docs(naming): adopt OS / Enhanced product-line framing + align with existing repos

Two product lines, named to make scope obvious to buyers:
- 🔒 SilverMetal OS — we ship the operating system or ROM
  (Linux, Pixel, Samsung-unlocked, Motorola-unlocked)
- 🛡️ SilverMetal Enhanced — we harden the OS the device already runs
  (Windows, macOS, iOS, generic Android)

Repo alignment:
- SilverVPN already exists as a SilverLABS product (server + MAUI client +
  Linux client + tunnel service). stack/vpn/ is now an integration pointer
  rather than a re-scaffold; per-platform READMEs reference it.
- SilverApple is deprecated; SilverMetal Enhanced — iOS supersedes it.
  Migration step added as roadmap milestone 3I.1.
- SilverDROID name clash explicitly noted as unrelated (it's the SilverSHELL
  AppStore Android client, not an Android ROM).
- SilverChat may overlap with SilverVPN.Client.Chat; alignment decision
  added as roadmap milestone 1.1.1.

Roadmap restructured: phases now track the OS/Enhanced split.
Platform matrix re-sectioned and decision flowchart updated.
README rewritten around the two-product-line framing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

stack/vpn/README.md

@@ -1,40 +1,60 @@
-# SilverVPN
+# SilverVPN — Integration Pointer
 
-**Status**: v1 (Linux MVP) — planning
+> **The SilverVPN component already exists as a separate, in-production SilverLABS product.**
+> This directory does not re-implement it; it tracks the integration of the existing SilverVPN into SilverMetal OS images and Enhanced packages.
 
-Always-on VPN with no logs, run on SilverLABS infrastructure. Mullvad-style account-number signup (no email, no name).
+## Where SilverVPN lives
 
-## v1 approach
+[`SilverLABS/SilverVPN`](https://git.silverlabs.uk/SilverLABS/SilverVPN) — local checkout typically at `../SilverVPN/`.
 
-- **Protocol**: WireGuard. Period. (Battle-tested, tiny attack surface, performant.)
-- **Account**: random 16-digit account number; no email, no PII
-- **Payment**: separate channel (SilverDotPay / crypto / payment processor) with no link back to account number
-- **Exit nodes**: SilverLABS-operated initially; geographically diverse
-- **Kill-switch**: enforced at firewall layer (nftables on Linux, NetworkExtension content filters on Apple)
-- **DNS**: encrypted DNS through tunnel; no DNS leaks
-- **Per-device keys**: each device gets its own WireGuard key; revoke per-device
+The product includes:
+- `.NET 9` server stack: API, admin dashboard, web client, Docker images
+- `SilverVPN.Client.Maui` — cross-platform native client (Windows, macOS, Android, iOS)
+- `SilverVPN.Client.Linux` — dedicated Linux client
+- `SilverVPN.Client.Web` / `SilverVPN.Client.Web.Host` — browser-based client
+- `SilverVPN.TunnelService` / `SilverVPN.TunnelService.Linux` — tunnel daemon
+- `SilverVPN.Tunnel.Shared` — shared tunnel code
+- `libbox-bridge` — sing-box / sing-tun integration layer
+- Debian packaging (`build-deb.sh`, `debian/`)
+- OpenWrt support (`openwrt/`)
+- Production releases ongoing
 
-## Server-side
+## SilverMetal's responsibility
 
-Lives in `SilverLABS/silver-vpn-infra` (separate repo). This repo holds the **client** code only.
+This directory tracks **integration**, not development. Integration tasks per platform:
 
-## What we do not do
+### SilverMetal OS — Linux
+- [ ] Include `silvervpn` `.deb` (built from `../SilverVPN/build-deb.sh`) in `linux/packages/include.list`
+- [ ] Bundle `SilverVPN.TunnelService.Linux` as a default systemd service
+- [ ] Configure SilverVPN to be **always-on by default** with our exit nodes preconfigured
+- [ ] Verify nftables kill-switch coexists with the SilverVPN tunnel service
+- [ ] Validate DNS through tunnel (no leaks)
+- [ ] Auto-launch `SilverVPN.Client.Linux` on first login for account-number entry
 
-- We do not log connection metadata beyond what is operationally required (typically just real-time peer state, not retained)
-- We do not bundle ad-blocking — that's the browser's job, not the VPN's
-- We do not bundle tracker-blocking heuristics in the VPN — that risks false positives that break sites
-- We do not run a "free tier" with a different infrastructure — paid users and free users (if any) get the same server quality
+### SilverMetal OS — Pixel / Samsung / Motorola
+- [ ] Bundle SilverVPN MAUI client APK into ROM build (or system app)
+- [ ] Configure as default VPN provider via Android `VpnService`
+- [ ] Always-on VPN enforced at OS level (`Settings > VPN > Always-on`)
 
-## Per-platform clients
+### SilverMetal Enhanced — Windows
+- [ ] Bundle MAUI Windows client into hardening installer
+- [ ] Set up auto-start on boot
+- [ ] Kill-switch enforced via Windows Filtering Platform rules
 
-- **Linux**: GTK + native daemon (`silvervpn-daemon` running as systemd service)
-- **Android**: VpnService-based, native UI
-- **Windows**: WireGuard tunnel service + tray UI (signed)
-- **macOS**: NetworkExtension, signed and notarised
-- **iOS**: NetworkExtension via App Store
+### SilverMetal Enhanced — macOS
+- [ ] Bundle MAUI macOS client into setup `.pkg`
+- [ ] NetworkExtension content filter for kill-switch
 
-## Verification
+### SilverMetal Enhanced — iOS
+- [ ] SilverVPN App Store listing referenced in iOS setup guide
+- [ ] MDM profile pre-configures SilverVPN as default
 
-- Kill-switch test: disconnect upstream, verify zero packets leak
-- DNS-leak test: capture DNS during tunnel-up; all queries must traverse the tunnel
-- Reconnect test: WAN flap, verify reconnect without temporary leak
+### SilverMetal Enhanced — Android (generic)
+- [ ] SilverVPN MAUI APK referenced as required install in profile
+- [ ] Work-profile config sets it as system VPN
+
+## Coordination
+
+Changes that affect SilverMetal integration (e.g., `silvervpn` package layout, default endpoints, account-number CLI) should be flagged in this directory's CHANGELOG (to be created when first integration milestone starts) so the SilverMetal build pipeline can react.
+
+Cross-repo issues that touch both projects should be opened in whichever repo owns the change, with a back-reference in the other.