This is a serious privacy concern and my opinion is that nobody should use the new WoS Spark wallet without being fully aware of the risks. โ
I crash-tested this myself, comparing a @Breez โก๏ธ SDK Spark wallet with @Wallet of Satoshi and hereโs what I found. ๐ช๐ฅ
The first screenshot is an invoice from Breez, the second is from WoS. You can clearly see that the Spark address is only exposed in one of these. ๐
๐ฌ Spark Lightning Address Doxxer: a simple tool to decode Spark addresses from any Lightning address or invoice.
https://reneaaron.github.io/spark-lnaddress-doxxer/
Does somebody understand why WoS addresses seem to encode the spark pubkey as a routehint, but other providers such as blitz wallet do not?
h/t @npub1u8ln...turz
View quoted note →
