feat: add marketplace metrics, privacy features, and service registry endpoints

- Add Prometheus metrics for marketplace API throughput and error rates with new dashboard panels
- Implement confidential transaction models with encryption support and access control
- Add key management system with registration, rotation, and audit logging
- Create services and registry routers for service discovery and management
- Integrate ZK proof generation for privacy-preserving receipts
- Add metrics instru

docs/ecosystem/certification/ecosystem-certification-criteria.md

@@ -0,0 +1,478 @@
+# AITBC Ecosystem Certification Criteria
+
+## Overview
+
+This document defines the certification criteria for AITBC ecosystem partners, SDK implementations, and integrations. Certification ensures quality, security, and compatibility across the AITBC ecosystem.
+
+## Certification Tiers
+
+### Bronze Certification (Free)
+**Target**: Basic compatibility and security standards
+**Valid for**: 1 year
+**Requirements**:
+- SDK conformance with core APIs
+- Basic security practices
+- Documentation completeness
+
+### Silver Certification ($500/year)
+**Target**: Production-ready implementations
+**Valid for**: 1 year
+**Requirements**:
+- All Bronze requirements
+- Performance benchmarks
+- Advanced security practices
+- Support commitments
+
+### Gold Certification ($2,000/year)
+**Target**: Enterprise-grade implementations
+**Valid for**: 1 year
+**Requirements**:
+- All Silver requirements
+- SLA commitments
+- Independent security audit
+- 24/7 support availability
+
+## Detailed Criteria
+
+### 1. SDK Conformance Requirements
+
+#### Bronze Level
+- **Core API Compatibility** (Required)
+  - All public endpoints implemented
+  - Request/response formats match specification
+  - Error handling follows AITBC standards
+  - Authentication methods supported (Bearer, OAuth2, HMAC)
+  
+- **Data Model Compliance** (Required)
+  - Transaction models match specification
+  - Field types and constraints enforced
+  - Required fields validated
+  - Optional fields handled gracefully
+
+- **Async Support** (Required)
+  - Non-blocking operations for I/O
+  - Proper async/await implementation
+  - Timeout handling
+  - Error propagation in async context
+
+#### Silver Level
+- **Performance Benchmarks** (Required)
+  - API response time < 100ms (95th percentile)
+  - Concurrent request handling > 1000/second
+  - Memory usage < 512MB for typical workload
+  - CPU efficiency < 50% for sustained load
+
+- **Rate Limiting** (Required)
+  - Client-side rate limiting implementation
+  - Backoff strategy on 429 responses
+  - Configurable rate limits
+  - Burst handling capability
+
+- **Retry Logic** (Required)
+  - Exponential backoff implementation
+  - Idempotent operation handling
+  - Retry configuration options
+  - Circuit breaker pattern
+
+#### Gold Level
+- **Enterprise Features** (Required)
+  - Multi-tenant support
+  - Audit logging capabilities
+  - Metrics and monitoring integration
+  - Health check endpoints
+
+- **Scalability** (Required)
+  - Horizontal scaling support
+  - Load balancer compatibility
+  - Database connection pooling
+  - Caching layer integration
+
+### 2. Security Requirements
+
+#### Bronze Level
+- **Authentication** (Required)
+  - Secure credential storage
+  - No hardcoded secrets
+  - API key rotation support
+  - Token expiration handling
+
+- **Transport Security** (Required)
+  - TLS 1.2+ enforcement
+  - Certificate validation
+  - HTTPS-only in production
+  - HSTS headers
+
+- **Input Validation** (Required)
+  - SQL injection prevention
+  - XSS protection
+  - Input sanitization
+  - Parameter validation
+
+#### Silver Level
+- **Authorization** (Required)
+  - Role-based access control
+  - Principle of least privilege
+  - Permission validation
+  - Resource ownership checks
+
+- **Data Protection** (Required)
+  - Encryption at rest
+  - PII handling compliance
+  - Data retention policies
+  - Secure backup procedures
+
+- **Vulnerability Management** (Required)
+  - Dependency scanning
+  - Security patching process
+  - CVE monitoring
