JWT tokens vs signatures in TEEs


In order to enforce (off-ledger) user-defined workflows, we use a Trusted Execution Environment to generate (serialize and sign) our transactions. These transactions are then returned to the caller, who can broadcast them.
As far as I can tell, Canton performs its authentication through JWT. This is not ideal, since it means the caller must be given the JWT in full to process the request, which they can then use to call any method, thus bypassing the TEE.

Is there an authentication method that I am missing, that maybe uses a signature/HMAC rather than a token?


Hi @Lea_Max , currently it’s not possible to authenticate against the Ledger API on a per-request basis. We are thinking about adding the ability to sign commands and validate command signatures as part of the ledger protocol so that it’s possible to control choices without needing to be online.

However, this would apply only to the Command(Submission)Service and not replace JWT-based API authentication as you may still want to permission who can use your node to submit commands in such a fashion, and who can read data from your node.

Is this your use use case, or are you looking for a more general per-request authentication method?