Unless you can reliably tie a user to their real-life identity, authentication isn't useful in this case. If a spambot tries to peer with my instance, it's not super helpful to know that their accounts will always be the same spambot and not a different one.
In a digital world, with no financial penalties, it's easy to build reputation with 'spurious' transactions and exhaust that reputation for one "Large Evil Event" and rinse and repeat.