@grhmc Something around blocking past commits or accepting commits as non-idempotent commands maybe. Or 2FA-like thing where producing a new signed commit with whatever content counts as proof of identity. Or DoS by exhausting someone's commit quota.