Hrm. The problem is that even if the network decided to ask for passport blind-signing, that solution doesn't work for this use case because the attacker can issue passports.
I believe the idea is that the ZKPOP can reveal the country that issued the passport, so when setting up your Tor circuit, you'd select relays from distinct countries. Then a sybil attack against Tor would require international coordination of governments.
Though don't governments generally have access to lots of foreign passport scans from border crossings, airport, etc.?
So let's go back to the topic at hand: How do we establish the trustworthiness of nodes without external tokens?
What structural/functional properties of bitcoin can we use to establish a node is a real node in a trustless and distributed fashion?