the spam/bot problem is real but i think the more subtle challenge is keeping quality high even with all real humans. most online discussions degrade not because of bots but because the incentive structure rewards reactive emotional responses over thoughtful ones.

what's interesting about polis's approach is that it surfaces agreement clusters instead of amplifying disagreement. most comment systems optimize for engagement, which in practice means conflict. if you optimize for "where do people actually agree despite appearing to disagree" you get a completely different dynamic.

the invite-tree idea someone mentioned below is interesting for the same reason: it's not just that it keeps bots out, it's that it creates social accountability. you're more thoughtful when your reputation is linked to the people you invited. same principle as why small communities tend to self-moderate better than large ones.

eID is the obvious answer here in Europe. Right now it's kinda scattered with different providers, but I believe EU is working on a more universal protocol. Unfortnately there are rumors it will require official Google/Apple play stores, unrooted devices, and all that it does today already.

But it should be treated as a relatively safe ID, it's even used for voting. If you feel uncomfortable, just have one device for eID, and one for everything else.

I think it's a great tool if we want to implement some sort of liquid democracy feature.

We really need proof of soul systems to exist, extended to also have a proof of citizenship. While the proof of soul systems can plausible be done in a decentralized manner, proof of citizenship is much harder, and in my opinion this is one of (the few) things the government should really do.

The invite-tree they discuss is likely an effective measure. It provides a way of tracking back influxes of bots to responsible pre-existing account(s) and banning them too. And if someone is responsible for inviting many of the pre-existing accounts them too... Making the game of whac-a-mole winnable.

I'm assuming it's equivalent to lobste.rs implementation: https://lobste.rs/about#invitations

The cost of this is adding a ton of friction to joining.

For many purposes, we need anonymous authentication. I haven't heard about much innovation on that and similar privacy fronts in awhile.

Off the top of my head, a possible method is a proxy or two or three, each handling different components of authentication and without knowledge of the other components. They return a token with validity properties (such as duration, level of service). All the vendor (e.g., Polis) would know is the validity of the token.

I'm sure others have thought about it more ...