Golfing App Finally Reveals Its Secret Origin Story After Years Of Silence
By 813 Staff
In a move that could reshape the industry, Golfing App Finally Reveals Its Secret Origin Story After Years Of Silence, according to Boris Cherny (@bcherny) (in the last 24 hours).
Source: https://x.com/bcherny/status/2074247226038063316
If you’ve ever tried to recover an old account, prove who you are in a chat, or verify a transaction without a password, you’ve felt the friction that most online identity systems still create. That friction is exactly what Boris Cherny and his team have been quietly trying to eliminate. On July 6, 2026, Cherny—known inside the industry as the engineer behind a major rethinking of how apps authenticate users—posted on X that his team was, for the first time, sharing the full origin story of what they built. Internal documents show the project began as a skunkworks effort inside a messaging platform that struggled to scale its identity layer under pressure from regulators and user complaints. Engineers close to the project say the initial prototype was built in six weeks by a team of three, and was never meant to see production. But once it worked, it worked too well to ignore. The rollout has been anything but smooth. Sources familiar with the integration say early testing revealed critical edge cases around device loss and multi-account households that forced a nine-month delay. The public share-out, which Cherny teased with a single tweet linking to a now-available technical narrative, walks through exactly how the system handles key verification without exposing private keys—a problem that has vexed consumer app developers for years. What matters for the average user is simpler than it sounds: this architecture could eventually mean signing into apps by pointing your phone at a QR code, or approving a payment with a tap, without ever typing a password or scanning a fingerprint. No biometric data stored on company servers, no recovery emails to reset. Why it matters is straightforward. Nearly every major identity breach in recent memory traces back to compromised credentials or poorly stored secrets. This approach, if it sees broad adoption, shifts the trust model entirely to the device. What happens next is less certain. Cherny’s post does not announce a product or a release date. Industry insiders expect the underlying specification to be open-sourced within the next quarter, but no official timeline has been shared. For now, the story itself is the signal—a rare look behind a curtain that most teams never open.
