I am completely confused by any discussion of "unilateral exit" or "self-custodial" when it comes to Spark. I completely don't understand why that matters, or what those concepts even mean, in the context of an API controlled by one company (actually one family, in this case.) They can just turn off the API at any time and then nobody can exit! If their servers go down, nobody can exit! It's 100% permissioned, right?
Discussion
Spark's entire trust model is based on the fact that all keys used to sign previous transactions are deleted.
Problem is, it's not possible to prove without a doubt that someone deleted a key, so you need to trust Spark that they really deleted the keys.
If trust is involved, it's not trustless.
Again, why does any of this trust stuff matter if the only way to actually do anything with Spark is to use LightSpark's API endpoints? And also -- LightSpark's entire reason for existing -- until 6 months ago -- was that they were the "compliant" way to access the Lightning Network? Why use Spark/LightSpark in that case, why not just use PayPal or Coinbase or whatever??
You are absolutely right.
supposedly the end user has enough data on their own that they can publish to L1 and retrieve their funds out of spark or ark, even if the service provider shuts off. this is what the documentation indicates, but I don't see it implemented in a client yet.
So the user can be like "I no longer want to work with LightSpark", and they can take their toys and go home, right? And then there would need to be an independent client, not controlled by LightSpark, that doesn't make network connections to any domains controlled by the Marcus family, and you could use that client to do the exit, right? That does sound fairly good. It doesn't deal with the "LightSpark can track all my transactions and might give them all to some government on request" -- but as long as LightSpark front ends disclose this prominently -- that Spark transactions aren't private -- then that's not really a dealbreaker for most users.
yes exactly. it has a combination of affordances and caveats that may be very appealing to some people as compared with other solutions. I'm sure lots of people will like it
just read the documentation first
It's just unfortunate that the company that is offering this service is the company that, six months ago, was marketing itself as a "compliance solution for Lightning". It should give anyone pause who is interested in the privacy characteristics of the Lightning network......