The hook is almost certainly 2.3(b). Domestic information is collected because it is, or may be, relevant to the investigation of a foreign intelligence target. As it says in the Guardian article linked to, Section 215 of the Patriot Act is what the NSA is relying on to justify collecting metadata on domestic communications. In theory, this metadata is put into the lockbox databse, and the lockbox database is only searched/queried when there is reasonable articulable suspicion that the domestic communications that might be returned by the query are relevant to the investigation of a foreign surveillance target.
For example, just say the NSA has reasonable articulable suspicion that a foreign phone number belongs to a suspected terrorist. Based on this RAS, they may then query the database to see what US domestic phone numbers that foreign surveillance target has called. I believe the NSA is also claiming that up to three telephone-hops are relevant (which means that FISC probably agreed at some point), by which I mean they may then see who those US telephone numbers called, and then see who they in turn called: three degrees of separation from the foreign surveillance target are deemed relevant.
