1. Evil Foreign Spy infiltrates the Tor project and makes a backdoored, signed release.
Evil Foreign Government uses MITM or something similar to serve this backdoored version to one or two journalists they know aren't technical enough to inspect the source code themselves.
The journalists think "This will be safe, as it will have been code reviewed by people who know how to do that" but no such people ever saw the backdoored version.
Hence, you don't just need a signed build - you also need a globally-agreed list of builds, so the user (and the auto-update mechanism) can be sure everyone else in the world knows this release exists. If a build is ever repudiated, sound the alarm!
2. Evil Foreign Spy infiltrates the Tor project, and intentionally triggers the alarm in a way that doesn't lead back to them.
The alarm going off and the fact the infiltrator hasn't been found means people don't trust Tor, or they start ignoring the alarm rendering it useless.
Hence, you don't just need a globally-agreed list of builds - you need an indestructible, globally-agreed copy of each build's source code and who changed each line.
Now granted, a blockchain isn't the only way to achieve these things - indeed, it'd cost a fortune to put the entire Tor source code into the Bitcoin blockchain - but you need some similar mechanism.
If you have a malicious government with private keys MITM-ing your connection, how can you trust the list of builds? Couldn't they have faked consensus for that as well?
There are two threat models:
1. Evil Foreign Spy infiltrates the Tor project and makes a backdoored, signed release.
Evil Foreign Government uses MITM or something similar to serve this backdoored version to one or two journalists they know aren't technical enough to inspect the source code themselves.
The journalists think "This will be safe, as it will have been code reviewed by people who know how to do that" but no such people ever saw the backdoored version.
Hence, you don't just need a signed build - you also need a globally-agreed list of builds, so the user (and the auto-update mechanism) can be sure everyone else in the world knows this release exists. If a build is ever repudiated, sound the alarm!
2. Evil Foreign Spy infiltrates the Tor project, and intentionally triggers the alarm in a way that doesn't lead back to them.
The alarm going off and the fact the infiltrator hasn't been found means people don't trust Tor, or they start ignoring the alarm rendering it useless.
Hence, you don't just need a globally-agreed list of builds - you need an indestructible, globally-agreed copy of each build's source code and who changed each line.
Now granted, a blockchain isn't the only way to achieve these things - indeed, it'd cost a fortune to put the entire Tor source code into the Bitcoin blockchain - but you need some similar mechanism.