I think you missed the part when the original username was a subdomain of bluesky. There will be a great many anonymous registration services I'm sure. And things like afraid.org make that number of possible domains you can use anonymously a truly massive number.
The problem with pub/priv keys as user identities is discoverability and validation. How do I find your key? How do I prove this key is actually yours? Sure they are anonymous, but that isn't a desirable property if you are an established public figure.
Most of us are not established public figures and many of us, I’m sure, want to keep it that way.
With keys, validation can happen in several ways: attestation by reputable orgs, reputation systems, off-band, 2FA, “Hi, I’m John”, etc etc. Discovery is also highly context dependent in that it can and should happen “in the app/system” (=whatever the context of the use case is, eg. you know me by pubkey 123, the tax office knows me by pubkey xyz).
“anonymous registration services” from the perspective of self-sovereign identity is by definition not anonymous :)
To be clear, I understand the desire for truly anonymous services. But after two decades of experimenting and thinking of this problem. I don't think it is possible for an truly anonymous solution that is also ergonomic to use.
Things like briar exist, and for you use cases, existing tools might be enough. Briar is fantastic for communicating with people you know and willing to jump through some hoops be part of a community that is anonymous, secure, and provides lots of ways of making introductions and posts.
But there are reasons why Meta, Twitter, Linkedin and the like are well above any anonymous solution in terms of users.
- Identity (including pseudo identity of anonymous users) is established.
- Spam. There is ungodly amount of spammers out there, as email has shown. If you have played with nostr or scuttlebutt you would also see just how horrible the spam is.
- Account recovery, people are bad with passwords and storing secrets. Very bad. And even the most secure people can get exploited.
- Hosting your data is problematic. Who hosts data which may be illegal? When illegal data is flagged, how does it get purged? Merely being the transit for data is protected in the US, but physically hosting that data is not.
- The vast majority of people are unable to run a persistent service for their identity and content. Even if they are willing, they lack the means. You end up targeting a very small subset of people who are willing, able, and capable of running a service. And that service requires care and feeding. You might end up with millions of vulnerable instances.
- Scalability. No one has come remotely close to solving how one of these solutions would scale to billions of users. Or even tens of millions. DHTs become painfully slow and bloated. Even if a solution did start catching on, it would quickly then fail because the user experience would crater as it gains popularity.
I have become convinced that making an ergonomic briar is impossible without making some concessions.
Complaining that a new and unproven tool's chosen concessions are bad inhibits experimentation.
The problem with pub/priv keys as user identities is discoverability and validation. How do I find your key? How do I prove this key is actually yours? Sure they are anonymous, but that isn't a desirable property if you are an established public figure.