAN
+- **Consensus layer** — Raft-based consensus for shared state across mesh nodes
+- **Distributed storage** — Replicate critical data (DID documents, credentials, backups) across mesh
+- **Load balancing** — Route requests to the healthiest node in the mesh
+- **Split-brain protection** — Graceful degradation when mesh partitions
+- **Mesh dashboard** — Visual topology map with real-time health, latency, and sync status
+
+**Architecture**: Each node remains independently operational. Mesh is opt-in and additive — removing a node from the mesh doesn't break it. State sync uses CRDTs for eventual consistency.
+
+### 3. Enterprise Clustering
+
+**Goal**: Support small business and family deployments (3-10 nodes).
+
+- **Role-based access** — Admin, operator, viewer roles per node and per app
+- **Centralized management console** — Manage all cluster nodes from one UI
+- **Shared app instances** — Run a single Nextcloud/Vaultwarden instance shared across cluster
+- **Backup federation** — Automatic cross-node encrypted backups
+- **Usage analytics** — Aggregate resource usage and cost allocation across cluster
+
+### 4. Mobile Companion App
+
+**Goal**: Monitor and manage your node from your phone.
+
+- **iOS and Android** — Native apps using React Native or Flutter
+- **Push notifications** — Node health alerts, app updates, federation events
+- **Remote access** — Secure tunnel via Tor or Tailscale (no port forwarding needed)
+- **Quick actions** — Start/stop apps, view logs, check Bitcoin sync status
+- **Biometric auth** — Face ID / fingerprint with hardware-backed key storage
+- **Offline mode** — Cache last-known state for viewing when disconnected
+
+**Architecture**: Mobile app communicates via the existing JSON-RPC API over Tor hidden services or Tailscale tunnel. No cloud relay — direct node-to-phone connection.
+
+### 5. AI-Assisted Node Management
+
+**Goal**: Make node operation effortless for non-technical users.
+
+- **Anomaly detection** — ML model trained on node metrics to detect unusual patterns (disk filling, memory leak, network anomaly) and alert before failure
+- **Auto-tuning** — Automatically adjust container resource limits based on observed usage patterns
+- **Natural language control** — "What's my Bitcoin sync status?" / "Restart Nextcloud" / "Show me my DID" via the existing AIUI chat interface
+- **Predictive maintenance** — Estimate time-to-full for disk, suggest pruning or archival
+- **Security assistant** — Flag suspicious container behavior, unusual network traffic patterns
+
+**Architecture**: All AI processing runs locally on the node (Ollama). No data leaves the device. Models are small (1-3B parameters) optimized for system administration tasks.
+
+### 6. Plugin System
+
+**Goal**: Allow third-party extensions without full app manifests.
+
+- **Plugin API** — JavaScript/TypeScript plugins that hook into node events (app start/stop, health change, federation events)
+- **UI extensions** — Plugins can add dashboard widgets, settings panels, and notification handlers
+- **Webhook integrations** — Forward node events to external services (Telegram, Discord, email)
+- **Plugin marketplace** — Curated plugins with the same security review process as apps
+- **Sandboxed execution** — Plugins run in Deno isolates with explicit permission grants
+
+---
+
+## Technical Debt Resolution
+
+- **TECH-01**: Migrate secrets encryption to TPM-backed or password-derived keys (fixes CRIT-01 from security audits)
+- **TECH-02**: Per-install random credentials for all container services (fixes CRIT-02)
+- **TECH-03**: Tighten CSP — remove `unsafe-inline`/`unsafe-eval`, implement nonce-based script loading
+- **TECH-04**: Add HSTS and HTTP→HTTPS redirect
+- **TECH-05**: Trusted proxy validation for rate limiter IP extraction
+- **TECH-06**: Full migration to Tailwind CSS v4
+- **TECH-07**: Upgrade to Vue Router 5 and Vitest 4
+- **TECH-08**: Implement integration test suite for backup/restore cycle
+
+---
+
+## Timeline
+
+| Quarter | Focus | Deliverables |
+|---------|-------|-------------|
+| Q1 2029 | v1.1 release + v2.0 planning | v1.1 shipped, architecture design docs for v2.0 |
+| Q2 2029 | Multi-chain + mesh foundations | Monero node, mesh discovery, CRDT state sync |
+| Q3 2029 | Mobile app + AI + plugins | Companion app MVP, anomaly detection, plugin API |
+| Q4 2029 | Enterprise + polish + release | Clustering, security debt, v2.0-beta |
+| Q1 2030 | v2.0 GA | Production release after 60-day soak test |
+
+---
+
+## Non-Goals for v2.0
+
+- Mining support (high power, specialized hardware, not aligned with self-sovereign ethos)
+- Cloud hosting mode (Archipelago runs on hardware you control, period)
+- Cryptocurrency exchange features (not a trading platform)
+- Social media features beyond Nostr relay (stay focused on infrastructure)
+
+---
+
+## Success Metrics
+
+- Support 3+ cryptocurrency networks
+- Mesh clusters of 3-10 nodes operational
+- Mobile app on both app stores
+- AI assistant handles 80% of routine maintenance questions
+- Zero critical security findings in annual audit
+- 50+ apps in marketplace
+- Community plugin ecosystem with 10+ published plugins

loop/plan.md

@@ -434,7 +434,7 @@
 
 - [x] **MAINT-04** — Community app reviews. Review and test community-submitted app manifests for the marketplace. Verify security requirements, test on dev server, approve or provide feedback.
 
-- [ ] **MAINT-05** — Plan v2.0 features. Based on a full year of v1.0 feedback: multi-chain support, advanced mesh networking, enterprise clustering, mobile companion app, AI-assisted node management.
+- [x] **MAINT-05** — Plan v2.0 features. Based on a full year of v1.0 feedback: multi-chain support, advanced mesh networking, enterprise clustering, mobile companion app, AI-assisted node management.
 
 ---