RE: Limit the power GIVE us a chanse to become a whale !
Although I'm not a software architect or software developer, I think a solution could be to route vote request to a 3rd party entity who does the ID mapping; that entity should have mappings of real identity to al the user IDs (no idea what this will do to performance such as response times but I guess this can be very quick with sufficient computing power, database speed, and internet bandwidth). The data shall be encrypted in the database, so nobody can have a look at it. That entity will not be open (ie not decentralised and information not on a blockchain), therefore such entity shall be somehow 100% trusted. Such entity could be run by people that get elected by Steemit community and every so often re-elections are held. Maybe some 100% technical solution is possible, but I'm by far not the right person to be able to design a workable solution. But my gut feel says that somehow a solution can be created for this 'issue'.
I've also thought about some how routing the ID verification to other users who will not know what account the ID is verifying. I'm also not a developer, but I think that could be a fairly simple task. The system could also "test" users with fake IDs to make sure that accurate verifications are bing made by said user. But how would we ID people from all around the world? Would we use social security numbers, passport numbers, fingerprints? I don't really like the sound of any of those options.
Maybe start with government databases, like the department handling passports? Also credit card companies, and banks? In the long run these entities shall be taken over by new things, an entity that handles identity management across the globe, but for now established companies handling identity management can become partners I think, or?
I personally wouldn't be using Steem right now if I had to get verified through my government or bank. I would prefer to have the community do the verification. Either way I think if Steem accounts had to be ID verified, then it would be possible to limit the max power of a wale. If we can't stop a user from creating massive amounts of accounts then there is no point really in trying to limit max power.