It does matter, for the reasons I explained in this part of my response:
an attacker could circumvent the KYC restrictions to steal coins…
Merely requiring KYC on an account does not stop abuse of the account or any downstream accounts where the stolen funds could be moved to. But if you can quickly “blacklist” the accounts then the funds can be frozen in their tracks (same way the stablecoin issuers freeze coins when a hack happens – this generally becomes less effective the longer it takes for them to act).
But we see in practice with tradfi KYC accounts that such rate limits are either untenable from a UX perspective (leading to there being no effective limit) or the limits are circumvented when they are put in place anyways. Many horror stories of scam victims wiring their life savings to scammers (using fully KYC’d bank accounts on both ends of the transaction). The banks will put up all kinds of roadblocks to try to stop them but the victims jump through all the hoops and get past the limits and still lose all their money. This stuff is not hypothetical, I am talking about how the attackers in the KYC tradfi system actually operate today. Adding smart contracts into the mix is unlikely to meaningfully change any of this.
Yeah but governments already run many different kinds of PKI systems, including for mass scale, high volume signing e.g. TLS on govt websites. It’s not uncharted territory for them.
Sure I was just pointing out that we don’t yet have any empirical data about which model tyrants will prefer (if any) for controlling cryptocurrency usage.