feat: add marketplace metrics, privacy features, and service registry endpoints

- Add Prometheus metrics for marketplace API throughput and error rates with new dashboard panels
- Implement confidential transaction models with encryption support and access control
- Add key management system with registration, rotation, and audit logging
- Create services and registry routers for service discovery and management
- Integrate ZK proof generation for privacy-preserving receipts
- Add metrics instru

docs/reference/enterprise-sla.md

@@ -0,0 +1,230 @@
+# AITBC Enterprise Integration SLA
+
+## Overview
+
+This document outlines the Service Level Agreement (SLA) for enterprise integrations with the AITBC network, including uptime guarantees, performance expectations, and support commitments.
+
+## Document Version
+- Version: 1.0
+- Date: December 2024
+- Effective Date: January 1, 2025
+
+## Service Availability
+
+### Coordinator API
+- **Uptime Guarantee**: 99.9% monthly (excluding scheduled maintenance)
+- **Scheduled Maintenance**: Maximum 4 hours per month, announced 72 hours in advance
+- **Emergency Maintenance**: Maximum 2 hours per month, announced 2 hours in advance
+
+### Mining Pool Network
+- **Network Uptime**: 99.5% monthly
+- **Minimum Active Miners**: 1000 miners globally distributed
+- **Geographic Distribution**: Minimum 3 continents, 5 countries
+
+### Settlement Layer
+- **Confirmation Time**: 95% of transactions confirmed within 30 seconds
+- **Cross-Chain Bridge**: 99% availability for supported chains
+- **Finality**: 99.9% of transactions final after 2 confirmations
+
+## Performance Metrics
+
+### API Response Times
+| Endpoint | 50th Percentile | 95th Percentile | 99th Percentile |
+|----------|-----------------|-----------------|-----------------|
+| Job Submission | 50ms | 100ms | 200ms |
+| Job Status | 25ms | 50ms | 100ms |
+| Receipt Verification | 100ms | 200ms | 500ms |
+| Settlement Initiation | 150ms | 300ms | 1000ms |
+
+### Throughput Limits
+| Service | Rate Limit | Burst Limit |
+|---------|------------|------------|
+| Job Submission | 1000/minute | 100/minute |
+| API Calls | 10,000/minute | 1000/minute |
+| Webhook Events | 5000/minute | 500/minute |
+
+### Data Processing
+- **Proof Generation**: Average 2 seconds, 95% under 5 seconds
+- **ZK Verification**: Average 100ms, 95% under 200ms
+- **Encryption/Decryption**: Average 50ms, 95% under 100ms
+
+## Support Services
+
+### Support Tiers
+| Tier | Response Time | Availability | Escalation |
+|------|---------------|--------------|------------|
+| Enterprise | 1 hour (P1), 4 hours (P2), 24 hours (P3) | 24x7x365 | Direct to engineering |
+| Business | 4 hours (P1), 24 hours (P2), 48 hours (P3) | Business hours | Technical lead |
+| Developer | 24 hours (P1), 72 hours (P2), 5 days (P3) | Business hours | Support team |
+
+### Incident Management
+- **P1 - Critical**: System down, data loss, security breach
+- **P2 - High**: Significant feature degradation, performance impact
+- **P3 - Medium**: Feature not working, documentation issues
+- **P4 - Low**: General questions, enhancement requests
+
+### Maintenance Windows
+- **Regular Maintenance**: Every Sunday 02:00-04:00 UTC
+- **Security Updates**: As needed, minimum 24 hours notice
+- **Major Upgrades**: Quarterly, minimum 30 days notice
+
+## Data Management
+
+### Data Retention
+| Data Type | Retention Period | Archival |
+|-----------|------------------|----------|
+| Transaction Records | 7 years | Yes |
+| Audit Logs | 7 years | Yes |
+| Performance Metrics | 2 years | Yes |
+| Error Logs | 90 days | No |
+| Debug Logs | 30 days | No |
+
+### Data Availability
+- **Backup Frequency**: Every 15 minutes
+- **Recovery Point Objective (RPO)**: 15 minutes
+- **Recovery Time Objective (RTO)**: 4 hours
+- **Geographic Redundancy**: 3 regions, cross-replicated
