As far as I know, LN requires the user to watch the blockchain in order to perform penalty in time. However, running full node is probably a heavy burden to some users, especially to mobile phones. I once heard that improved protocol for lightweight wallet (like Neutrino) can solve this problem, but I also heard that such lightweight wallet protocol still implies trusting the full node or server which provides service. Especially, a malicious full node can hide transactions from its clients, which seems to be a potential threat to lightweight LN wallets.

There is no substitute in terms of security and trust for running a full node.

There are different "lightweight client" concepts. Some of them are...

BIP37 (bloom filter):

• [minus] With current used false-positive rates, peers may learn all wallet addresses


• [minus] Usually done over an unencrypted channel (p2p 8333), ISPs, etc. learn also all your addresses


• [plus] client can validate if the transaction(s) were in a block (merkleblock)


• [plus] clients keep a blockchain with headers only can at least check PoW


• [plus] uses only little bandwidth


• [minus] Hiding back transactions are possible


• [plus]"Impossible" to fake a transaction

Neutrino (Compact Block Filters BIP158):

• [plus] fewer privacy implications then BIP37 since filtering happens locally


• [minus] needs more resources (basic filters from the genesis block up to block 560000 require ~3.5GB space/bandwidth)


• [minus] more bandwidth consumption because full blocks must be downloaded (rather then Merkle-"blocks" in BIP37)


• [minus] Hiding back transactions are still possible (though more complicated) because the block filters are not committed to the blocks (would require a soft-fork). Not committed means, peers can fake filters and make you miss relevant transactions (can be [partially] mitigated by comparing filters from different peers)


• [minus] No solution for mempool filtering (can't show "incoming transactions" reliable)


• [plus] "Impossible" to fake a transaction

Centralized Validation (Bitpay, Samourai, etc.)

• [minus] Full trust in the company/server (they know all your addresses)


• [minus] Can hide back transactions


• [minus] Can artificially create transactions
  


• [plus] Minimal bandwidth consumption

Some application mix different approaches (like Electrum does Merkle-tree checks and keeps a headers-only-chain to mitigate the "can artificially create transactions" problem).

Conclusion

If you want to watch the blockchain without trusted third parties, you must run a full node (could be pruned though <10GB space requirement, but lightning implementations are not fully compatible yet).

If (and only if) BIP158 block filters get committed (though a soft fork, hash in blocks coinbase of similar), hiding transactions through peers, providing filters, would no longer be possible.

Recommended practical approach

• Buy a tiny computer (Raspberry, Odroid, Pine64)


• Buy a >500GB SSD (USB3 SSD, ~100USD in 2019)
  
  
  • NO,.. don't use your old HDD (your sync time will be 20 times slower).
  
  


• Install Bitcoin Core (there are pre-build ARM64 binaries)


• Run with a large -dbcache (if you have 2GB+ RAM)


• Sync the chain


• zzzZZZ (takes maybe a week)


• enjoy being a real Bitcoiner (by avoiding all trusted third parties)