+  - Security incident response
+
+#### Gold Level
+- **Advanced Security** (Required)
+  - Zero-trust architecture
+  - End-to-end encryption
+  - Hardware security module support
+  - Penetration testing results
+
+- **Compliance** (Required)
+  - SOC 2 Type II compliance
+  - GDPR compliance
+  - ISO 27001 certification
+  - Industry-specific compliance
+
+### 3. Documentation Requirements
+
+#### Bronze Level
+- **API Documentation** (Required)
+  - Complete endpoint documentation
+  - Request/response examples
+  - Error code reference
+  - Authentication guide
+
+- **Getting Started** (Required)
+  - Installation instructions
+  - Quick start guide
+  - Basic usage examples
+  - Configuration options
+
+- **Code Examples** (Required)
+  - Basic integration examples
+  - Error handling examples
+  - Authentication examples
+  - Common use cases
+
+#### Silver Level
+- **Advanced Documentation** (Required)
+  - Architecture overview
+  - Performance tuning guide
+  - Troubleshooting guide
+  - Migration guide
+
+- **SDK Reference** (Required)
+  - Complete API reference
+  - Class and method documentation
+  - Parameter descriptions
+  - Return value specifications
+
+- **Integration Guides** (Required)
+  - Framework-specific guides
+  - Platform-specific instructions
+  - Best practices guide
+  - Common patterns
+
+#### Gold Level
+- **Enterprise Documentation** (Required)
+  - Deployment guide
+  - Monitoring setup
+  - Security configuration
+  - Compliance documentation
+
+- **Support Documentation** (Required)
+  - SLA documentation
+  - Support procedures
+  - Escalation process
+  - Contact information
+
+### 4. Testing Requirements
+
+#### Bronze Level
+- **Unit Tests** (Required)
+  - >80% code coverage
+  - Core functionality tested
+  - Error conditions tested
+  - Edge cases covered
+
+- **Integration Tests** (Required)
+  - API endpoint tests
+  - Authentication flow tests
+  - Error scenario tests
+  - Basic workflow tests
+
+#### Silver Level
+- **Performance Tests** (Required)
+  - Load testing results
+  - Stress testing
+  - Memory leak testing
+  - Concurrency testing
+
+- **Security Tests** (Required)
+  - Authentication bypass tests
+  - Authorization tests
+  - Input validation tests
+  - Dependency vulnerability scans
+
+#### Gold Level
+- **Comprehensive Tests** (Required)
+  - Chaos engineering tests
+  - Disaster recovery tests
+  - Compliance validation
+  - Third-party audit results
+
+### 5. Support Requirements
+
+#### Bronze Level
+- **Basic Support** (Required)
+  - Issue tracking system
+  - Response time < 72 hours
+  - Bug fix process
+  - Community support
+
+#### Silver Level
+- **Professional Support** (Required)
+  - Email support
+  - Response time < 24 hours
+  - Phone support option
+  - Dedicated support contact
+
+#### Gold Level
+- **Enterprise Support** (Required)
+  - 24/7 support availability
+  - Response time < 1 hour
+  - Dedicated account manager
+  - On-site support option
+
+## Certification Process
+
+### 1. Self-Assessment
+- Review criteria against implementation
+- Complete self-assessment checklist
+- Prepare documentation
+- Run test suite locally
+
+### 2. Submission
+- Submit self-assessment results
+- Provide test results
+- Submit documentation
+- Pay certification fee (if applicable)
+
+### 3. Verification
+- Automated test execution
+- Documentation review
+- Security scan
+- Performance validation
+
+### 4. Approval
+- Review by certification board
+- Issue certification
+- Publish to registry
+- Provide certification assets
+
+### 5. Maintenance
+- Annual re-certification
+- Continuous monitoring
+- Compliance checks
+- Update documentation
+
+## Testing Infrastructure
+
+### Automated Test Suite
+```python
+# Example test structure
+class BronzeCertificationTests:
+    def test_api_compliance(self):
+        """Test API endpoint compliance"""
+        pass
+    
+    def test_authentication(self):
+        """Test authentication methods"""
+        pass
+    
+    def test_error_handling(self):
+        """Test error handling standards"""
+        pass
+
+class SilverCertificationTests(BronzeCertificationTests):
