smartcontractkit · friedemannf · Feb 16, 2026 · Feb 15, 2026
@@ -0,0 +1,2 @@
+- Bump Canton images to 0.5.11
+- Expose Canton UserID and Registry URL in output
@@ -46,6 +46,8 @@ type CantonParticipantEndpoints struct {
 	// GRPCHealthCheckURL grpc.health.v1.Health/Check
 	GRPCHealthCheckURL string `toml:"grpc_health_check_url" comment:"GRPC health check endpoint, responds to grpc.health.v1.Health/Check"`
 
+	// UserID is the user id associated with this participant, the JWT will have a subject claim set for this user.
+	UserID string `toml:"user_id" comment:"the user id associated with this participant, used in the JWT token"`
 	// JWT JSON Web Token for this participant
 	JWT string `toml:"jwt" comment:"JSON Web Token for this participant"`
 }
@@ -69,7 +71,7 @@ type CantonParticipantEndpoints struct {
 //
 // Additionally, the global Scan service is accessible via:
 //   - http://scan.localhost:[PORT]/api/scan 					-> Scan API				=> https://docs.sync.global/app_dev/scan_api/index.html
-//   - http://scan.localhost:[PORT]/registry 					-> Token Standard API	=> https://docs.sync.global/app_dev/token_standard/index.html#api-references
+//   - http://scan.localhost:[PORT]			 					-> Token Standard API	=> https://docs.sync.global/app_dev/token_standard/index.html#api-references
 //
 // The PORT is the same for all routes and is specified in the input parameters, defaulting to 8080.
 //
@@ -131,9 +133,10 @@ func newCanton(ctx context.Context, in *Input) (*Output, error) {
 		return nil, err
 	}
 
+	svUser := "user-sv"
 	svToken, err := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
 		Issuer:    "",
-		Subject:   "user-sv",
+		Subject:   svUser,
 		Audience:  []string{canton.AuthProviderAudience},
 		ExpiresAt: jwt.NewNumericDate(time.Now().Add(TokenExpiry)),
 		NotBefore: jwt.NewNumericDate(time.Now()),
@@ -145,22 +148,24 @@ func newCanton(ctx context.Context, in *Input) (*Output, error) {
 	}
 	endpoints := &CantonEndpoints{
 		ScanAPIURL:     fmt.Sprintf("http://scan.%s:%s/api/scan", host, in.Port),
-		RegistryAPIURL: fmt.Sprintf("http://scan.%s:%s/registry", host, in.Port),
+		RegistryAPIURL: fmt.Sprintf("http://scan.%s:%s", host, in.Port), // Don't add /registry to URL as this is part of the OpenAPI spec and the base URL should point to the root
 		SuperValidator: CantonParticipantEndpoints{
 			JSONLedgerAPIURL:   fmt.Sprintf("http://sv.json-ledger-api.%s:%s", host, in.Port),
 			GRPCLedgerAPIURL:   fmt.Sprintf("sv.grpc-ledger-api.%s:%s", host, in.Port),
 			AdminAPIURL:        fmt.Sprintf("sv.admin-api.%s:%s", host, in.Port),
 			ValidatorAPIURL:    fmt.Sprintf("http://sv.validator-api.%s:%s/api/validator", host, in.Port),
 			HTTPHealthCheckURL: fmt.Sprintf("http://sv.http-health-check.%s:%s", host, in.Port),
 			GRPCHealthCheckURL: fmt.Sprintf("sv.grpc-health-check.%s:%s", host, in.Port),
+			UserID:             svUser,
 			JWT:                svToken,
 		},
 		Participants: nil,
 	}
 	for i := 1; i <= in.NumberOfCantonValidators; i++ {
+		participantUser := fmt.Sprintf("user-participant%v", i)
 		token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
 			Issuer:    "",
-			Subject:   fmt.Sprintf("user-participant%v", i),
+			Subject:   participantUser,
 			Audience:  []string{canton.AuthProviderAudience},
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(TokenExpiry)),
 			NotBefore: jwt.NewNumericDate(time.Now()),
@@ -177,6 +182,7 @@ func newCanton(ctx context.Context, in *Input) (*Output, error) {
 			ValidatorAPIURL:    fmt.Sprintf("http://participant%d.validator-api.%s:%s/api/validator", i, host, in.Port),
 			HTTPHealthCheckURL: fmt.Sprintf("http://participant%d.http-health-check.%s:%s", i, host, in.Port),
 			GRPCHealthCheckURL: fmt.Sprintf("participant%d.grpc-health-check.%s:%s", i, host, in.Port),
+			UserID:             participantUser,
 			JWT:                token,
 		}
 		endpoints.Participants = append(endpoints.Participants, participantEndpoints)

@@ -13,7 +13,7 @@ import (
 
 // Canton Defaults
 const (
-	SpliceVersion = "0.5.3"
+	SpliceVersion = "0.5.11"
 	Image         = "ghcr.io/digital-asset/decentralized-canton-sync/docker/canton"
 )
 

@@ -12,7 +12,7 @@ import (
 )
 
 const (
-	DefaultNginxImage = "nginx:1.27.0"
+	DefaultNginxImage = "nginx:1.29.5"
 )
 
 const nginxConfig = `

@@ -11,7 +11,7 @@ import (
 )
 
 const (
-	DefaultPostgresImage = "postgres:14"
+	DefaultPostgresImage = "postgres:18"
 	DefaultPostgresUser  = "canton"
 	DefaultPostgresPass  = "password"
 	DefaultPostgresDB    = "canton"

@@ -38,7 +38,7 @@ func TestCantonSmoke(t *testing.T) {
 	})
 	t.Run("Test registry endpoint", func(t *testing.T) {
 		resp, err := resty.New().SetBaseURL(bc.NetworkSpecificData.CantonEndpoints.RegistryAPIURL).R().
-			Get("/metadata/v1/instruments")
+			Get("/registry/metadata/v1/instruments")
 		assert.NoError(t, err)
 		fmt.Println(resp)
 	})
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		- Bump Canton images to 0.5.11
		- Expose Canton UserID and Registry URL in output
friedemannf marked this conversation as resolved. Show resolved Hide resolved
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,7 +12,7 @@ import ( @@
     )
     const (
-    	DefaultNginxImage = "nginx:1.27.0"
+    	DefaultNginxImage = "nginx:1.29.5"
     )
     const nginxConfig = `
@@ Expand Down @@