That’s the general idea, but details need to be worked. I could also add a ‘not valid after’ timestamp. That would not prevent an attacker from publishing prior fake events, but would prevent anything published after.