This is where clients should implement rate limits set by the user, but ultimately users need to only keep in their custodial wallets an amount they are comfortable parting with whether it be due to zaps or malicious actors.
Discussion
The setup I have that would be resistant event against a rogue client is a NWC relay over wireguard. Probably not easy for people to setup but itβs an option.
This is assuming the client doesnβt just swipe it locally vs sending the NWC connection string to their server or something. Would be dumb for a client to do that, it would tank my entire client and I would go to jail.
Any client is just 2-3 subtle bugs away from doing that and then it's just matter of someone noticing.
I think my preference is that the wallet creates a dedicated sats account that can only be used for zapping and is somewhat limited in max sats. And once in a while it would notify me to refill it.
Then the potential "total stolen amount" would be limited while the experience would still be top notch.
I donβt think people should be storing significant amounts of sats in these custodial wallets to begin with.
Exactly. You wouldnβt leave your house with your entire savings account in your back pocket. Be smart, only use these kind of wallets for your zapping around money.
True, same can be say about one tap zap. Just how urgently do you need to zap someone that that extra click to send is a burden? π€·π»ββοΈ
Said
You canβt do seamless client side zap splits without it. You would have to open N invoices externally and pay each one. Noone would do this.
And the problem with going exclusive crypto, as there are no guarantees nor regulations for the the companies responsibilities, and by the time they do offer security and regulations, the difference between fiat and crypto will be insignificant.
Then whether build back better is serving the purpose or a liability, well.
LNbits potentially fixes this if it would support the wallet connect feature.