+    def test_performance_benchmarks(self):
+        """Test performance requirements"""
+        pass
+    
+    def test_security_practices(self):
+        """Test security implementation"""
+        pass
+
+class GoldCertificationTests(SilverCertificationTests):
+    def test_enterprise_features(self):
+        """Test enterprise capabilities"""
+        pass
+    
+    def test_compliance(self):
+        """Test compliance requirements"""
+        pass
+```
+
+### Test Categories
+1. **Functional Tests**
+   - API compliance
+   - Data model validation
+   - Error handling
+   - Authentication flows
+
+2. **Performance Tests**
+   - Response time
+   - Throughput
+   - Resource usage
+   - Scalability
+
+3. **Security Tests**
+   - Authentication
+   - Authorization
+   - Input validation
+   - Vulnerability scanning
+
+4. **Documentation Tests**
+   - Completeness check
+   - Accuracy validation
+   - Example verification
+   - Accessibility
+
+## Certification Badges
+
+### Badge Display
+```html
+<!-- Bronze Badge -->
+<img src="https://cert.aitbc.io/badges/bronze.svg" 
+     alt="AITBC Bronze Certified" />
+
+<!-- Silver Badge -->
+<img src="https://cert.aitbc.io/badges/silver.svg" 
+     alt="AITBC Silver Certified" />
+
+<!-- Gold Badge -->
+<img src="https://cert.aitbc.io/badges/gold.svg" 
+     alt="AITBC Gold Certified" />
+```
+
+### Badge Requirements
+- Must link to certification page
+- Must display current certification level
+- Must show expiration date
+- Must include verification ID
+
+## Compliance Monitoring
+
+### Continuous Monitoring
+- Automated daily compliance checks
+- Performance monitoring
+- Security scanning
+- Documentation validation
+
+### Violation Handling
+- 30-day grace period for violations
+- Temporary suspension for critical issues
+- Revocation for repeated violations
+- Appeal process available
+
+## Registry Integration
+
+### Public Registry Information
+- Company name and description
+- Certification level and date
+- Supported SDK versions
+- Contact information
+- Compliance status
+
+### API Access
+```python
+# Example registry API
+GET /api/v1/certified-partners
+GET /api/v1/partner/{id}
+GET /api/v1/certification/{id}/verify
+```
+
+## Version Compatibility
+
+### SDK Version Support
+- Certify against major versions
+- Support for 2 previous major versions
+- Migration path documentation
+- Deprecation notice requirements
+
+### Compatibility Matrix
+| SDK Version | Bronze | Silver | Gold | Status |
+|-------------|---------|---------|------|---------|
+| 1.x         | ✓       | ✓       | ✓    | Current |
+| 0.9.x       | ✓       | ✓       | ✗    | Deprecated |
+| 0.8.x       | ✓       | ✗       | ✗    | End of Life |
+
+## Appeals Process
+
+### Appeal Categories
+1. Technical disagreement
+2. Documentation clarification
+3. Security assessment dispute
+4. Performance benchmark challenge
+
+### Appeal Process
+1. Submit appeal with evidence
+2. Review by appeals committee
+3. Response within 14 days
+4. Final decision binding
+
+## Certification Revocation
+
+### Revocation Triggers
+- Critical security vulnerability
+- Compliance violation
+- Misrepresentation
+- Support failure
+
+### Revocation Process
+1. Notification of violation
+2. 30-day cure period
+3. Revocation notice
+4. Public registry update
+5. Appeal opportunity
+
+## Fees and Pricing
+
+### Certification Fees
+- Bronze: Free
+- Silver: $500/year
+- Gold: $2,000/year
+
+### Additional Services
+- Expedited review: +$500
+- On-site audit: $5,000
+- Custom certification: Quote
+- Re-certification: 50% of initial fee
+
+## Contact Information
+
+- **Certification Program**: certification@aitbc.io
+- **Technical Support**: support@aitbc.io
+- **Security Issues**: security@aitbc.io
+- **Appeals**: appeals@aitbc.io
+
+## Updates and Changes
+
+### Criteria Updates
+- Quarterly review cycle
+- 30-day notice for changes
+- Grandfathering provisions
+- Transition period provided
+
+### Version History
+- v1.0: Initial certification criteria
+- v1.1: Added security requirements
+- v1.2: Enhanced performance benchmarks
+- v2.0: Restructured tier system