There would not be a need to duplicate or sync all user databases across the fediverse to support SSO. In fact SSO already exists in other contexts and I haven’t heard of any implementation that works that way. It’s essentially accomplished by the authority and the service exchanging login tokens.