My issue is actually a lot more basic and grug-brained than this. In order to use Spark, you have to hit Lightspark's GraphQL endpoints. Those endpoints are all servers controlled by one family. It would be trivial for governments to pressure that family into collecting I.P. addresses and doing other various things to de-anonymize the payments. The fact that Lightspark also *specializes* in compliance, KYC, etc., is especially worrying.
https://blog.apathy.tv/articles/wallet-of-satoshi-spark-beta-review
I rated spark higher than something like aqua due to the unilateral exit path, but I had a huge problem with it still not being permissionless. spark and also ark don't give the user a way to force a state change to occur, so the service provider can block payments. theoretically this could also happen on liquid if the federation decides not to confirm a transaction.
on any offchain scaling solution you ideally want the processing to be done permissionlessly. so like anyone can decide that they want to participate in running it and they don't need permission to help process transactions. if this is difficult, then at the very least there needs to be a way for a user to force a state change unilaterally without the service provider's cooperation. outside of self-custody lightning this is very rare. rollups like citrea, arbitrum, and base at least have unilateral state change.
Discussion
I think we are seeing the same thing. a good L2 should have one or both of these properties:
* anyone may begin confirming some other user's transactions without permission
* the user may force their own transaction to be confirmed without permission
if you don't have either of the first two, all the users are at the mercy of a closed set of participants, who could be a single company or might as well be a single company. then this company has total control over the usage of the L2, enabling them to funnel you into centralized infra, surveil you, or block your payments.
permissionless = no single infra