User:Gmaxwell/namecoin that sucks less
First, start with a committed UTXO set— I originally proposed commited UTXO for namecoin use. This can be used to make lite resolvers which get provable strong results.
Next, degrade the security model to SPV for the past history. Unlikely a currency, naming doesn't really require strong evidence that in the past the name authorities weren't cheating (inflating names? who gives a ?!#@). On syncup a node would grab headers, then pull the (say) last month of blocks and the UTXO from a month ago then apply forward and only check the recent updates.
Data older than a month ago would be deleted forever.
Next, any kind of to-address of internal capacity tokens must be P2SH with a two layer hash like hash160. When you pay to an address you must also provide with the transaction (but external to it) the interior hash value (this would be the real address). Thus its not possible to store arbritary data in payment addresses.
Next Key=value data must always store H(H(name)) and never name. Registrations of names must disclose the inner hash to prove that the key is a hash and not something else. If you haven't guessed a name, or someone hasn't told you about it— it's none of your business that it exists.
Value data must always be stored as Enc(H(name||2), data). When a resolver returns a result, unless it has guessed a name it can't decode the update records. Only people who know the names have any business setting a record.
Because of the UTXO tree data used in results a resolver couldn't lie and give an NXDOMAIN, but it could certainly return back that its refusing to answer a query for a particular name. If a resolver operator gets ordered to not serve a particular record, in spite of the above privacy, they can just return the hash of the record and a message saying its been censored.