The Fundamental Difference
Default Visibility Comparison
Ethereum: Public by Default
On Ethereum, when you deploy a contract or send a transaction:- Transaction data is visible in the mempool before execution
- State changes are recorded on every node
- Historical data is queryable by anyone forever
- Contract code is readable by anyone
- All interactions are visible to all observers
Canton: Private by Default
On Canton, data is visible only to entitled parties:- Transaction content is encrypted during submission
- Views are delivered only to relevant validators
- State is stored only on validators hosting stakeholders
- Contract data is visible only to signatories and observers
- Third parties see nothing unless explicitly declared
Sub-Transaction Privacy
Canton’s key innovation is sub-transaction privacy: different parts of the same transaction are visible to different parties.Example: Atomic Three-Party Transfer
Consider: Alice pays Bob with Canton Coin, and Bob simultaneously pays Charlie. On Ethereum:- Everyone sees: Alice paid Bob, Bob paid Charlie
- Everyone knows: amounts, parties, timing
- Carol (unrelated) can see all details
Why This Matters
Comparison to Ethereum Privacy Solutions
Layer 2 Solutions
Approach: Move transactions off MainNet; settle on-chain.Zero-Knowledge Solutions
Approach: Prove validity without revealing data. Canton does not use zero-knowledge proofs. Instead, privacy is achieved through selective data distribution—parties only receive the transaction views they’re entitled to see. This provides a simpler programming model without ZK circuit complexity or proof generation overhead.Private Channels (Hyperledger Fabric)
Approach: Separate channels for private transactions.Encryption at Rest
Approach: Encrypt data stored on-chain.Private Ledger View
In Canton, each party has their own private ledger view—the collection of all contracts where they’re a stakeholder.What This Means
Key implications:Querying Data
Ethereum approach:What the Synchronizer Can and Cannot See
The synchronizer (sequencer + mediator) coordinates transactions but never sees content.Synchronizer Can See
- Encrypted message blobs (must deliver them)
- Message sizes (network routing)
- Timestamps (ordering)
- Confirmation results, such as committed or rejected (finality)
- Validator identifiers (routing)
- Party identifiers (for routing, but not end-user identity)
Synchronizer Cannot See
- Transaction content (encrypted)
- Contract data (never transmitted to synchronizer)
- Choice being exercised (encrypted)
- Amounts, prices, terms (encrypted)
Trust Implications
Canton’s trust model differs fundamentally from traditional blockchains: What you trust the synchronizer for:- Ordering transactions fairly (not reordering to favor certain parties)
- Delivering messages to all entitled participants
- Availability (being online when you need to transact)
- Your data privacy—it only sees encrypted blobs
- Transaction validation—your validator does this
- Correct execution—the protocol enforces this cryptographically
- Storing your contract data securely
- Executing transactions correctly on your behalf
- Not revealing your data to unauthorized parties
Design Implications for Developers
Rethinking State Queries
Ethereum mindset: “How do I query global state?” Canton mindset: “What can my party see, and who else needs visibility?”Observer Pattern
When designing contracts, explicitly consider:- Who are signatories? They must authorize and always see.
- Who are observers? They can see but not act.
- Who can exercise choices? Controllers for each choice.
- What gets divulged? Fetching contracts in transactions reveals them.
Privacy Checklist
When designing Canton applications:Next Steps
Smart Contract Paradigm
Understand Daml’s immutable contract model vs. Solidity.
Privacy Model Deep Dive
Technical details of sub-transaction privacy.