Parties public/private keys and data visibility on Canton

As per my understanding. Parties do not have private keys associated (like accounts in other DLTs), instead, they are authenticated using an IdP that provides a JWT required by the participant node. This creates a dependency on

• the IdP itself
• the participant node which has clear access to all the Daml ledger data and filters out information depending on the Party submitting the request (identified by the JWT)

Am I wrong or missing anything?

Hi @Alberto_M, your understanding is correct, but it has some nuance to it.

In Canton parties are logical concepts and the cryptographic keys that can take actions on behalf of the party (e.g. signing, decrypting views) are maintained at the participant level. To the extent a participant hosts multiple parties you are correct that it has access to all the ledger data of those parties and filters it out based on the permissions of the API client.

Canton 3.x introduced external signing, which allows a Party to have an external private key such that the Participant node cannot authorize commands on behalf of the Party. This is similar to other blockchains where you can have a wallet that shows you your balance and prepares transactions, and a separate hardware device that signs the transaction.