https://blog.apathy.tv/articles/wallet-of-satoshi-spark-beta-review
I rated spark higher than something like aqua due to the unilateral exit path, but I had a huge problem with it still not being permissionless. spark and also ark don't give the user a way to force a state change to occur, so the service provider can block payments. theoretically this could also happen on liquid if the federation decides not to confirm a transaction.
on any offchain scaling solution you ideally want the processing to be done permissionlessly. so like anyone can decide that they want to participate in running it and they don't need permission to help process transactions. if this is difficult, then at the very least there needs to be a way for a user to force a state change unilaterally without the service provider's cooperation. outside of self-custody lightning this is very rare. rollups like citrea, arbitrum, and base at least have unilateral state change.
> ark don't give the user a way to force a state change to occur
This is not true. Ark VTXOs are on-chain signed transactions the users can at any time broadcast to mainnet and have their sats back. You can exit an Ark without the need for server agreement.
you're right, I should have been more clear. I'm differentiating between forcing a payment to someone else vs yanking my own money off. technically a unilateral exit is a type of forced state change
I am completely confused by any discussion of "unilateral exit" or "self-custodial" when it comes to Spark. I completely don't understand why that matters, or what those concepts even mean, in the context of an API controlled by one company (actually one family, in this case.) They can just turn off the API at any time and then nobody can exit! If their servers go down, nobody can exit! It's 100% permissioned, right?
Spark's entire trust model is based on the fact that all keys used to sign previous transactions are deleted.
Problem is, it's not possible to prove without a doubt that someone deleted a key, so you need to trust Spark that they really deleted the keys.
If trust is involved, it's not trustless.
Again, why does any of this trust stuff matter if the only way to actually do anything with Spark is to use LightSpark's API endpoints? And also -- LightSpark's entire reason for existing -- until 6 months ago -- was that they were the "compliant" way to access the Lightning Network? Why use Spark/LightSpark in that case, why not just use PayPal or Coinbase or whatever??
You are absolutely right.
supposedly the end user has enough data on their own that they can publish to L1 and retrieve their funds out of spark or ark, even if the service provider shuts off. this is what the documentation indicates, but I don't see it implemented in a client yet.
So the user can be like "I no longer want to work with LightSpark", and they can take their toys and go home, right? And then there would need to be an independent client, not controlled by LightSpark, that doesn't make network connections to any domains controlled by the Marcus family, and you could use that client to do the exit, right? That does sound fairly good. It doesn't deal with the "LightSpark can track all my transactions and might give them all to some government on request" -- but as long as LightSpark front ends disclose this prominently -- that Spark transactions aren't private -- then that's not really a dealbreaker for most users.
yes exactly. it has a combination of affordances and caveats that may be very appealing to some people as compared with other solutions. I'm sure lots of people will like it
just read the documentation first
It's just unfortunate that the company that is offering this service is the company that, six months ago, was marketing itself as a "compliance solution for Lightning". It should give anyone pause who is interested in the privacy characteristics of the Lightning network......
