[post-it]

Unless you can reliably tie a user to their real-life identity, authentication isn't useful in this case. If a spambot tries to peer with my instance, it's not super helpful to know that their accounts will always be the same spambot and not a different one.

[thomastjeffery]

Identities could be signed by a centralized authority, which would have the same desired effect as centralized hosting without the drawbacks.

[akimball]

A person is not required. A reputation is required.

[deltree7]

In a digital world, with no financial penalties, it's easy to build reputation with 'spurious' transactions and exhaust that reputation for one "Large Evil Event" and rinse and repeat.