Incident process
Severity tiers
| Tier | Definition | Example |
|---|---|---|
| SEV-1 | Customer-facing data integrity or availability incident affecting >5% of tenants. | Receipt chain corruption; gateway unreachable for >5 min. |
| SEV-2 | Customer-facing degradation. SLO at risk. | Sustained 5xx rate above 1%; p99 latency over 2× target. |
| SEV-3 | Internal degradation, no customer impact. | Single provider failover engaged; one secondary region degraded. |
| SEV-4 | Operational only — info, no customer impact. | Routine cert rotation; planned maintenance. |
Public communication SLA
| Tier | Initial public update | Cadence | Postmortem |
|---|---|---|---|
| SEV-1 | within 5 min | every 15 min | within 5 business days |
| SEV-2 | within 15 min | every 30 min | within 10 business days |
| SEV-3 | within 1 hour | every hour | optional |
| SEV-4 | as scheduled | n/a | n/a |
All updates land on status.cloakapi.io and trigger any subscribed webhooks within 60 seconds.
Customer credits
If a SEV-1 or SEV-2 breaches the SLO for the calendar month, all affected tenants receive an automatic credit:
- SEV-1: 25% of monthly gateway fee, applied to next invoice.
- SEV-2: 10%.
No need to file a claim — the system computes the credit from the status timeline and applies it. The invoice line item shows the incident id.
Postmortems
Postmortems are public for SEV-1 and on request for SEV-2. They follow the standard structure:
- Summary and customer impact (numbers).
- Detection — when, by whom, how.
- Mitigation — what stopped the bleeding.
- Root cause — the actual problem, not the trigger.
- Action items — owner, ETA, public link.
Past postmortems live on the status page under Incidents → archive.