Oh that is a interesting problem. One approach we experimented with was using Keybase for that. They already have a robust identity proof system that works with many platforms. You can read about our experiments at Discourse Keybase Proof. Not sure how it will be now that Zoom bought it.
This part come a bit weird. How Discourse being a IdP for Riot would help you proof on Discourse that you own an existing Riot/Matrix account?
Can you explain a bit more? I was looking into Matrix SSO yesterday, and finally they have something now. They implement both SAML, and on the develop branch oAuth2. Discourse can’t talk neither as a server, only as a client, so I was looking into either making Discourse act as a oAuth2 server or adding support for Discourse own SSO protocol in Synapse. Not sure this would address your needs…