Mastodon and federation - the wrong level

This article by Tim Bray https://www.tbray.org/ongoing/When/202x/2022/12/21/Mastodon-Ethics (ignoring the patronizing garbage about Black Twitter and focusing on the paragraphs about federation) made me realize (once more?) that the level at which federation happens (motivated by technical constraints, of course) is just wrong. A user should decide in which direction (incoming and outgoing) he wants to be associated with other servers, not his home instance. The technical problem is that misc. HTTP restrictions (what certain furries call "security features") make it impossible to pull in content from other places in a way that is controlled by the user. Allowing this would reduce the understandable need for the home instance to decide against federation with "problematic" other instances to protect against legal responsibilities (or just woke pressure), because in the regular federation model, the home instance has to actively pull in the "problematic" content and host it.

How would user controlled federation work? Let's assume user A federates with a "problematic" instance and retweets a tweet¹ from it. Then this tweet would only appear for a user B following user A if user B also has the "problematic" instance in its federation set. The caveat is that the instance of user A would still have to expose the fact "user A retweeted this content from user B", but this fact could be encrypted by a key that only user-level federators of the "problematic" instance know. This does not make the fact "user A retweeted this" secret (since the key of the "problematic" instance is not secret), but it offers a bit of plausible deniability for the home instance of user A ("we don't know what the user shares").