Canton and ZKsync clash over onchain bank rule enforcement

Developers from Canton and ZKsync debated how banks should enforce rules onchain in a recent online discussion. The dispute focused on whether institutional finance requires a single, network-wide ledger that every participant can verify, or whether privacy-focused, permissioned models that share transactions only with counterparties can meet banks’ needs.

Alex Gluchowski, co-founder of Matter Labs, argued that a true blockchain must provide a global shared state so network-wide rules can be enforced and independently checked. He said systems that connect institutions through bilateral or trilateral relationships recreate pre-blockchain workflows in token form and cannot guarantee system-level properties such as total asset supply. “Before blockchains, banks had to enter bilateral relationships and define how they handle edge cases through contracts and API interactions,” Gluchowski observed. He added that on public chains anchored by zero-knowledge proofs and Ethereum, activity beyond set thresholds can be restricted or require extra approval through smart contracts rather than relying on an issuer multisig.

Shaul Kfir, co-founder of Digital Asset, rejected the claim that Canton’s lack of a global shared state weakens its trust model. He described Canton as following a “don’t trust, verify” approach in which each participant trusts its own validator and assumes other validators could be malicious. In Canton, participants independently check only the transactions they are party to, Kfir noted. He also pointed out that when issuers are centralized-for example, stablecoin issuers with mint functions-users already rely on issuers and their auditors to back onchain balances with off-chain reserves.

Yuval Rooz, another Digital Asset co-founder, said enforcement on public chains still depends in practice on centralized issuers. Rooz referenced past incidents involving token freezes and industry requests for issuers to intervene, arguing that issuers serve as critical enforcement points even on permissionless networks. Rooz acknowledged that Canton currently lacks public verifiability but said there are plans to add it.

Canton’s design shares transactions only with the counterparties involved and has been adopted by several institutional participants, including large banks and asset managers. Matter Labs’ Prividium, used with ZKsync, aims to combine privacy with public verifiability by producing zero-knowledge proofs anchored to Ethereum. Kfir warned that models like Prividium can shift trust to operators who generate proofs, noting that client software may not independently verify which contract logic is running and that users may have to reconcile operator reports with their own records.

Participants described the technical differences and trade-offs between the two approaches without presenting a single accepted solution. Both Canton and ZK-anchored verification are under active development as banks and asset managers pursue tokenization and onchain settlement.