On-chain finance is arriving on Canton, the network built for institutional assets. BitSafe is one of the first decentralization layers for Canton: the infrastructure that lets builders run serious multi-party applications here without handing control to a single operator.
Two things make that possible, and they are not the same. Decentralized Party is the underlying multi-signature technology: FROST threshold-governed signing that distributes custody and governance across independent operators, where a configurable quorum must act together to authorize anything. Decentralization Manager is the open-source application that makes it usable in production: the decentralization layer on Canton, with the tooling, lifecycle management, and governance workflows that turn the cryptography into something a team can configure and run. This post is about the application.
The problem: single-operator shortcuts do not scale
Canton gives institutions sub-transaction privacy and deterministic finality. Multi-party control still takes real work to implement well, so many teams start with a single participant node. Once an application starts moving real value, the shortcut shows its limits:
One operator becomes the default control point.
Adding parties turns into bespoke implementation work.
Governance becomes a mix of ad hoc process and tooling that is hard to keep consistent over time.
For institutional use cases, that becomes a scaling bottleneck.
What teams actually need
A production-ready Canton application needs two things at once, and they belong to different layers:
Cryptographic enforcement over who can do what. This is Decentralized Party: FROST threshold signing, quorum rules, and distributed key control, so no single member can unilaterally mint, move assets, or change configuration.
Operational tooling for membership and change over time. This is Decentralization Manager: membership lifecycle, key rotation, policy updates, and governed workflows that keep the party maintainable as participation grows.
Most teams get the first part. They underestimate the second. Decentralization Manager exists to close that gap.
Decentralization Manager: governed multi-party applications on Canton
Decentralization Manager is the open-source framework for creating, configuring, and running governed applications on top of a Decentralized Party. A group of independent nodes, each operated by a different organization, acts as one governed party. On-ledger actions require a configurable quorum, membership changes go through governed workflows, and every sensitive action is proposed, confirmed by the threshold, and executed with a full audit trail.
With it, institutions and developers can:
Launch applications with distributed control from day one
Add or remove members without rewriting the system
Change quorum policies without creating governance chaos
Govern shared funds and operational workflows under explicit rules
That is the difference between a prototype and infrastructure that keeps running as participation grows.
Proof in production: CBTC
CBTC, the first non-native asset launched on Canton, is the first live application built on this stack. A Decentralized Party governs its custody: the underlying BTC sits in thousands of FROST-secured lockboxes distributed across the Bitcoin network itself, in contrast to wrapped Bitcoin products that pool reserves at a single custodian. That is pristine collateral on Canton. The party is governed by an institutional operator set that includes Finoa, Nethermind, and DSRV, so no single entity can unilaterally mint or burn CBTC under the configured quorum.
CBTC was also the first full implementation of a decentralized-party flow in DAML, a pattern Digital Asset later reused for USDCX's 2-of-3 governance with Circle. The wider industry has converged on the same FROST threshold signing, from Stacks (sBTC) to Botanix and Zcash. Even Babylon, after raising roughly $100M on a 2-of-2 model, has moved in the same direction.
Use cases
The stack is a general governance primitive. Each use case maps to a layer: Decentralized Party enforces the cryptography, Decentralization Manager runs the governance.
Token issuance
Any asset that requires governed minting and burning can run on a Decentralized Party to avoid single-operator custody, with Decentralization Manager handling issuance policy and member changes. Real-world asset tokenization is one live example, governed mint and burn under quorum rather than a single issuer.
Vault governance
When multiple organizations jointly govern deposits, withdrawals, or parameters, Decentralization Manager keeps those actions under quorum control.
Market infrastructure
Liquidity venues and market infrastructure can use multi-party governance for fee distribution, parameter changes, and operator governance.
Credentials and access control
Distributed authority over issuance and access is only credible when membership and approvals are enforceable and maintainable, which is exactly what the governance layer provides.
How it compares
Multi-party governance is a crowded space, but most tools were built for single-organization control or public-chain environments. The closest comparisons are purpose-built governance and custody frameworks: Safe and Squads for multi-sig treasury management, EigenLayer for restaking-based trust, Lit Protocol for distributed key management, and Mellow Finance for vault infrastructure. Each solves part of the problem on its own chain.
On Canton, the constraint is different. Smart contracts cannot hold assets directly, so assets must be held by a party. None of these public-chain competitors solve that constraint. Decentralization Manager is purpose-built for it: governed parties that hold and move institutional assets under explicit, enforceable quorum rules, with the membership and lifecycle tooling institutions need.
What's next
Decentralization Manager is opening up to early partners and builders, with an open-source release in scope under Apache 2.0, contributed to the Canton Foundation GitHub. If you are building on Canton and want to talk about production-ready multi-party governance, reach out to the team or read the Decentralization Manager Whitepaper.
BitSafe builds decentralized, privacy-enabled infrastructure and compliant digital asset products on the Canton Network. As the team who brought Bitcoin to Canton, BitSafe's threshold-governed multi-sig infrastructure distributes custody and governance, eliminates single points of failure, and enables institutions and developers to launch trading venues, deploy vaults, and build compliant financial products across the ecosystem.
Website | Twitter (X) | LinkedIn | Telegram