Hrm. The problem is that even if the network decided to ask for passport blind-signing, that solution doesn't work for this use case because the attacker can issue passports.
I believe the idea is that the ZKPOP can reveal the country that issued the passport, so when setting up your Tor circuit, you'd select relays from distinct countries. Then a sybil attack against Tor would require international coordination of governments.
Though don't governments generally have access to lots of foreign passport scans from border crossings, airport, etc.?