The problem breaks down into a few broad sub problems, as I see it.
Confirming the reviewer or voter is who they say they are (to prevent one entity from making multiple reviews).
Confirming the reviewer or voter is a valid stakeholder. This is domain-specific, but can be such metrics as "citizen of country", or "verified purchaser".
Confirming the intent of the reviewer. This meaning people who were paid off (buyers who are offered a gift card for a positive review, which happens plenty on Amazon), or discounting review bombs when a game "goes woke".
1 and 2 have solutions. Steam cares about whether you're a verified purchaser, and the barrier to entry of "1 purchase of a game per vote" is certainly enough to make things harder to bot. Amazon might be able to do the same, but so much of the transaction happens outside their purview that a foolproof system would be hard. Not that it's in their interest to do so, though.
For places like Reddit or Lemmy, verifying one human per up vote is going to be impossible. New accounts are cheap and easy as a core function of the product. bot detection is only going to get harder, too.
If you used some centralized certificate system (like SSL certs), you could maybe get as granular as one vote per machine, but not without massive privacy invasions. The government does this for voting kinda, but we make a point to keep those private identifiers the government gives private.