I won't comment on the usability of/need for this system, but I have a few random comments and questions:
Why demand exactly one input? This will probably cause problems for wallets with many small value UTXOs and no big.
Why demand exactly type p2wpkh on input? Why limit at all?
32-byte-nym_public_key is actually 33 bytes, no? Compressed pubkeys are 33 bytes.
Why verify "SIZE 32 EQUALVERIFY" on output 2? It puts a ceiling on the entropy, but no floor, so it seems useless.
Why require segwit version 0 change output? This seems like an unnecessary limitation.
It's not clear to me what's IsStandard rules and what's nym protocol rules in the specification section. I interpret the specification to specify IsStandard rules, but the section also mentions stuff not relevant to that, for example how the nym signature is constructed and what the opreturn data consists of. You should make the distinction more clear.
I couldn't find info on what 1-byte-nym_version and 1-byte-nym_use are and how they are used. But it might not belong in the BIP if it only should describe IsStandard policies?
Regards,
Kalle
Sent from my Sinclair ZX81