Service Level Agreement
Formal SLA commitments for ABS Core — uptime, response times, MTTR, RTO/RPO, and support tiers.
Service Level Agreement
Effective Date: 2026-02-01 · Version: 2.0 · Applies to: ABS Core v10.1.x+
This document defines the service-level commitments for ABS Core. It is binding for Enterprise and Sovereign licensees with an active commercial agreement. Community Edition users receive best-effort service without SLA guarantees.
Uptime Commitment
| Tier | Monthly Uptime | Max Downtime/Month | Max Downtime/Year |
|---|---|---|---|
| Enterprise (SaaS) | 99.95% | 21.9 minutes | 4.4 hours |
| Sovereign (VPC/On-Prem) | Customer-managed | Customer-managed | Customer-managed |
| Community | Best effort | No commitment | No commitment |
Uptime is measured as availability of POST /v1/authorize returning a decision within 300ms, excluding:
- Scheduled maintenance windows (announced 72h in advance)
- Force majeure events
- Customer-caused outages (misconfigured policies, invalid API keys)
Latency SLO
| Percentile | Commitment | Measured at |
|---|---|---|
| P50 | < 200ms | Operational load (≤ 1,000 req/s) |
| P99 | < 300ms | Operational load (≤ 1,000 req/s) |
| P99.9 | < 500ms | Operational load (≤ 1,000 req/s) |
Latency SLOs apply at or below 1,000 req/s. Above this threshold, the rate limiter engages and the latency SLO no longer applies — the commitment becomes zero 5xx errors and complete audit integrity.
Support Tiers
| Tier | Channels | Sev-1 Response | Sev-2 Response | Sev-3 Response |
|---|---|---|---|---|
| Community | GitHub Discussions | Best effort | Best effort | Best effort |
| Starter | < 24h | < 48h | < 5 business days | |
| Enterprise | Dedicated Slack + Email + Portal | < 1h | < 4h | < 24h |
| Sovereign | Dedicated Slack + On-site option | < 1h | < 4h | < 24h |
Severity Definitions
| Level | Definition | Example |
|---|---|---|
| Sev-1 | Production down — governance engine returning 5xx or not responding | /v1/authorize returning 500 for all requests |
| Sev-2 | Major functionality impaired, workaround exists | CHI semantic analysis degraded; shadow mode active |
| Sev-3 | Non-critical issue or question | Policy authoring question, dashboard cosmetic issue |
MTTR and Recovery Commitments
| Scenario | MTTR Target | Mechanism |
|---|---|---|
| Edge node failure | < 30 seconds | Cloudflare automatic rerouting to adjacent PoP |
| CHI engine timeout | < 200ms | Circuit breaker → Fail-Safe ALLOW |
| Full region outage | < 15 minutes | Cloudflare multi-region failover |
| Scheduled maintenance | 0 downtime | Rolling deploys with zero-downtime strategy |
RTO / RPO
| Parameter | Commitment | Notes |
|---|---|---|
| RTO | < 15 minutes | Time to restore full service after worst-case outage |
| RPO (decisions) | 0 | Decisions written to D1 before response is returned — no decision is ever lost |
| RPO (L2 anchoring) | < 1 block cycle (~2s) | L2 queue persisted; anchor completes after recovery |
Data and Audit Guarantees
| Commitment | Detail |
|---|---|
| Audit completeness | 100% of requests — ALLOW, DENY, and rate-limited — are recorded |
| Tamper evidence | Every audit record is SHA-256 hash-chained to the previous |
| Immutability | Audit records are append-only; no delete or update operations exist |
| L2 anchoring | Batches anchored to Polygon L2 within 1 block cycle (~2s) under normal conditions — Enterprise tier only |
| Retention | Audit records retained for minimum 7 years (configurable per compliance requirement) |
SLA Credits
For Enterprise/Sovereign licensees, downtime beyond the committed uptime threshold entitles the licensee to service credits:
| Monthly Uptime | Credit |
|---|---|
| 99.90% – 99.94% | 10% of monthly fee |
| 99.00% – 99.89% | 25% of monthly fee |
| Below 99.00% | 50% of monthly fee |
Credits are applied to the next billing cycle and do not exceed the monthly fee. Credits are the sole remedy for SLA breaches under this agreement.
Exclusions
This SLA does not apply to:
- Downtime caused by customer-side infrastructure (network, firewall, DNS)
- Downtime caused by upstream LLM providers (OpenAI, Anthropic, Google) when using the Magic Proxy
- Cloudflare platform-wide incidents affecting all customers
- Events of force majeure
- Sovereign/On-Prem deployments managed by the customer
Verification
SLA compliance can be independently verified via:
- Status page: status.abscore.app
- Benchmark report: /docs/technical/benchmark-report — blockchain-anchored test results
- Audit API:
GET /v1/telemetry/query/stats?metric=decision.latency_ms— real-time latency metrics for your workspace
Contact for SLA Disputes
Enterprise licensees may raise SLA disputes by emailing [email protected] with subject SLA Dispute — [workspace-id]. Disputes must be raised within 30 days of the incident.