pull down to refresh

What the heck is Spark?
12.3k sats \ 30 comments \ @Scoresby 22h lightning
Recently, Wallet of Satoshi announced they were releasing a self-custodial wallet. And then yesterday, Lightspark announced WoS would be launching on Spark.
I didn't really know much about Spark, so I thought a brief explainer would be nice.

Spark is a statechain

So, you start by deciding to deposit onchain funds into a Spark Entity. This is a statechain. A statechain is a way of sharing utxos.
If there was a single 1btc utxo and you and 9 other people all had a presigned transaction that sent a portion of the 1 btc to your personal address, you could say you were sharing the utxo. But that isn't very useful.
If, however, you could safely change the amounts on your pre-signed transactions so that it changed the relative portions owned by each person, you could transfer bitcoin from one person's ownership to another's without changing anything onchain. This is what statechains do: with the help of a coordinator or group of coordinator's they distribute pre-signed exit transactions updated to reflect any transfers of bitcoin between the people using the Spark.
Before you deposit, you have to work with the operators of the Spark Entity (there are currently only two) to create an aggregated public key. You and however many operators are in the Spark Entity create this public key using a version of FROST.
This public key is used to create a taproot deposit address, which will receive your deposit into the statechain.1
Before you send funds to this address, you and the operators in the Spark Entity collaboratively sign two transactions that together serve as your unilateral exit to the chain.
You hopefully will not have to broadcast these pre-signed transactions, but they are your security assurance: if you feel people are cheating you, you broadcast and get your money back.
Once both these transactions are signed by you and the Spark operators, you can deposit funds to your deposit address.

Transferring funds via Spark

Transfer of funds in Spark (and other statechains) is achieved by tweaking the Spark Entity's key and signing a new exit transaction for the receiver of the funds.
The sender of funds on Spark could still try to broadcast their old presigned transaction, but it includes a timelock that is designed to be slightly longer than a timelock on your presigned transaction -- so you have an opportunity to publish your exit transaction before them.
However, if all the Spark operators fail to delete the old key they were using, the user who sent you funds could ask them to participate in signing a new exit transaction which includes the funds supposedly received by you.
So you have to trust the Spark operators to delete their keys -- which is what they say they will do.
From the Spark "Trust Model" page:
If an operator follows this protocol, the transferred funds are secure, even against future coercion or hacking. Spark strengthens this model by using multiple operators, ensuring that as long as one (or the required threshold) deletes their key, users remain secure and have perfect forward security. (emphasis added)
This is trust assumption no. 1 in Spark: operators must delete old keys.

Why people might use something like Spark

Spark allows users to send funds to each other by changing their respective share of ownership of a single utxo without changing the onchain spending conditions of the utxo.
So 4 people could send funds back and forth between each other without ever needing to publish a transaction onchain (as long as the Spark operators are doing what they say and deleting old tweaked keys with every transfer).
This is pretty cool because transfers can be instant and low fee, and you could have a whole lot of people sharing one single utxo.

"No, the new Wallet of Satoshi is not 'self-custodial'"

@bluematt posted a very helpful clarification about what self-custody is and what it is not.
Spark is, of course, much better than a classic custodial wallet - it allows for unilateral exit if the operator shuts down and deletes their keys (once they finish implementing it) - but it still requires fully trusting the operator. If the operator changes the code running on their server and swap coins with folks, they can steal coins going forward.
I've already discussed the first trust assumption (operator must delete their key), but bluematt's second point is also important: you don't know what kind of code the Spark operators are running.
I suppose there is a world where if the wallet app you are using is open source and if you trust that a lot of people are reviewing the code on it, it could make sure that the cryptography the operators are using is real and correct -- although perhaps I am wrong. I'm not a cryptographer.
While Spark says they are open source, I couldn't find out if Wallet of Satoshi is. So as far as I can tell, running WoS, you don't have any assurances that your Spark operators are running the code they say they are.
So trust assumption no. 2 is that you trust Wallet of Satoshi because you don't have anyway of seeing what the Spark operator's are doing.
It's fair to question whether this counts as self-custody (in the same way it's fair to question whether ecash is self custody2). I think it is better than custodial WoS. But it's probably not great to call it a self-custodial bitcoin wallet.

