pull down to refresh
trusting the provider to do a bunch of shared node functions
I assume this is stuff like running the actual bitcoin node (which is a pretty huge trust assumption). are there other shared functions that could meaningfully affect
but in reality, that key is pretty meaningless
because they can just turn it off or refuse to give you access? or is this something else that I'm not thinking about?
If the most recent channel state was always backed up locally on the mobile device, wouldn't that allow me to force close the channel from different software?
TEEs have value in cloud nodes in mitigating multi-tenant security risks... Not as a solution to hosting vendor risk.
I understand this to mean: while it might make sense for me to run a node in a TEE on a VPS, it makes much less sense for a wallet to offer this as a service to me. Does this primarily come back to being able to shut off the sever and controlling the bitcoin node, or more than that?
They're the middle node, proxying requests, issuing the invoices, the backing node as you mentioned, all kinds of vectors for chicanery... Not the least of which is they're monetizing you in a less transparent way than just charging for commodity cloud services because they can as the middleman with full control of the flow
The channel state thing is another way of knowing it's bs, if you could have live channel state to a phone (to sign and store) you could just run a mobile node, but that's not realistic for all the same reasons mobile nodes are retarded. Live channel state requires onlineness.
It makes sense for a vendor to offer hosted nodes in TEE's because it's a good security practice, it's be a disaster if a voltage for example were to have all its customers pwned by something compromising the OS level of the server, but representing that as some novel way of achieving self custody though is scammy
This seems to be a comprehensive grift out of the Spiral/LDK communist cell, monedevkit doing similar stuff they call server-less because of "serverless functions" AWS popularized for different uses... It's all a fake and gay rehash of greenlight by people addicted to dishonesty
The TEE favors a full LND, ignoring the fact the TEE still requires a trusted setup, your trusting the provider to do a bunch of shared node functions so that the provider benefits from density...
It's still trustodial in the sense that they can tell their lawyers YOU have the key, but in reality, that key is pretty meaningless. It's all theater for regulators.
TEEs have value in cloud nodes in mitigating multi-tenant security risks... Not as a solution to hosting vendor risk.