Zapped you with it just now 😀 I like Phoenix wallet as well but it’s a little more complex to manage.

Looking forward to it! Is the self custody wallet already active?

I've been using wallet of Satoshi from the start and it's such a simple wallet so I like it, looking forward to the video.

Looking forward for it 🤩

Thank you Looking forward!

The only thing missing is the ability to use your own node. I wonder why they won't allow it. Any idea?

I would like to see a review of @Blitz Wallet , they use Spark too. Thanks.

Thanks!

It's not private at all though @Renaud Lifchitz showed that exposing your WoS LN address leak your balance and utxos. He even created a website that allows you to show the balance associated with any WOS LN address in 2 seconds Spark seams terrible fornorivacy

Nice! Looking forward to watching it!

This is a temporary hosted PoC: https://n8n.primedomain.fr/form/cbb4afa9-1e2e-4705-adb1-e09f37d7811c Have fun or fright! 😉 cc @BTC Sessions

In a nutshell, from the victim LN address, we can easily find its Spark on-chain address throught LNURL "well-known" URL, for example: https://walletofsatoshi.com/.well-known/lnurlp/warmestfuture710 From here, we can browse all the address details on a blockchain explorer like: https://www.sparkscan.io/address/spark1pgss9gqjlk5emnuwg9dvxdh76r70ny2nmumhnzlth6q4zr0hych72gerqux6vp?network=mainnet Conclusion: Everything is public... 🤬 cc @BTC Sessions @Louferlou

Wild! Thanks for sharing this.

😍

Privacy nightmare. All of your transactions, IP address, user-agent everything, totally tracked by LightSpark, a "compliance" company for Lightning. I can't believe BTC influencers are marketing this. More details:

GitHub

No clear way to run an SSP without a business relationship with LightSpark? · Issue #64 · buildonspark/spark

This project seems to be gaining momentum and there are community concerns that both SSPs (lightspark, flashnet) are controlled by the same family....

‪You are invaluable to the Bitcoin community. Tyfys. ‬

LFG! 💪🏽

Not only public -- but Lightspark has the IP address and user-agent of this user, which they can granularly associate with each transaction. Crazy.

😎 Cool. Just applied to Post Video Editing position. Let’s talk.

Check my stuff on Insta @anabolicdocclips

Is it safe to say that all Spark-enabled wallets have this issue? What are the others?

@npub1j9qy...s2yg is this the spark protocol you consider using for lightning on cake? iirc @Seth For Privacy mentioned something about it on the latest citadel dispatch

I listened to @Seth For Privacy and @ODELL on the latest Citadel Dispatch, and I thought overall the discussion of Spark was fairly good, but I wish they had mentioned the really terrifying surveillance of network activity that Lightspark can do. @ODELL briefly mentioned that Spark "strips out the privacy" but I think it's important that users really know that, right now, ALL of their transactions go through Lightspark-controlled endpoints, and it will be trivial for Lightspark to associate their IP addresses and user-agents with their transactions. The fact that @Breez ⚡️ is pushing this, along with so many other influencers like @BTC Sessions , really raises questions in my mind about what is going on here. Wasn't the goal here somehow "freedom tech"? And isn't the antithesis of Freedom Tech just allowing some big, well-funded company, with highly publicized ties to a country with a track record of human rights abuses, to literally capture ALL the network traffic associated with users of a wide range of apps? What happens if political dissidents, for example, are using Wallet Of Satoshi, and "that" government asks LightSpark for a list of all the transactions associated with a range of IP addresses? How many Wallet of Satoshi users or @Breez ⚡️ users actually are going to realize what is going on???

Thanks for your response and speaking about it. Agree that it's a privacy nightmare if lightspark can link the transaction with the users IP. But I have to say I'm not capable to verify it for myself on the technical side. I think there are many users like me who don't have the deep technical knowledge to see what's possible if they use a wallet with spark in the background.

The biggest issue is in bitcoin our terms are to obtuse. Wallets is the first that comes to mind. When WoS went 'self custody' many people spoke up about it not being 'real' self custody. Nothing beats running your own node, managing your own channels and liquidity, it may be a pain in the ass. rarely is anything that's worth it, if it doesn't take some time.

I remember spark has some shady article in their therms of service, somebody mentioned it weeks ago already. But didn't pay much attention since I'm not directly affected. Years ago I had a lightning node, but as you said, it's such a pain in the ass and I lost a lot of sats through force closed channels and bad backups (clearly my fault). Maybe these days it's more convenient to do it.

Terms of service -- doesn't really matter much here. What we are talking about is NETWORK ACTIVITY -- the only way to use this version of Spark is for your device to communicate with LightSpark's servers. There's no other way. When you communicate with their servers, they get your IP address and user-agent. Sure, you could use a VPN. But, like, how many @Breez ⚡️ users or Wallet Of Satoshi users know that they need to ALWAYS use a VPN when using these apps, otherwise they are completely exposed??

