Background
When external parties + interactive submission landed (commits 766f169, 2397a44, e00a981), the older internal-party custodial registration model was retired. Several methods on the cantonsdk identity client and one config field were left behind with no remaining production callers.
This issue lists the orphans I could verify, with the rigor needed to remove them safely. It's a cleanup ticket — no behavioral change, just deleting dead code.
Confirmed dead code
1. Client.GrantActAsParty — fully dead
File: pkg/cantonsdk/identity/client.go — interface decl line 40, implementation lines 368-389
Why dead: Used to be called from pkg/registration/handler.go to grant the api-server's user CanActAs <userParty> per registration in the old custodial model. Both call sites were removed in commit 766f169. The new external-party flow uses CanExecuteAsAnyParty (wildcard) instead, so per-user grants are not needed.
Verification: grep -rn "GrantActAsParty" pkg/ scripts/ cmd/ returns only the interface declaration and implementation. Zero callers, even in tests.
Confidence: HIGH
Removal scope: ~25 lines (interface decl + implementation).
2. Client.AllocateParty — wrapper is dead, raw protobuf is used directly
File: pkg/cantonsdk/identity/client.go — interface decl line 32, implementation lines 77-97
Why dead: Replaced by AllocateExternalParty and AllocateExternalPartyWithSignature in 766f169. The wrapper Client.AllocateParty still exists but has no callers via the identity client. The one place that does still allocate internal parties — scripts/testing/test-cip56-multi-participant.go:607, 650 — calls c.PartyAdmin().AllocateParty(...) directly against the raw protobuf service, not the wrapper.
Verification: No matches for Identity.AllocateParty or c.identity.AllocateParty in production code.
Confidence: HIGH
Removal scope: ~22 lines.
3. Client.GetParticipantID — fully dead
File: pkg/cantonsdk/identity/client.go — interface decl line 35, implementation lines 251-259
Why dead: Added in 766f169 for completeness/parity but never wired into any production code path or test.
Verification: Zero callers anywhere in the repo.
Confidence: HIGH
Removal scope: ~10 lines.
4. Client.ListParties — only used by an excluded utility script
File: pkg/cantonsdk/identity/client.go — interface decl line 34, implementation lines 223-249
Why dead-ish: Old fallback for the "party already exists" error path of AllocateParty; that path was deleted in 766f169 (AllocateExternalParty handles already-allocated cases via gRPC status codes).
Caveat: One caller still exists — scripts/utils/list-parties.go:138 calls cantonClient.Identity.ListParties(ctx). But that file is build-tagged //go:build ignore and is only run manually. Two options when cleaning up:
- (a) Delete both — remove
ListParties from the identity client AND delete scripts/utils/list-parties.go if it's no longer maintained.
- (b) Keep both — leave
ListParties and the utility script alone, since the script still has operational value for debugging.
I lean (a) since the script is //go:build ignore (not in CI, not built by default) and the same data is reachable via raw c.PartyAdmin().ListKnownParties(...) if needed in the future.
Confidence: MEDIUM (depends on whether we want to keep the utility)
Removal scope: ~30 lines from client.go + the constant listKnownPartiesPageSize (line 21) becomes dead with it. Plus optionally deleting scripts/utils/list-parties.go (~150 lines).
5. KeyManagement.KeyDerivation config field — declared but never read
File: pkg/config/config.go:112-113
// KeyDerivation specifies how to generate Canton keys: "generate" (random) or "derive" (from EVM + seed)
KeyDerivation string `yaml:"key_derivation" default:"generate" validate:"required,oneof=generate derive"`
Why dead: Intent was to switch between random key generation and EVM-seed-derived keys. Only random generation was ever implemented (keys.GenerateCantonKeyPair is unconditional at pkg/user/service/service.go:162, 275). KeyDerivation is validated at config load but never read at runtime.
Verification: grep -rn KeyDerivation pkg/ scripts/ cmd/ returns only the field declaration in config.go and the default-value assertion in config_test.go:159. Nothing reads it in production.
Note: KeyManagement.MasterKeyEnv (the same struct's other field) IS alive — used at pkg/app/api/server.go:200, 204 to read the master encryption key. So we keep the struct, drop only the KeyDerivation field.
Confidence: HIGH (with the proviso that we should also remove the key_derivation: keys from default YAML configs)
Removal scope: 2 lines in config.go + ~5 entries across pkg/config/defaults/*.yaml files + 1 test assertion.
What's NOT dead (deliberately verified)
To save reviewers re-checking these:
Suggested approach
Single PR, mechanical removals:
- Delete
GrantActAsParty, AllocateParty, GetParticipantID from the identity client (interface + impl).
- Remove
KeyDerivation field from KeyManagement struct and from default YAML configs (config.api-server.{docker,local-devnet,mainnet}.yaml).
- Decision call on
ListParties:
- If we drop the utility script: remove
ListParties and listKnownPartiesPageSize from the identity client, delete scripts/utils/list-parties.go.
- If we keep the utility script: leave both in place.
- Run
go build ./..., go test ./..., golangci-lint run to confirm nothing breaks.
- Update
pkg/cantonsdk/identity/mocks/ regenerate (make generate-mocks) if interface methods change.
Trigger
Came up while reviewing rights granted to the shared Canton OAuth user (#243). The unused GrantActAsParty was the obvious one; sweep found the others.
