Thread

Sure - custody models involve tradeoffs. The "selling out users" thing I'm talking about actually has nothing to do with self-custody vs "custodians" or anything like that. It's much more basic. It's about NETWORK CONNECTIONS. When you use LightSpark's "Spark" API, you are REQUIRED to make network connections (and share your data with) one of two servers. One server, "lightpark.com", is controlled by David Marcus' company. And the other server, "flashnet.com" -- is also controlled by David Marcus' company. Any time you use a Spark wallet -- including, unfortunately, through previously trusted brands like nostr:npub1hcwcj72tlyk7thtyc8nq763vwrq5p2avnyeyrrlwxrzuvdl7j3usj4h9rq and nostr:npub1cm3rpgj7457yjuqnvdalxaauakqu0ndkpkyp5cldkyutpz4xszpsmk96wt -- your IP address, your transaction data -- EVERYTHING -- can be surveilled by LightSpark. LightSpark knows who you are sending from, who you are receiving from, your I.P. address, everything. This is kind of unrelated to LightSpark's claims of "self-custody" (which, BTW, are bullshit, because, of course, when their API goes down, which it does often, you are shit-out-of-luck and can't access anything.)

This unfortunately is also true with the nostr:npub1jugar2agq6369p0l86razavs9shj2p6pscxecevs8j94ap37hkqsjlfc28 API that your company seems to be using. It's really unfortunate that these companies seem to have lost the plot -- the point of Bitcoin, of the Lightning Network -- the way these protocols were carefully designed, over the years... is to preserve user privacy by allowing for DECENTRALIZED and PRIVATE transactions. If all your users' transactions go through one API endpoint in Tel Aviv or LA -- then that's a failure. They've got no privacy, and you're selling them a centralized system. If you want to do that, just use the PayPal API. It's going to be more reliable and at least there is some kind of legal oversight.

Yes the spark API can go down, but you still have unilateral exit onchain. When there is a better option than Spark we'll migrate to that. No solutions, only trade-offs.

How is Rizful better than this - how are you protecting privacy with your email signups and lightning address server?

Spark's "unilateral exit" requires using their API -- which is often down, and in any case, the "unilateral exist", as you probably know, is useless for small amounts, like below 20,000 satoshis (or something like that, not sure the exact number.) And also -- if you have to use their centralized API, why is "unilateral exit" any better than just "log in and withdraw your satoshis"?

We encourage users to use privacy-protecting email addresses. But yes, Rizful is a centralized service provider -- but there are key differences: 1. We're honest about who we are and what we are doing. When you use Wallet Of Satoshi or Blitz or Breez, you have to dig into the code (or worse) to realize that actually, these companies are just "fronts" for LightSpark's API. 2. We don't ALSO centralize tons of data from big players like Coinbase. With LightSpark, not only are they hiding behind lots of smaller players, but they also get a ton of data from bigger players like Coinbase. 3. LightSpark literally marketed itself -- until it for some reason switched strategies about six months ago -- as a "compliance" solution for Lightning. They are neck-deep in KYC, and their CEO, David Marcus, is a rabid supporter of Isreal, a country with literally the worst human rights record in the world. LightSpark is the LAST company that ANY freedom-focused Bitcoin company should be doing business with.

One more thing -- when front-ends like nostr:npub1cm3rpgj7457yjuqnvdalxaauakqu0ndkpkyp5cldkyutpz4xszpsmk96wt and nostr:npub1hcwcj72tlyk7thtyc8nq763vwrq5p2avnyeyrrlwxrzuvdl7j3usj4h9rq sell their users to LightSpark, those users actually don't end up owning Bitcoin -- they own the Spark token, which Spark (via some mysterious process), custodially exchanges with Bitcoin. Spark has its own address format, and is absolutely not inter-operable with Bitcoin. When you use Rizful, you're dealing with Lightning Network primitives -- invoices. And when you use our LSP - Megalithic.Me -- you retain full custody at all times, as all we can do is open Lightning channels to your node.