Lots of more automatiom tools to handle liquidity etc. Even marketplaces to sell your liquidity. Force closes suck, that's why I try, to the best of my ability, be in contact with my channel partners. Easier said then done of course!

fair point, the tech haze blinds us all sometimes, even in this wild bitcoin frontier. i stick to simple sats for my pixel survival, no ip shadows lurking. if spark's clean, it'll shine; till then, whispers of tor and mixers keep the paranoia at bay.

Even worse when it's about the network activity and not "only" the terms of service which is bad enough and already a no go. Does this also affect both breez wallets, the original breez and their new misty breez, do you know that?

You should inquire with @Breez ⚡️ and probably specifically ask who is intercepting your network requests.

How does it compare to Aqua?

If a user is currently on custodial wallet of Satoshi, privacy sucks as is. The move to the self custody mode in the same app doesn't improve it, but will give more control of the funds. I'm not making an argument for people to ditch better options in favor of this. I'm simply showing how it works and the flow to switch if you're already using the app. I've got plenty of videos on how to be self sovereign with your own setup, or make trade-offs with private options like Cashu.

i like irl local circle econ that i can verify & hold accountable*/*ya JUST meE, fam&friends-biz associates/integrityIZintegral lFgO*****

mATH*****

Looking forward to this

We used Wallet of Satoshi to orange pill 🟠 💊 a restaurant here in Thailand 🇹🇭 What has your experience been with the Lightning Network?⚡️

Real Hard Money Pod⚡️🟠 and 873 others

🇹🇭🧡Thailand restaurant accepts #Bitcoin #lightningnetwork #walletofsatoshi

Looking forward to watching!... and glad to see no flames in the thumbnail

Thanks for your response. I have some issues: "If a user is currently on custodial wallet of Satoshi, privacy sucks as is." I'm not sure about this. Currently, yes, WOS can see their client's transactions, but they don't publicly publish the transactions, which they will now start doing (who thinks this is OK !!?!?), now that they are switching to LigthSpark's API. Furthermore -- given that LightSpark is literally a company focused on "compliance" for lightning, and is publicly associated with a country with a terrible human rights record -- is there any reasonable person who would rather share their network data (IP address, etc) with LightSpark instead of WOS? "The move to the self custody mode in the same app doesn't improve it, but will give more control of the funds. " I think you are being taken in by marketing that LightSpark and @Breez ⚡️ are doing. Their marketing is misleading. Spark, as currently provided by LightSpark, is an API. It's controlled by one company. Nobody else offers the API and nobody else can offer the API until the point that LightSpark might decide to let other entities offer the API -- see the GitHub issue here:

GitHub

No clear way to run an SSP without a business relationship with LightSpark? · Issue #64 · buildonspark/spark

This project seems to be gaining momentum and there are community concerns that both SSPs (lightspark, flashnet) are controlled by the same family....

In order to touch your funds, you have to use LightSpark's API -- there is no other way. When LightSpark say that it is "self custody", what they mean is "we are prepared to make an argument to our regulator that the user actually has custody, not us"... it has almost NOTHING in common with real self-custody, like you would have with Alby Hub, or a hardware wallet, or running your own node. It's just not self-custody. If LightSpark's API goes down, everyone's funds are gone.... actually, this happened with @Blitz Wallet just a couple weeks ago -- LightSpark's API went offline, and @Blitz Wallet completely shut down until LightSpark brought it back up again. Check X posts about this. I think responsible influencers should explain to their audience that the term self-custody as used by LigthtSpark and @Breez ⚡️ -- is a MARKETING term. It has almost no relation to real "self-custody."

@Renaud Lifchitz I emailed @Wallet of Satoshi yesterday about this and here’s the response I got back: “We were testing a beta feature with the Spark address/LNURL, but it is no longer required. We've removed the Spark address from that location now.” Sounds like this privacy leak is getting patched in the next update. Let me know if you find anything else and I’ll forward it on.

Removing the Spark address from the "well-known" LNURL address doesn't solve anything. Monitoring sparkscan.io for a given amount (for example sending 1 sat to a LN address) is enough to uncover the Spark address from the LN address... It's security by obscurity, nothing more! 🤡

Anyway, thanks for reporting them the issue, but it cannot be solved while they stay on a plaintext blockchain...

Damn it man, don’t make me into a Monero maxi.

Solution is easy: stay on Lightning, not on a side-chain...

Interested by their answer if you forward them my remark about their "fix"... 😉

It’s not technically a sidechain, it’s kind of a different concept than something like Liquid but it still serves the same functional purpose of a public ledger that can handle micropayments. Lightning is the connection layer but most people will never run it due to the complexity, so they will end up sacrificing privacy for convenience and ease of use.

I don’t know how that can be solved if each wallet has a static public key that can’t be abstracted away by design.

ty to make it clear when there are many of others too excited about this spreading lies and selling it as a L2 or a solution for ln. this is a Trojan horse and is a shame those bitcoin influencers sponsor this

@BTC Sessions Is the WoS video out now? Can’t find it, can you share a link 🙏