I strongly recommend splitting multiple questions to separate threads. In that spirit I’ll address one of these:
In a sense, but not the “they must be on local disk” sense. Instead, the ledger API provides mechanisms for package management; packages that have not been registered with a participant in this way simply cannot be used in transactions, because it is impossible to interpret a Daml command without having all referenced Daml packages and their dependencies available. So the “file on disk” DAR is completely irrelevant; what matters is that it has been uploaded to the participant (and perhaps “vetted”).