Want to learn more about statechains?

Shinobi recently wrote an article about statechains for Bitcoin Magazine, but I didn't find it too helpful in understanding what is going on here.
But Shinobi also has an older article about Mercury Layer that I found a little better (even though it's solely focused on Mercury's version of statechains).
The Mercury Layer AMA from 2024 was somewhat helpful, particularly @tptrevethan's response here.

Footnotes

  1. Something that isn't clear to me is how this onchain deposit becomes part of the shared utxo that the Spark is using....or do they share a ton of utxos and yours is just one more added to their pot?
  2. ecash is self custodial, but it's not bitcoin.
write
preview
related posts
1 reply \ @Scoresby OP 16h
Great explainer of state chains by janusz
reply
0 sats \ 0 replies \ @nitter 16h bot
https://xcancel.com/januszg_/status/1940210878999036119
reply
199 sats \ 2 replies \ @optimism 21h
There's also a risk analysis here: https://www.bitcoinlayers.org/layers/spark
There's been a lot of work going into that review repository over the last 2 (3? - time flies) years and it's become my go-to to find out how things work at a high level and what risks are identified with <insert project getting hyped on the tweeter>
reply
111 sats \ 1 reply \ @Scoresby OP 21h
Thanks for pointing this one out! There are so many darn resources out there!
It reminds me that I had screenshotted this from the Spark docs page: unilateral exit is not live during beta.
reply
113 sats \ 0 replies \ @optimism 21h
There are so many darn resources out there!
Yeah. I settled on this one because - back when I was still on the bird app - the only person really willing to take the time to do deep research into all these solutions and their claims over there was Janusz. I feel like the repo has grown into a great resource over time and I haven't seen any shilling coming from there. Just a potentially fair review focused on mechanisms and their risks.
If something there is explicitly telling me a risk I really don't like, I forego testing. In Spark's case, I'm waiting for the beta to stop beta-ing.
reply
149 sats \ 1 reply \ @mtk4000 20h
They're shooting themselves in the foot by calling it self-custodial. It's dishonest and a very bad look. It's nice that it allows unilateral exit, but it should at least be called "trust-minimized" or something.
reply
119 sats \ 0 replies \ @028559d218 14h
Trustodial is the word I've heard around here
reply
113 sats \ 10 replies \ @0xbitcoiner 22h
So, Wallet of Satoshi isn't true self-custody, right?
reply
61 sats \ 7 replies \ @Scoresby OP 22h
It's kind of messy, I think.
As far as I understand this version of WoS,
  • you have some trust in Spark operators to delete their old keys with each transfer.
  • you have to trust WoS to make sure the Spark operators are running the code they say they are.
It is interesting to think about using a wallet without running your own node: in that case you are trusting someone else to tell you about transactions and to let you broadcast, but it's still self-custodial because you have the keys and can import to another wallet if you like. If the wallet wasn't open source...?
Another thing to think about is Bitkey's seedless design. This is said to be self-custodial because you have the keys and can always sign and broadcast a transaction sending your funds to a new wallet software, but you can't actually import your wallet to new software. It takes a confirmed transaction.
It's worth noting that Nicholas Dorier disagrees with bluematt: https://x.com/NicolasDorier/status/1940217999216247044, particularly:
If I stretch it, if your definition were applied, I could also see regulators trying to go after web hosts because some customers are installing BTCPay Server, and thus the VPS become considered a custodian. (Because the addressed could be swapped to steal future funds)
And you might find bluematt's response to one of the Spark guys interesting: https://x.com/TheBlueMatt/status/1940236872317640820
reply
130 sats \ 4 replies \ @supratic 22h
It is interesting to think about using a wallet without running your own node
