Personally, I'm not very block-happy, but I still have a few instance-wide blocks in place for my even my single-person instance on Mastodon because there are literally a few instances full of nazis, run by nazis, where blocking one puts you at risk of brigading.
I'm in a privileged enough position to have relatively little to worry about, but this also extends to a safety issue for a lot of communities, where harassment and threats spill over into the "real world", and where being able to put in place broad, expansive blocks to minimize the ability for individuals who consider themselves "wronged" by one of their victims to utilize their communities to strike is the bare minimum when there isn't a central authority putting efforts into getting rid of these users.
For example, due to having true account portability, if you tried to block a particular instance, they could just move to another one to evade that block. You need to block the account to prevent this. If there’s an instance that hands out usernames as a subdomain, you could write a moderation service that takes that into account, but then they could transition to their own username, stay on the same PDS, and that would no longer work.
The more BlueSky native way would be to run a moderation service that tags accounts, and then a blocklist that bans accounts that get the tag. You’d then want to tag accounts that post from that PDS, and now, even if they move, they’re still blocked.
That is to say, “you can’t really do that” doesn’t mean that that isn’t important or impossible, just that different protocols require different means of implementing requirements.
