Or just allow only using a single script. A domain in all Cyrillic: great! Mixing Latin & Cyrillic: nono.
In practice, browsers already check for this and display the "raw" punycode if they detect mixed script usage, but I wish such domains would not be registrable at all. These checks are somewhat complex and difficult, and easy to get wrong.
This would still let some homographs through. In particular, Cyrillic has a lot of characters which are confusingly similar to, or even indistinguishable from, Latin characters (e.g. "авсекморѕтѵху").
Right; you can construct "арр.com" or "аррꙆе.com" from that limited subset.
Those should be valid domains though IMHO; maybe show the used script in the address bar? I think users might be confused by that though and/or just ignore it, so idk. Then again, displaying "xn--80a6aa.com" and "xn--80ak6aa9058r.com" is pretty confusing too.
This is a very western-centric viewpoint. Most of the world does not use the Latin alphabet as its primary writing system.