I've learned recently that some wallets don't even check SPV proofs, they just blindly trust the Electrum Server. That's terrible!
#Electrum will even open some connections with p2p nodes to find out what is the best chain of PoW, that's the bare minimum a decent wallet should do...
Can you share which wallets you found don't check SPV proofs?
Came to ask this too
Blue wallet says so in their FAQ. Mutiny apparently just trusts the Esplora server they're connected to. Sparrow apparently asks for headers, but no Merkle proof. The version of Nunchuk I have also doesn't, but I think it's a old one.
There may be more, but I'm too lazy to look for
Please correct me if I'm wrong. I'm working with an Electrum Server, so I look at a bunch of traces of different wallets talking with the server. That's my main source of info (except for mutiny, which uses Esplora. That one I've looked at the rust code)
One thing that popped to mind about sparrow: I'm using a "private Electrum Server", so maybe they do check for public nodes.
