Easy secure use of keys is a huge advantage of DC. I can quickly and reliably set up an encrypted connection with anyone if I am in their physical presence. I can also be reasonably confident that they won’t accidentally do anything bad. I can also reasonably trust that their contacts are who they say they are. Adding third parties to verification gives us a lot more ways to mess it up, and needs careful consideration.
Being able to connect to people if I am not in their physical presence is harder. Publishing a link or QR code is commonly done, but counterrecommended, and WKM is basically an organised server-centralized version of that.
We could mitigate spam risks by, say, using transient accounts.
The contact links are not really centralized, nor are they really links.
Sending VCards is not obvious in the UI but actually easy. See also r10’s “.asc to VCard” app.
Joining the same public group would also give you a contact. Obvious risks, though.