Skip to main content
Canton resolves the privacy-integrity tradeoff through three architectural pillars that work together to provide both strong privacy guarantees and blockchain-grade integrity.

Pillar 1: Sub-Transaction Privacy

Canton’s core innovation is sub-transaction privacy. This works at two levels:
  1. Transaction isolation: Different transactions are kept completely separate—unrelated parties don’t even know other transactions exist
  2. View decomposition: Within a single transaction, different parties see only their relevant portions

How Views Work

When a transaction involves multiple parties, Canton doesn’t send the entire transaction to everyone. Instead:
  1. Decomposition: The transaction is split into views based on stakeholder relationships
  2. Encryption: Each view is encrypted for its specific recipients
  3. Distribution: The synchronizer delivers only entitled views to each participant
  4. Validation: Each participant validates their view independently
  5. Confirmation: Participants confirm based on their view alone
In this example, a single atomic transaction moves value from Alice to Bob to Charlie. But Alice never learns about Charlie, and Charlie never learns about Alice.

What Each Party Sees

PartySeesDoesn’t See
AliceHer payment to BobBob’s payment to Charlie; Charlie’s identity
BobBoth payments (involved in both)Nothing hidden
CharlieHis receipt from BobAlice’s involvement; original source
SynchronizerEncrypted messages onlyAny transaction content
This isn’t just hiding data—it’s providing mathematically enforced boundaries on information flow.

Pillar 2: Proof of Stakeholder Consensus

Traditional blockchains require all validators to verify all transactions. Canton uses a different approach: only the stakeholders in a transaction need to confirm it.

Why This Works

Consider: why does a validator need to verify a transaction they’re not part of? In traditional blockchains, validators verify everything to prevent double-spends and ensure rules are followed. But if only Alice and Bob are affected by a transaction, only Alice and Bob need to verify it. As long as:
  • Alice’s validator confirms Alice authorized the transaction
  • Bob’s validator confirms Bob is receiving what he’s supposed to
  • Both agree the transaction is valid
Then the transaction is valid. Charlie’s validator doesn’t need to see it, verify it, or even know it exists.

Integrity Without Global Visibility

This approach maintains integrity because:
  • Double-spend prevention: Alice’s validator tracks Alice’s contracts; can’t spend what doesn’t exist; and in the example case of reputable tokens, the issuer’s approval is required for issuance.
  • Authorization enforcement: Only parties declared as controllers can exercise choices
  • Consistency: The synchronizer ensures all parties see a consistent order of events
  • Atomicity: Either all involved parties confirm, or the transaction is rejected

Pillar 3: Coordination Without Visibility

The synchronizer (sequencer + mediator nodes) coordinates transaction ordering and confirmation without seeing transaction content.

What the Synchronizer Does

FunctionDescription
OrderingAssigns timestamps and total order to transactions and events
DistributionRoutes encrypted views to entitled participants
MediationCollects confirmations and declares outcomes
ConsistencyEnsures all participants see the same ordering

What the Synchronizer Cannot Do

LimitationGuarantee
Read contentOnly sees encrypted views
Identify end usersKnows parties for routing, but not the humans/systems behind them
Modify transactionsCan only pass through or reject
Store stateNo persistent transaction data

The Trust Model

The synchronizer’s limited capability is a feature, not a limitation:
  • You don’t need to trust the synchronizer with your data—it can’t read it
  • You do trust the synchronizer for ordering and availability
  • The synchronizer can’t cheat because it can’t see what it’s coordinating
This separation of concerns means:
  • Privacy is enforced cryptographically, not by policy
  • Synchronizer operators cannot extract transaction intelligence
  • Adding more synchronizer operators doesn’t expand data exposure

How the Pillars Work Together

The three pillars are interdependent:
PillarEnables
Sub-transaction privacyViews that can be validated independently
Proof of stakeholderConsensus without global visibility
Coordination without visibilityOrdering without data exposure
Together, they create a system where:
  1. Each party receives only their view
  2. Each party validates only their view
  3. The coordinator never sees any views
  4. The transaction commits atomically if all stakeholders confirm

Real-World Impact

This architecture enables use cases impossible on traditional blockchains:

Confidential Multi-Party Workflows

Multiple organizations can share a workflow where each sees only their part:

Privacy-Preserving Settlement

Trading parties settle without observers seeing prices:
  • Buyer sees: asset received, payment made
  • Seller sees: asset transferred, payment received
  • Market: cannot see price or parties

Regulatory Compliance

Meet data protection requirements while maintaining shared truth:
  • Data stays with entitled parties
  • Audit trails exist for those with audit rights
  • Cross-border data flows are minimized

Next Steps

Use Cases

See concrete examples of Canton in action.

Core Concepts

Learn about parties, validators, and synchronizers.

Architecture Deep Dive

Understand how components work together technically.

Privacy Model

Explore the privacy guarantees in detail.