It’s something you’ll likely have data for client side anyway, as it’s similar to web of trust - so caching who your follower’s follow and running a membership check can be done locally.

It doesn’t protect against someone you trust changing their profile to impersonate - as they will likely already be followed by people you follow and have follower counts, etc.

Here was an idea I had to combat it

nostr:note1h7hrag8300cnx6z3ua6qs5d8ne4p5eus6uuavjzlphm66m27t42sr44rc9