# Canton Signer (Daml Docs)

On Canton, signature requests do not go through a deployed contract at an address. They go through **Daml templates** — the `Signer` from the `signet-signer-v1` package — authorized by Canton parties and disclosed to consumer contracts. MPC responses are delivered as Canton contracts and verified **on-ledger** with `secp256k1WithEcdsaOnly`.

The flow itself is the standard [Sign Bidirectional Flow](/architecture/sign-bidirectional); only the API surface is Canton-specific.

## Documentation

The complete Canton documentation lives in the [sig-net/canton](https://github.com/sig-net/canton) repository:

* **[Repository overview](https://github.com/sig-net/canton#readme)** - Architecture, package layout, and where to start
* **[signet-signer-v1 README](https://github.com/sig-net/canton/blob/main/daml-packages/signet-signer-v1/README.md)** - Authority model and integrator lifecycle, with the full template API in [API.md](https://github.com/sig-net/canton/blob/main/daml-packages/signet-signer-v1/API.md) and the integrator checklist in [SECURITY.md](https://github.com/sig-net/canton/blob/main/daml-packages/signet-signer-v1/SECURITY.md)
* **[signet-vault-v1 README](https://github.com/sig-net/canton/blob/main/daml-packages/signet-vault-v1/README.md)** - The worked example to model your consumer on: MPC-custodied ERC-20 vault (deposit / claim / withdraw / refund), meant to be copied as source
* **[INTEGRATORS.md](https://github.com/sig-net/canton/blob/main/INTEGRATORS.md)** - Deploying your consumer from your own Canton node: release DARs and package-id rules, vetting, client wiring, DevNet/TestNet go-live
* **[canton-sig TypeScript client](https://github.com/sig-net/canton/tree/main/ts-packages/canton-sig)** - Client library for driving the protocol over the Canton JSON Ledger API ([npm](https://www.npmjs.com/package/canton-sig))

## Key Differences from Other Chains

* **No contract address**: integrators receive the `Signer` as a disclosed-contract envelope from the operator's disclosure endpoint, not by address lookup. See [Contract Addresses](/primitives/contract-addresses) for the per-environment root public keys.
* **KDF chain ID**: key derivation uses `canton:global` (see `KDF_CHAIN_IDS` in signet.js), with `sender` bound to the hash of the on-ledger operator set.
* **On-ledger verification**: the response signature over `keccak256(requestId || serializedOutput)` is checked inside the consumer's Daml choice via `secp256k1WithEcdsaOnly`, using the response child key derived with the fixed path `"canton response key"`.

## Source Code

* [sig-net/canton](https://github.com/sig-net/canton)
