one very interesting way to deal with supply chain attacks is a trust system based on research!rsc: Transparent Logs for Skeptical Clients. SE-0292 mentions this kind of system in it's security section, and IMO this could be an additional layer to enforce identity authenticity beyond requiring a process to prove namespace ownership