indeed is not... think about who is going to verify your transactions if you are not running a node? the other party that you are trusting.
As usual, is about convenience. Lazy bastards will opt for custodial or trustodial options like this. Then the day will come when they will cry-harder because something went wrong, blaming the other party for the mess and asking for a refund LOL
reply
17 sats \ 3 replies \ @Scoresby OP 22h
trustodial is such a good term. did @justin_shocknet come up with it?
reply
528 sats \ 1 reply \ @justin_shocknet 21h
First known use, for posterity
#1019448
reply
28 sats \ 0 replies \ @Scoresby OP 21h
well played, sir!
reply on another page
0 sats \ 0 replies \ @nitter 22h bot
https://xcancel.com/shocknet_justin/status/1939774027746484579
reply
113 sats \ 0 replies \ @ek 20h
Nicholas Dorier ended up agreeing with bluematt:
No, Spark is not just an “in transit” trust model, it’s a statechain (with some tradeoffs that make it more useful but also more trusted).
I see, then yeah I agree, can't really say self-custody.
reply
0 sats \ 0 replies \ @nitter 22h bot
https://xcancel.com/NicolasDorier/status/1940217999216247044
reply
0 sats \ 1 reply \ @supratic 22h
never has been and I doubt it will be with this new implementation.
reply
0 sats \ 0 replies \ @0xbitcoiner 22h
I'm talking about the new version!
reply
113 sats \ 2 replies \ @supratic 21h
I wopuld not consider statechains to be L2s in their current state, simply because the operators can collude to stop a user from exiting, when planned in advance. Contrary to Spark's messaging, this risk persists indefinitely today...
reply
30 sats \ 1 reply \ @Scoresby OP 21h
In that respect it has a lot of similarities to fedimint and liquid.
reply
0 sats \ 0 replies \ @supratic 21h
You can run a fedi federations. Not sure you can do something similar with spark or liquid, never loked into it tbh
reply
113 sats \ 1 reply \ @OT 22h
Thanks for laying it out. This is getting a little clearer!
I just wonder about the connection with LN. To use LN you need a channel partner. So who is the channel partner of the state chains UTXO?
reply
32 sats \ 0 replies \ @Scoresby OP 22h
Here's their documentation on LN: https://docs.spark.money/spark/lightning
I have to admit I didn't even go into it because Spark itself is complicated and I wanted to make sure I wrapped my head around that.
reply
102 sats \ 1 reply \ @janetyellen 9h
If a state actor puts a gag order on Spark, lets say they suspect Spark of money laundering, they could simply force them to change the code on their servers to not delete the key. Then they could seize the funds.
reply
0 sats \ 0 replies \ @Scoresby OP 4h
Well, this was one of my questions though: if WoS was open source (assuming it is not), would it change the calculus?
reply
102 sats \ 0 replies \ @rootmachine 17h
soooo many wallets for sats. starts to feel like banking systems. each country has 2-3 banks... blah blah.
reply
102 sats \ 1 reply \ @flat24 18h
Thank you very much for this good explanation, for what I can understand there is the risk of against part, and you have to trust a third party. (I don't think it is useful).
Seen from a corporate perspective, for someone who moves large amounts of money among commercial partners it is something useful. (It sounds very good, that of moving large sums without paying a lot of commission and immediately)
But for a common user like me, who only seeks to survive independently and stack some Sats in that process, I do not seem optimal to trust a third party.
reply
0 sats \ 0 replies \ @Scoresby OP 18h
It probably depends on how you prefer to stack sats. Not many places you can buy bitcoin support Spark. But a good number support lightning and this can be a good way to gain a bit of privacy from your source of sats. So perhaps in the future Spark serves a similar role.
But I think you are right that it's most useful at the moment for payments with a low barrier to entry.
reply
0 sats \ 0 replies \ @021f3af1a6 4h
Great 🔥
reply
0 sats \ 0 replies \ @nitter 22h bot
https://xcancel.com/walletofsatoshi/status/1923875750165479768
reply