The layered and context-aware solution I believe works and is feasible already:
- It all starts with relays. They must mitigate basic spam. Clients can only filter after they download realistically.
- Clients calculate a naive web of trust and hide everything outside by default (toggle to see filtered content)
- Bootstrapper account helps with onboarding (can be switched off)
- NIP85 trusted providers and requests- response type of social graph services like Vertex help extending your basic wot. Explicit opt-in is better because they're trusted. Client-side wot helps choose a provider, you see which your closest circles use.
- Clients must get better at the trust UX - displaying connection to a pubkey in a compact, informative and context-aware way

The best way to bootstrap trust however is communities.
Everything would become much simpler, and all the rocket-science in the world can't substitute that. Hope they gain more ground.

Nostr is the right tool for the job I believe but a tool is just a tool: We must use it well to achieve substantial progress.