Background
When external parties + interactive submission landed (commits
766f169,2397a44,e00a981), the older internal-party custodial registration model was retired. Several methods on the cantonsdk identity client and one config field were left behind with no remaining production callers.This issue lists the orphans I could verify, with the rigor needed to remove them safely. It's a cleanup ticket — no behavioral change, just deleting dead code.
Confirmed dead code
1.
Client.GrantActAsParty— fully deadFile:
pkg/cantonsdk/identity/client.go— interface decl line 40, implementation lines 368-389Why dead: Used to be called from
pkg/registration/handler.goto grant the api-server's userCanActAs <userParty>per registration in the old custodial model. Both call sites were removed in commit766f169. The new external-party flow usesCanExecuteAsAnyParty(wildcard) instead, so per-user grants are not needed.Verification:
grep -rn "GrantActAsParty" pkg/ scripts/ cmd/returns only the interface declaration and implementation. Zero callers, even in tests.Confidence: HIGH
Removal scope: ~25 lines (interface decl + implementation).
2.
Client.AllocateParty— wrapper is dead, raw protobuf is used directlyFile:
pkg/cantonsdk/identity/client.go— interface decl line 32, implementation lines 77-97Why dead: Replaced by
AllocateExternalPartyandAllocateExternalPartyWithSignaturein766f169. The wrapperClient.AllocatePartystill exists but has no callers via the identity client. The one place that does still allocate internal parties —scripts/testing/test-cip56-multi-participant.go:607, 650— callsc.PartyAdmin().AllocateParty(...)directly against the raw protobuf service, not the wrapper.Verification: No matches for
Identity.AllocatePartyorc.identity.AllocatePartyin production code.Confidence: HIGH
Removal scope: ~22 lines.
3.
Client.GetParticipantID— fully deadFile:
pkg/cantonsdk/identity/client.go— interface decl line 35, implementation lines 251-259Why dead: Added in
766f169for completeness/parity but never wired into any production code path or test.Verification: Zero callers anywhere in the repo.
Confidence: HIGH
Removal scope: ~10 lines.
4.
Client.ListParties— only used by an excluded utility scriptFile:
pkg/cantonsdk/identity/client.go— interface decl line 34, implementation lines 223-249Why dead-ish: Old fallback for the "party already exists" error path of
AllocateParty; that path was deleted in766f169(AllocateExternalPartyhandles already-allocated cases via gRPC status codes).Caveat: One caller still exists —
scripts/utils/list-parties.go:138callscantonClient.Identity.ListParties(ctx). But that file is build-tagged//go:build ignoreand is only run manually. Two options when cleaning up:ListPartiesfrom the identity client AND deletescripts/utils/list-parties.goif it's no longer maintained.ListPartiesand the utility script alone, since the script still has operational value for debugging.I lean (a) since the script is
//go:build ignore(not in CI, not built by default) and the same data is reachable via rawc.PartyAdmin().ListKnownParties(...)if needed in the future.Confidence: MEDIUM (depends on whether we want to keep the utility)
Removal scope: ~30 lines from
client.go+ the constantlistKnownPartiesPageSize(line 21) becomes dead with it. Plus optionally deletingscripts/utils/list-parties.go(~150 lines).5.
KeyManagement.KeyDerivationconfig field — declared but never readFile:
pkg/config/config.go:112-113Why dead: Intent was to switch between random key generation and EVM-seed-derived keys. Only random generation was ever implemented (
keys.GenerateCantonKeyPairis unconditional atpkg/user/service/service.go:162, 275).KeyDerivationis validated at config load but never read at runtime.Verification:
grep -rn KeyDerivation pkg/ scripts/ cmd/returns only the field declaration inconfig.goand the default-value assertion inconfig_test.go:159. Nothing reads it in production.Note:
KeyManagement.MasterKeyEnv(the same struct's other field) IS alive — used atpkg/app/api/server.go:200, 204to read the master encryption key. So we keep the struct, drop only theKeyDerivationfield.Confidence: HIGH (with the proviso that we should also remove the
key_derivation:keys from default YAML configs)Removal scope: 2 lines in
config.go+ ~5 entries acrosspkg/config/defaults/*.yamlfiles + 1 test assertion.What's NOT dead (deliberately verified)
To save reviewers re-checking these:
pkg/keys/canton_keys.gois alive —keys.GenerateCantonKeyPairis called from custodial registration (pkg/user/service/service.go:162, 275) and several testing scripts.CantonPrivateKeyand stores it ascanton_private_key_encryptedfor custodial / Canton-native registrations. Seepkg/user/service/service.go:193,pkg/userstore/pg.go:140,pkg/userstore/model.go:21.RegisterCantonNativeUseris alive — supports Canton-native (Loop wallet) registration.pkg/user/service/service.go:218.KeyManagement.MasterKeyEnvis alive (same struct as the deadKeyDerivation).pkg/keys/store.godoesn't exist — already deleted.Suggested approach
Single PR, mechanical removals:
GrantActAsParty,AllocateParty,GetParticipantIDfrom the identity client (interface + impl).KeyDerivationfield fromKeyManagementstruct and from default YAML configs (config.api-server.{docker,local-devnet,mainnet}.yaml).ListParties:ListPartiesandlistKnownPartiesPageSizefrom the identity client, deletescripts/utils/list-parties.go.go build ./...,go test ./...,golangci-lint runto confirm nothing breaks.pkg/cantonsdk/identity/mocks/regenerate (make generate-mocks) if interface methods change.Trigger
Came up while reviewing rights granted to the shared Canton OAuth user (#243). The unused
GrantActAsPartywas the obvious one; sweep found the others.