Thinking about it here, if there was a way to keep, during the creation of a new key, the peers that would be the certifiers of this key, a scammer could not try to circumvent the process because it would have to convince the peers originally defined during the creation process of the key itself. The risk would be for those who have not yet done this (current transition process) or for those who skip this stage of the process. This way, the user can even create certification identities to be used like as a "recovery emails". An attacker, to steal a key, would have to steal several, if the user decided to certify his key himself with your own certification accounts, or convince friends of the attacked user, if he delegated this work to real accounts.