I've been toying with similar ideas lately (haven't we all..) and I was thinking of also making user identities distributed. Or rather you create your identity, for example a DID, locally like an SSH key. Then similar to trusted lists of banned users you would also have trusted lists of verified users. So if I want to be verified I have to find a trusted verifier and complete their process (e.g. captcha and an email, or even a full passport check). This would also allow connecting accounts to actual people across the system.