Instead of checkpoints, client could hard-code a MAIN_CHAIN_MIN_POW variable. This would be the PoW of the main chain when that version of the client was released. All clients wouldn't need to agree on a value. It is just a spam protection value.
Haven't there been periods where the difficulty went down?