I understand that Canton uses private keys for its identity management service.
From the documentation on the implementation of the Identity Management Service, it appears there are a number of Identity Stores - but these are identity related and timestamped transactional stores.
But it’s unclear to me where and who stores a party’s private key.
Is a party’s key storage and management a component of a participant node? Is it external?
Separately, does Canton’s identity management service interact with Daml’s Ledger API auth functionality? If so, how?