pull down to refresh
I already shot him down: https://x.com/Kruwed/status/2076499979749749021
lol, “I shot him down”. You wrote this:
It doesn't take that many paragraphs just to say "Spark is custodial and can spy on all of your transactions".
You have only disqualified yourself from the discussion with that unproductive reply.
Saying it’s custodial is as smart as saying it’s not.
I saw that. I was hoping he would respond to you.
I'm curious though: is spark so different from a lightning wallet where you have only one channel with your LSP (a la Phoenix)?
I guess you can get to the chain more easily, but they still can see all your txs, I think.
No, it's not so different, only slightly worse.
But I don't think it's too much to ask that we try for "slightly better" instead of giving up entirely.
We already had Mercury Layer statechains. These used blind signatures so the statechain couldn't spy on users. The custody issue remains for both Mercury and Spark, but why the FUCK is the privacy getting WORSE as new projects replace old ones?
Hmm... I just realized that if you apply the process of toxicity that nopara describes in #1523710 in a generic way to the spark discussions going on, then there are parallels and this is probably once more a situation where implementation criticism goes toxic, divides people, and then in the end, the user within the divide that actually believes any of these toxic narratives will get victimized, again.
Both the Bitcoiner that falls for this narrative and the one that stay away from but becomes emboldened in their use of other conveniencetech (that has a 99% chance of being at least as bad) risk getting rekt over narrative instead of facts. This has been a problem for very long and the fix ("don't trust, verify") is applicable poorly to users of conveniencetech. People do not really want to be secure, because that takes real effort; they just wanna believe that they are secure and brag to their buddies. Some magic solution that solves everything and you have true freedom now. I hope anyone with half a brain realizes how fucking retarded that is.
After all, if you fall for the narrative that:
- we use a monorepo for our all our server code
- because of that it is not open source
, which is not even an excuse, and think that this makes it somehow okay, then you are a fucking retard. Especially because there's virtue signaling in that same paragraph about how they contribute to LDK and LND - as if that fucking matters. You can run whatever on a non-attested service endpoint.
As a user, you are depending on a closed source component, hosted as a service. This is the only fact that defines your entire risk assessment: it's a blackbox. For most of us that truly need security, the buck stops there, but let's amuse the thought that there is no other way, just this.
The next step is to figure out which data goes to that service. Everything that goes in there is exposed.
Now, if all your transactions go into the blackbox then all your transactions are exposed. If some key or address material goes in there, that is exposed. Public keys and addresses are sensitive information, from a privacy perspective! Now let's assume that you're not using anything to mask the origin of the connections to that service: then that is exposed too, and linkable to whatever data you submit.
How is it linkable? Example legal path:
- Court order: Hey Spark give us all data you have on address
<xyz>(response contains IP addresses, timestamped) - No need court order:
SELECT ad_id, app, lat, lon FROM purchased_data_from_broker WHERE ip IN (x,y) AND timestamp BETWEEN y AND b; - Optional court order 2: Hey
<app>give us all data you have on the account associated with<ad_id>.
You can replace the court orders with data leaks and the popo with your favorite kidnapping organized crime group to construct the less legal path.
Bottom line. If you need privacy, you cannot use ANY service without risk, and even if you roll your own for everything, it probably carries more risk (also because there is a 99.9999% chance that you will trust GPT or Claude and the bot will fuck you up, bigtime[1])
There is always risk. You can minimize and manage the impact of that risk, which takes effort; the opposite of convenience. However, a service that denies being a risk is a massive liability. Don't fall for their lies.
For one, unilateral exit has been around since the early days of Spark. Many developers and users have used it.
A thing to note is that unilateral exit does not exist in any production apps. I tested all the big Spark apps recently because I wanted to see how they handle the exit, and could not find a single mention of exits in any of them. A regular Wallet of Satoshi user who bought into "The worlds simplest bitcoin wallet" is not going to hop on the CLI. I do think we can expect this to be properly implemented for end-users, when there's $175 million investment behind it, a big ecosystem with millions of users, other Lightspark products built on top of it, and the CEO making a big deal about it on podcasts. If not at this scale, then when? And where's the bitcoin ethos? It is also playing with fire, because if something happens, users are screwed, and the whole bitcoin payments ecosystem gets the blowback. Maybe a bit of pressure is healthy here.
Thanks for doing that work. I played with the idea of working through one or two open implementations but then I figured that I will never use it for production moneys, even if this were perfected, and I think that no one else should either.
This is the same trap like FB or Reddit, where the public gets tricked to feed it as much data points as possible because "it's cool" or "it's useful", and then, this gets turned into profit in ways which, if it were disclosed upfront, would make a lot of people think twice. Prime enshittification material.
So as much as I can be triggered to say "yo, let's just build it", there is a very good reason of not becoming a steward of future betrayal now. And I'm honestly trying to stay far away from this crap.
see all your transactions (isn't this true for many LSPs?)
No, Lightning works with a channel peer seeing the next hop along the route, not the destination
spark spies on you, but so does every other service
Key Point: Spark is a custodial service, not Lightning, so they should quit pretending otherwise.
That raises a separate matter, the stupidity of mobile Lightning nodes, and how everything stupid in Lightning is a direct result of the mobile node fantasy.
By using Phoenix, you're also not getting the full benefit of justice transactions since your device is not always-on to publish them. It'd be trivial for the LSP to target infrequent peers for rugging.
Phoenix is Lightning with asterisks at best and shouldn't be considered when comparing Lightning to fake L2s because they share the same underlying thesis of stupidity.
Sparkcore itself is not open sourced - that would mean open sourcing our entire server-side stack for every product we have built
Well that’s kind of the point Mister!!
Isn’t this the reason why we bitcoin? But everyone is adding spark to their applications calling it non custodial lightning just LARPING.
It’s annoying to the node runners who took the time to learn and failed how to maintain a lightning node.
Cake wallet saying they care about privacy and putting this technology in their application is completely ridiculous!!
Odell putting this in primal is ridiculous!
Breeze adding this to their SDK is ridiculous!
Here is a response by the CTO and co-founder Lightspark, Kevin Hurley:
This feels to me like the community reaction to spark when wallet of satoshi launched with it #1020261 and to the frustration when some wallets using spark put a user's spark address in the route hints of a lightning invoice #1251232.
Spark's advertising could use a lot more clarity.
Spark can see all your transactions, and like any entity that can see all your transactions (isn't this true for many LSPs?) they can log what they see and compare them to other data to which they have access.
It may be fair to say that spark spies on you, but so does every other service you use. The only ones who don't spy on you are the ones who can't spy on you.