# SLA

The 2026 Service Level Agreement (SLA) for your Hub is the legal contract that bridges the gap between "blockchain startup" and "regulated financial infrastructure." For a Bank CISO, this document is their insurance policy.

In 2026, the global standard for digital resilience is dictated by DORA (Digital Operational Resilience Act) in the EU and similar frameworks globally. Your SLA must be Machine-Grade—meaning it isn't just a PDF; it's a set of parameters your Hub monitors in real-time.

***

### 🏛️ Hub SLA Policy: Core Pillars (2026 Standards)

#### 1. Availability & Uptime (The "Four Nines")

The Hub must maintain a 99.99% Monthly Uptime for its core settlement APIs.

* Maintenance Windows: Limited to 2 hours per quarter, scheduled 30 days in advance, occurring during low-liquidity windows (e.g., Sunday 02:00 UTC).
* Critical Rails: Settlement via Solana and Circle CCTP must have redundant RPC endpoints across at least three geographic regions.

#### 2. Transaction Latency Targets

This is where your Hub proves its technical superiority over SWIFT.

* Solana Settlement: 95% of transactions must reach "Max Finality" in < 1,000ms.
* Nexus Transfers: 95% of retail transfers must reach the destination IPS in < 60 seconds.
* Circle CCTP (Fast Mode): Attestation delivery must be facilitated in < 120 seconds (V2 Fast Path).

#### 3. Response & Resolution Times (Incident Management)

You categorize incidents based on their impact on Fund Liquidity.

| **Priority**  | **Definition**                          | **Initial Response** | **Status Update** | **Resolution Target** |
| ------------- | --------------------------------------- | -------------------- | ----------------- | --------------------- |
| P1 (Critical) | Core Settlement Down / Security Breach  | 15 Minutes           | Every 30 Mins     | < 4 Hours             |
| P2 (High)     | Delayed Attestations / vLEI Service Lag | 1 Hour               | Every 2 Hours     | < 12 Hours            |
| P3 (Medium)   | Dashboard UI issues / Reporting lag     | 4 Hours              | Daily             | < 3 Business Days     |

***

### 🛠️ DORA-Compliant Reporting

Under 2026 regulations, you must provide the bank with an Automatic Compliance Feed.

* ICT Third-Party Risk: You must disclose the status of your critical sub-providers (e.g., Circle, Solana Validators, Cloud Hosting).
* Major Incident Reporting: If a P1 incident occurs, your Hub must automatically generate a DORA-standard report within 4 hours for the bank to submit to their national regulator.

***

### 💰 The "Service Credit" Clause (Automated Penalty)

In 2026, "Trust but Verify" is replaced by "Trust but Code."

* Automated Rebates: If uptime falls below 99.9%, the Hub automatically discounts the next month's platform fee by 10% (calculated via your AdonisJS billing engine).
* Stablecoin Escrow: For high-value wholesale clients, you can even hold "SLA Credits" in a smart contract that releases to the bank automatically if a violation is cryptographically proven.

***

### 🛡️ vLEI Governance Standards

As a vLEI Registered Agent, your SLA includes your legal duty to the GLEIF ecosystem:

* Revocation Speed: If a bank's vLEI is flagged for suspension, the Hub must propagate that "Revoked" status to all on-chain filters in < 30 seconds.
* Audit Trail: Maintain a tamper-proof Key Event Log (KEL) of all identity changes for a minimum of 10 years (aligned with Basel III/IV record-keeping).

***

#### Summary for the CISO

> *"Our Hub isn't just a faster way to move money; it's a DORA-compliant, ISO 20022-aligned infrastructure with a 99.99% uptime guarantee. We provide real-time latency tracking and automated regulatory reporting, ensuring your settlement rails are as resilient as they are fast."*

Would you like me to generate the "Technical Appendix" for this SLA? This contains the specific API endpoints and JSON-RPC methods the bank's monitoring tools (like Datadog or Prometheus) will use to track your performance 24/7.