> End users can use NAT just fine. Servers can use […] reverse proxies, sharing single IPv4 address
So you want all computers to be behind at least a single layer of NAT. And you also want people to not only have to purchase a domain but also have to pay their NAT operator to add their domain to the reverse proxy
Eyeball networks are vastly different from content networks. Even among the tinkerer "homelab" and HN crowds, it is rare to host content from the same connection/address you browse from.
How is (home) NAT making the problem more complex than a stateful firewall? You never want to have a policy where incoming connections/UDP streams are permitted by default to reach any random device on the network, regardless of whether that device has a routable IP or not.
Now, CGNAT is a different beast and more worrisome from that point of view.
So you want all computers to be behind at least a single layer of NAT. And you also want people to not only have to purchase a domain but also have to pay their NAT operator to add their domain to the reverse proxy