Mobile operating systems with remote attestation (that's both Android and iOS) aren't far off from that with regard to native apps. It doesn't affect the web yet, but Google did propose adding an attestation mechanism to Chrome.
I vaguely remember this from this last year though I can't remember all the details. That's a scary slippery slope.
Of course it'll be presented as a security feature, because users are dumb, whilst also allowing vendors to lock you into their ecosystem; similar to how passkeys are currently being push by these same companies.
