rbates Couple additional thoughts I've been having since I wrote this.
There's really two things being addresses here. One is making sure that the mapping between the federation address and the wallet address can't be easily tampered with. The second is using federation + memo as a mechanism for managing sub accounts.
For the sake of the discussion I think it's worth considering that these could be solved in different ways. For example, if stellar core had the concept of an incremental id attached to each account people could still build their account management solutions off the ledger, but there would be a way to enforce uniqueness and prevent situations where the memo is critical but gets submitted as empty. You wouldn't need to store balances for sub-accounts in the ledger, just have core reject the transaction if it's not in range (ABC, ABC-01, ABC-02).
Circling back to federation, with a setup like this you could require that Stellar accounts and their user aliases were mapped one-to-one without passing around memos from federation to client to core.
Sorry if this is slightly off the original topic of DKIF, I just feel like the security, identity, and technical architecture discussions around all of these are intertwined.