[Larrikin]

You don't need to identify the user, just be able to show that two tokens are the same user and invalidate, log out both users, and make them generate a new token. You can sell your license to kids today, but it doesn't scale and is a terrible idea to give a kid an ID to a place you frequent.

[immibis]

So basically how it is today with phone verification. There are websites where you can pay $5 to borrow a phone number to verify a particular service. Except you only get one at a time.

Your idea also amounts to preventing ban evasion by linking a government ID to each account, which is on of the criticisms of linking accounts to government ID. And preventing multiple accounts even when not used to ban-evade..

And are you going to give the government N^2 queries every day?