I am completely confused by any discussion of "unilateral exit" or "self-custodial" when it comes to Spark. I completely don't understand why that matters, or what those concepts even mean, in the context of an API controlled by one company (actually one family, in this case.) They can just turn off the API at any time and then nobody can exit! If their servers go down, nobody can exit! It's 100% permissioned, right?
Replies (2)
Spark's entire trust model is based on the fact that all keys used to sign previous transactions are deleted.
Problem is, it's not possible to prove without a doubt that someone deleted a key, so you need to trust Spark that they really deleted the keys.
If trust is involved, it's not trustless.
supposedly the end user has enough data on their own that they can publish to L1 and retrieve their funds out of spark or ark, even if the service provider shuts off. this is what the documentation indicates, but I don't see it implemented in a client yet.
