I wonder what the next step is.... how realistic is it that we can see full LN nodes run on a phone within 2 years? It's one thing to run a regular node
because the channel map isn't too big today, it can basically already be done, only the software isn't quite there yet...
Neutrino wallet does what you say, but it's not finished, and the new-ish protocol it uses (Golomb-Rice filtering) for querying the blockchain efficiently isn't in the main Bitcoin implementation yet (but going in the right direction, version 0.19.0 is being tested right now, and includes the BIP158 half of the protocol, which sometimes is literally referred to as "Neutrino"). You can use it now, but only btcd nodes support it, and there are about 10 or less btcd nodes, so it's not something you can necessarily rely on. And again, the wallet part isn't finished anyway
But in future, the channel map could become enormous, assuming Lightning takes off. And phones won't be able to deal with that, it could grow far faster than improvements in phone specs could possibly keep up. The Lightning devs are designing various new ways to make sure phones can handle only what they need from the channel map (sort of a local-view-only mode), and yet could still do routing (and get paid fees for doing so
). It's all a little in flux though, it wouldn't surprise me if a developer suddenly announces a change in the approach today, tomorrow or next month; they're still seem very much in exploration mode, as the potential permutations using the Bitcoin scripting that makes this all possible are wide and varied (and consider also that proposed new Bitcoin scripting operations are part of the planning going into it).
these stop-gaps and compromises will be fine in the short term, they amount to the same thing as a phone-based Lightning node in practice (and that's the path I'm gonna follow, don't like the idea of a lightweight Lightning wallet using commercial Watchtowers)
but the dynamics of LN I imagine require additional security features and tweaks.
Typical phones (Android & iOS) are in many ways more solid security-wise than your average desktop PC, but that's not necessarily good enough.
A fundamental problem is the routing issue; if you want to route other peoples' Lightning payments on your phone, you need to let the software use a hot wallet to do so, there's simply no getting around that, as the software has got to be able to sign transactions as fast as it receives routing requests, and that's too fast for the user to check each and every one and authorize it with their Trezor
The people at ARM might tell us their latest mobile CPU has some special new tech that can keep cryptographic keys in a special part of memory that definitely cannot be accessed by rogue software. But if the OS can access that special region in memory, then all an attacker needs is to find a hole in the OS (or the wallet software) that lets them access the keys too. There is no definitive solution, only cat & mouse good enough-for-now stuff is possible. Something with better guarantees might one day be devised, but the way the problem looks now it seems intractable. I'm optimistic though