Good question. One potential albeit less-than-perfect method would be a premium registrar that has a contractual control in place to unlock or modify the domain, with verbiage in place requiring the registrar to have a well documented policy and procedure for dealing with take-down orders and that they will advise you unless they receive a NSL. Even this comes with the risk of human error and the risk of them receiving an national security letter if based in the U.S. or E.U. This is a single point of success.
Taking the decision away from the registrars would require having different accounts with multiple registrars in multiple regions, different payment methods and use a unique domain on each registrar to have a status consensus API or TXT records for people to validate against. I would probably just put a simple cryptographic public key in a TXT record on each of the domains and publish a simple script that uses "dig" and "openssl" to verify sanity. To avoid relying upon EDNS0 one could break up the key into multiple TXT records. This may be more work than people would accept and assumes you have a technically inclined community. This also assumes the members of your community chat with each other out-of-band on something like using signal or some other secure means of out-of-band consensus. This is also not perfect but may be sufficient.
Taking the decision away from the registrars would require having different accounts with multiple registrars in multiple regions, different payment methods and use a unique domain on each registrar to have a status consensus API or TXT records for people to validate against. I would probably just put a simple cryptographic public key in a TXT record on each of the domains and publish a simple script that uses "dig" and "openssl" to verify sanity. To avoid relying upon EDNS0 one could break up the key into multiple TXT records. This may be more work than people would accept and assumes you have a technically inclined community. This also assumes the members of your community chat with each other out-of-band on something like using signal or some other secure means of out-of-band consensus. This is also not perfect but may be sufficient.