Hey everyone - Clerk cofounder here. We're frequent readers of HN ourselves and have enjoyed the spirited debate about stateless-vs-stateful auth over the years.<p>The consensus we reached is that stateless auth is good, but the amount of development required for _secure_ stateless auth is prohibitive.<p>We built our session management service to make stateless and revocable auth incredibly easy to implement. The tokens are short-lived and we handle all the refresh automatically with our SDKs. A real-time demo of that is available here: <a href="https://edge.clerk.app" rel="nofollow">https://edge.clerk.app</a><p>If your company could benefit from shaving some milliseconds off your authentication check, or if you'd like to add device management and revocation to your application - we'd love to chat!<p>Today our session management product is still coupled with our user management product, but that will change soon!