By Douglas Borthwick · June 6, 2026
Give your people a private spot, and a membership that can't leak.
By Douglas Borthwick · June 6, 2026
You have people. The parents in your kid's class. The families on a soccer team. The regulars who keep your café alive, the alumni who still pick up the phone, the congregation, the cohort, the inner circle of a thing you built. And usually there's something you'd love to keep just for them: a newsletter, a page, a price, a place to gather that the rest of the internet can't wander into.
So you do what everyone does. You start a group chat. You share a password. You pass around a document with everyone's name and number. And every one of those leaks. The password gets forwarded. The “members-only” link escapes the group. The directory gets screenshotted and, a year later, ends up with a telemarketer.
Bothy fixes that. It does it with a membership pass, and that one word change matters more than it sounds.
Bothy lets any community hand its people one membership pass. You set up your community with your name and logo, then send the pass out by email. Each person taps the link and the pass lands on their phone. No app to install, nothing to buy, about a minute with Face ID or just their email.
From that moment, the pass is the key to everything you keep for members. A newsletter only members can open. Pages and posts the rest of the world can't see. Member prices in your store. You decide who belongs, and you can add or remove anyone in a tap. One license turns it all on.
The pass can't be copied, shared, or faked, and it isn't stuck on one device. It lives in the member's wallet, recorded on the blockchain, so it's with them on their phone, their laptop, a new phone, wherever they sign in. There's no password to leak, and no public directory of your people sitting in a doc for someone to grab.
A password is a shared secret. Its whole job is to be the same string of characters everyone types. So the moment you hand it to your members, you've handed it to everyone they'll ever forward it to. You can't tell who's actually using it. You can't remove one person without resetting it for all of them. A password guards a door by hoping a secret stays secret, and it never does.
A pass works the other way around. It isn't something you share. It's a credential each member keeps in their own wallet, with them on any device, and only they can use it. Nobody can forward it or paste it into a group chat. When someone leaves, you take their pass back and nobody else notices. There's nothing to leak, because there was never a shared secret to begin with.
Phones already have Face ID and fingerprint readers, so it's reasonable to ask whether this is the same thing. It isn't, and the gap matters.
Your phone's fingerprint proves one thing: that it's you, on your device. That's authentication. It answers “are you the same person who set this up?” Great for getting into your own accounts. It says nothing about whether you're in the PTA, on the team, or in the club. It proves who you are, not what you belong to.
A normal login has the same blind spot. Even a perfect, unhackable login just gets a person into their own account. To know whether that person is one of your people, you still have to keep a list of who's allowed in. And the list is the thing that leaks, gets sold, or gets quietly edited by whoever holds the database.
Bothy closes that gap by making the membership itself the credential. The pass proves who someone is and that they belong, and it proves it with cryptography instead of a list you have to guard. You still keep a private roster in your dashboard. It's yours alone, and it isn't the key to anything. In the old setup, being on the list (or knowing the password) is what opens the door, so the list has value and it travels: forwarded, copied, sold. With a pass, the pass opens the door, and the roster is just your private view of who holds one. Nothing circulates in the wild, and there's no public directory to grab.
It's a reasonable thing to reach for. “Sign in with Google” (or Apple, or Facebook; the plumbing underneath is called OAuth) is very good at one job: getting someone into a site in a single tap, with no new password. If all you need is a login, it's hard to beat, and we won't pretend otherwise.
But notice where it stops. It tells your site “this is jane@gmail.com,” and that's all. It proves who someone is, not that they belong, so your site still keeps its own list of which Janes are allowed in. Same private roster as before. It also puts a giant in your doorway. Google sees who signs in where, the rules are theirs to change, and the day they lock an account your member is locked out of your community along with it.
A pass is a different kind of thing. It isn't a login to your site. It's a membership your people carry. It proves belonging without asking a platform for permission, and because it lives with the member, any other community or shop can choose to recognize it. “Sign in with Google” can't make your PTA membership mean anything at the bookstore down the street. A pass can.
So is a pass flat-out better than OAuth? Not on first-time ease. One tap is one tap, and setting up a pass takes a minute. They just answer different questions. OAuth answers who you are. A pass answers whether you belong, and whether anyone, anywhere, can recognize that without a gatekeeper. If the thing you're protecting is a membership, that's the question that matters.
Bothy runs on InsumerAPI, the condition-based access API. When someone shows their pass, it reads the blockchain for the real answer to one question, does this person actually hold the pass, and returns a cryptographically signed yes or no that anyone can check. No company to take on faith. No database to break into. No password to steal.
For the person running a community, that adds up to something rare: nobody owns your people but you. No platform can change the rules, mine your members, or hold them hostage. The pass lives with the member, the proof lives on a chain anyone can verify, and you decide who belongs.
Now multiply it.
You're not in one community. You're in a dozen. A school. A team. The college you graduated from. The shop on your corner. Each one can hand you a pass, and they all live in the same wallet, with you on whatever device you're on. Everywhere you go can recognize the communities it chooses to honor and roll out the welcome, and everywhere you run can do the same for everyone else.
Think about the favors people already do for their people. The regular's price. The “you went to State too? this one's on me.” The friends-and-family rate. Everyone does it. The reason it stays small is friction: it only works when you're at the counter, you remember the face, and you trust they are who they say. Bothy takes the friction out. The welcome lands whether or not you're there, the pass proves they belong, and you only ever check the one membership you honor, so the rest of what someone carries stays private.
A coffee shop can honor a dozen communities. The bookstore ten. The team store the families of its own players. And every one of those communities can honor them right back. You give and you receive at the same time. Think AmEx points and an AARP card, except for every group you're part of, and owned by the people in it instead of a giant. Communities rewarding each other, at last.
If you can name your people, Bothy is for you:
It's the same shape every time. Something worth keeping for the people who belong, and a way to keep it that doesn't leak.
We're opening Bothy with a founding offer, and it's a real one. The first 50 communities get their first year free: the Skye license and your first 50 member seats, on us, for twelve months.
Members never pay a thing. The only time you'd pay this year is if your community grows past 50 seats, and then it's $20 for another 50, one time, not a subscription. That's the whole price list.
Set up your community for free, create your pass, and send it to your people. Every door opens for the ones who belong and stays shut for everyone else.
Keep reading: Your Wallet Is Your Fingerprint, the cryptography behind why a pass can't be faked.