+
+### Privacy and Compliance
+- **GDPR Compliant**: Yes
+- **Data Processing Agreement**: Available
+- **Privacy Impact Assessment**: Completed
+- **Certifications**: ISO 27001, SOC 2 Type II
+
+## Integration SLAs
+
+### ERP Connectors
+| Metric | Target |
+|--------|--------|
+| Sync Latency | < 5 minutes |
+| Data Accuracy | 99.99% |
+| Error Rate | < 0.1% |
+| Retry Success Rate | > 99% |
+
+### Payment Processors
+| Metric | Target |
+|--------|--------|
+| Settlement Time | < 2 minutes |
+| Success Rate | 99.9% |
+| Fraud Detection | < 0.01% false positive |
+| Chargeback Handling | 24 hours |
+
+### Webhook Delivery
+- **Delivery Guarantee**: 99.5% successful delivery
+- **Retry Policy**: Exponential backoff, max 10 attempts
+- **Timeout**: 30 seconds per attempt
+- **Verification**: HMAC-SHA256 signatures
+
+## Security Commitments
+
+### Availability
+- **DDoS Protection**: 99.9% mitigation success
+- **Incident Response**: < 1 hour detection, < 4 hours containment
+- **Vulnerability Patching**: Critical patches within 24 hours
+
+### Encryption Standards
+- **In Transit**: TLS 1.3 minimum
+- **At Rest**: AES-256 encryption
+- **Key Management**: HSM-backed, regular rotation
+- **Compliance**: FIPS 140-2 Level 3
+
+## Penalties and Credits
+
+### Service Credits
+| Downtime | Credit Percentage |
+|----------|------------------|
+| < 99.9% uptime | 10% |
+| < 99.5% uptime | 25% |
+| < 99.0% uptime | 50% |
+| < 98.0% uptime | 100% |
+
+### Performance Credits
+| Metric Miss | Credit |
+|-------------|--------|
+| Response time > 95th percentile | 5% |
+| Throughput limit exceeded | 10% |
+| Data loss > RPO | 100% |
+
+### Claim Process
+1. Submit ticket within 30 days of incident
+2. Provide evidence of SLA breach
+3. Review within 5 business days
+4. Credit applied to next invoice
+
+## Exclusions
+
+### Force Majeure
+- Natural disasters
+- War, terrorism, civil unrest
+- Government actions
+- Internet outages beyond control
+
+### Customer Responsibilities
+- Proper API implementation
+- Adequate error handling
+- Rate limit compliance
+- Security best practices
+
+### Third-Party Dependencies
+- External payment processors
+- Cloud provider outages
+- Blockchain network congestion
+- DNS issues
+
+## Monitoring and Reporting
+
+### Available Metrics
+- Real-time dashboard
+- Historical reports (24 months)
+- API usage analytics
+- Performance benchmarks
+
+### Custom Reports
+- Monthly SLA reports
+- Quarterly business reviews
+- Annual security assessments
+- Custom KPI tracking
+
+### Alerting
+- Email notifications
+- SMS for critical issues
+- Webhook callbacks
+- Slack integration
+
+## Contact Information
+
+### Support
+- **Enterprise Support**: enterprise@aitbc.io
+- **Technical Support**: support@aitbc.io
+- **Security Issues**: security@aitbc.io
+- **Emergency Hotline**: +1-555-SECURITY
+
+### Account Management
+- **Enterprise Customers**: account@aitbc.io
+- **Partners**: partners@aitbc.io
+- **Billing**: billing@aitbc.io
+
+## Definitions
+
+### Terms
+- **Uptime**: Percentage of time services are available and functional
+- **Response Time**: Time from request receipt to first byte of response
+- **Throughput**: Number of requests processed per time unit
+- **Error Rate**: Percentage of requests resulting in errors
+
+### Calculations
+- Monthly uptime calculated as (total minutes - downtime) / total minutes
+- Percentiles measured over trailing 30-day period
+- Credits calculated on monthly service fees
+
+## Amendments
+
+This SLA may be amended with:
+- 30 days written notice for non-material changes
+- 90 days written notice for material changes
+- Mutual agreement for custom terms
+- Immediate notice for security updates
+
+---
+
+*This SLA is part of the Enterprise Integration Agreement and is subject to the terms and conditions therein.*