They're typically operating in private or semi-private federations, and so aren't so worried about spam/abuse issues like the one in question here. They may also not care as much about serverside metadata footprint (or indeed they may actually require serverside metadata in order for the server admins to enforce who can talk to who).
As a result, the popularity of Matrix in public sector has resulted in focus there - which is somewhat different to the expectations of folks looking for a Discord replacement or a privacy-at-any-cost solution.
> As a result, the popularity of Matrix in public sector has resulted in focus there - which is somewhat different to the expectations of folks looking for a Discord replacement or a privacy-at-any-cost solution.
Unfortunately, a Discord replacement is the sort of thing that the free software world actually needs, because in its absence people are just using Discord, even for free software projects.
I think you could get pretty close with OAuth2. You could also have the frontend be a centralized app, but allow people to host their own servers. If the entity controlling the frontend goes off the rails you still have a pretty simple exit strategy.
OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.
I looked into Zulip a couple years ago and they didn't support this. Have they implemented OAuth2 or something since then? Specifically being able to log in once and be able to jump between any number of self hosted servers.
As a result, the popularity of Matrix in public sector has resulted in focus there - which is somewhat different to the expectations of folks looking for a Discord replacement or a privacy-at-any-cost solution.