Once a repository is initialized, it comes with a built-in authentication metadata that includes a root public key which is committed by the fingerprint of the whole repository, hence immune to forgery.
This root public key. How can you make sure it isn't altered effectively, since repository is distributed among nodes. For example, what forbids a node change it, and send the entire repository to other nodes?
You are forgetting about an essential part of PGP which is called
Web of Trust, you don't just trust any key that signs a binary. You have to first spend time finding the correct key that you can trust then import that and verify the signature that it created.
What I'm saying is: You can't have a Web of Trust without a central point. I can trust you only after I've downloaded your key from a reliable source. This "distributed GitHub" can work, but public keys must not be transmitted that way.
As a first step, I'd avoid surveillance by running a GitHub-like repository hosting service under Tor.