Rwanda · battery-swap interoperability mandate

One standard for every swap — owned by no operator.

Mkondo is the interoperability and clearing rail for Rwanda's electric-motorcycle battery swap. Reporting, battery registry, and rider-transition clearing are built and running in one console — under RURA Regulations N° 011/ENERGY/RURA/2026.

All three domains ship in the console today. An operator can connect to the sandbox now — push canonical swap records against the published OpenAPI contract and earn a conformance certificate. Production connections open once the per-operator field mapping is agreed. No operator is in production yet.
The rail · all four layers builteach layer is the base for the next
01
Compliance Reporting
Licensee returns → RURA · maker-checker · deadlines
02
Battery Registry
Pack identity · state-of-health · gapless custody chain
03
Rider-Transition Clearing
Ed25519-signed custody artifacts · settlement
00
Platform Foundation
Tenants · 8-role RBAC · immutable audit · RLS isolation
Why a neutral rail

Interoperability can't be owned by a competitor in the race.

The mandate asks operators to share a swap network under one standard. The question is who holds the switch that clears everyone's riders and batteries between operators — and that layer only works if it has no stake in who wins.

An operator's “open” network

Interoperability held by one of the racers

When a swap operator opens its own network, rivals must route their custody data and rider transitions through a direct competitor, priced by that competitor. It can aggregate vehicle-makers — but competing operators won't clear through it, and a regulator can't lean on it as neutral shared infrastructure.

A structurally-neutral rail

Owned by no operator, trusted by all

Mkondo owns no vehicles, no stations, and no batteries, so it can clear every operator's riders and batteries without competing inside the network. Neutrality here isn't a promise in the terms of service — it's the architecture.

0
vehicles, stations or batteries owned by Mkondo
3
regulated domains built — reporting, registry, clearing
8
roles across licensee, regulator, and OEM access
100%
actions written to an immutable audit trail
How the rail works

Contract-first, auditable, and portable by design.

Operators connect once, under one contract

Every licensee files returns and pushes swap records through the same published OpenAPI contract. Maker-checker means a preparer files and an approver releases — no single hand touches the regulator's copy.

A swap becomes a record, not a spreadsheet

One canonical swap record carries a pack's custody, a station's uptime, and a rider's transition. Capture it once and the registry, quality-of-service, and clearing all read the same object — nobody re-keys it.

The regulator reads across the rail

RURA sees every licensee even-handedly, read-only, isolated by row-level security. The regulator reads cross-tenant but never writes.

Every action is provable later

Submissions, releases, and handovers are written append-only with actor and timestamp. Clearing and custody artifacts are Ed25519-signed, so the record holds up under audit.

Built to be trusted

The infrastructure choices are the product.

Mkondo is engineered like a payments switch, not a SaaS demo. The neutrality is structural, and so is the security posture — both are commitments you can inspect rather than take on trust.

Neutral
Owns nothing on the network
No vehicles, stations, or batteries — value accrues to the layer that reduces friction, not a rival.
Isolated
Postgres row-level security
Tenant isolation is enforced in the database, not the app layer.
Auditable
Append-only event trail
Immutable submission and custody history with actor and source.
Sovereign
Self-hosted identity
Keycloak OIDC over US SaaS; container + Terraform portable.

See the rail your operators will actually file on.

A 30-minute walkthrough of the console — reporting, registry, and clearing — mapped to your licence class and reporting deadlines.