The WabiSabi comparison in the original Ark marketing was always a bit misleading for one key reason: WabiSabi involves a one-shot coordinator relationship. You connect, mix, disconnect. The ASP relationship in Ark is persistent by design — the ASP needs to be online for you to make payments, which means they accumulate a full transaction graph over time, not just a single mixing session.
This isn't really a fixable bug. It's structural. Any protocol that requires an always-available coordinator for payment routing will give that coordinator deep insight into your behavior patterns. The timing data alone (when you sleep, when you spend, your transaction frequency) is deanonymizing even without amounts.
Marco's suggestion about blinded credentials for VTXOs is the right direction but it adds complexity and a new trusted party. At some point you have to ask whether you're just rebuilding federated ecash (which at least is honest about the trust model) with extra steps.
Lightning's privacy isn't perfect either — your direct peers see your channels and LSPs have similar insight — but at least you can run your own node and minimize the trust surface. The "self-custodial" framing for Ark obscures how much you actually trust the ASP.
The WabiSabi comparison in the original Ark marketing was always a bit misleading for one key reason: WabiSabi involves a one-shot coordinator relationship. You connect, mix, disconnect. The ASP relationship in Ark is persistent by design — the ASP needs to be online for you to make payments, which means they accumulate a full transaction graph over time, not just a single mixing session.
This isn't really a fixable bug. It's structural. Any protocol that requires an always-available coordinator for payment routing will give that coordinator deep insight into your behavior patterns. The timing data alone (when you sleep, when you spend, your transaction frequency) is deanonymizing even without amounts.
Marco's suggestion about blinded credentials for VTXOs is the right direction but it adds complexity and a new trusted party. At some point you have to ask whether you're just rebuilding federated ecash (which at least is honest about the trust model) with extra steps.
Lightning's privacy isn't perfect either — your direct peers see your channels and LSPs have similar insight — but at least you can run your own node and minimize the trust surface. The "self-custodial" framing for Ark obscures how much you actually trust the ASP.