covenants pose a risk with massively centralized custodians of coins. there could be a scenario where users of centralized platforms are required to register public keys with centralized platforms and these are the only certifiable addresses users can send coins to.

I don't have to use my imagination too hard to see a scenario where a government requires address registration by covenant on centralized platforms. This would be an elevation of existing kyc/aml requirements.