================================================================================
                    KORE COLLECTIVE (PTY) LTD · 2020/118214/07
                       KORENET SOVEREIGN RAILS · TENANT
================================================================================

Date:        April 20, 2026
To:          South African Reserve Bank (SARB)
Rails URL:   https://sarb.korenet.cloud
Jurisdiction: SARB
SWIFT/BIC:   RESBZAJJ
Settlement:  —  ·  Weekly cap UNLIMITED

Subject:     KoreNet Sovereign Rails — Tenant Onboarding Pack (v7.7.12)

Dear South African Reserve Bank (SARB) Operations,

This welcome pack contains your tenant identity on KoreNet Sovereign Rails:

  • OAuth client_id / client_secret   (file: CREDENTIALS.txt)
  • JWT HS256 bearer + signing secret (file: CREDENTIALS.txt)
  • mTLS client certificate metadata  (file: CREDENTIALS.txt)
  • Per-tenant configuration         (file: client_config.yaml)
  • Operations runbook               (file: README.md)

Your tenant credential intake URL is:

    https://sarb.korenet.cloud/intake

A single-use invitation token will be issued to you separately. Sign in,
upload your side of the rails (institution identity, settlement endpoints,
operational contacts, security & compliance attestations), and the bank-
side operations team will complete bilateral alignment.

What this pack is NOT:
  • You will NOT find bank-side credentials in this pack.
  • You will NOT find customer data in this pack.
  • You will NOT upload private keys belonging to the bank — only your own.

All actions on the intake portal are LICK-signed, audit-logged and stored
on the sovereign PVC. Sensitive credentials you submit are encrypted at
rest with Fernet/AES-128 + HMAC-SHA256; only the ``owner`` role on the
bank-side admin console can decrypt, and every decryption is logged.

Welcome to the KoreNet sovereign stack.

— KoreNet Rails Onboarding · rails-onboarding@korenet.cloud · +27 (0)10 590 7717
================================================================================
