• You own the keys.
• Safe: Deterministic
• Lightweight: Client-server architecture
• Simple Payment Verification (SPV)

Features

• The blockchain is shared among all participants
• Trustless (if you are a full node)
• Decentralised: Censorship resistant

Limitations

• Does not scale (every node sees every payment)
• Long confirmation times
• Tx fees, no micropayments

• Payments are instant and trustless
• Scales well. No tx rate limitation

• Need to be online to receive a payment
• Trustless, but you need to watch your channels
• Routing, liquidity

• Server cannot show you fake payments (proof of correctness)
• Server can lie by omission (no proof of completeness)

UTXO commitments [soft fork]

• Merkle tree of the UTXO set
• root hash commited to blocks

Client-side block filtering (BIP 157, BIP158)

• Full nodes build a filter for each block
• client requests filters, downloads blocks that match
• if nodes disagree, binary search

Verifiable transifions

• UTXO set hash, not commited to blocks
• Client can request proof of transitions between blocks
• If nodes disagree, binary search

• Proof of completeness is not enough
• We cannot expect users to watch their channels
• Delegate breach remedy to 3rd party

Private

• WT knows about your channels
• Can charge a monthly subscription

Public

• WT does not know you, unless there is a breach
• WT is paid on breach