As a party we're entitled to a copy of the electoral roll.
If flux membership is tied to an electoral roll position, what's to stop savvy users logging in both as themselves and as a bunch of old people they know will never log in to flux? Or dead people who haven't been taken off the electoral roll yet?
You will need to verify a phone number (at least to begin with), and getting hundreds of numbers is pretty difficult. If this isn't good enough we can ramp up the amount of verification we do; the AML/KYC legislation for banks means there are some pretty sophisticated ID verification services around.
I have developed a system to try to cut down on fraud on electoral enrolment in Africa, so I have some knowledge of issues here. I'm not selling anything here, but I really don't have a lot of faith that people will just do the right thing.
One of the main advantages we have is having a good set of data to work with from the government, however, the only real long term solutions are electronic gov ID, or a mythical distributed ID system (many of which are being worked on, but have a long way to go).
I should say that without the use of biometrics it's basically impossible to guarantee one person one vote
Biometrics aren't too good IMO; they stop people getting into your phone but they don't have good security properties. They might also be useful for registration but then we'd need a huge database of biometric data.
It's not enough on it's own, but nothing is. The ID verification system will need to be a concert of many parts.
Time, effort, resources, to start with. They have to do all this before the issue, and if we have evidence of fraud we can take legal action, not to mention this is still a federal offence.
None of the issues you've put forward are unsolvable, but they are challenges. We'll come to them in time, but that time isn't now.
Additionally, this very likely to happen in a 'lumpy' fashion, not an 'everyone at once' sort of thing, so we'll be in a much better position than rampant fraud I expect.