but how do you prove that the identity is the source of the new key?

attestations i suppose, but then you start to get into the never-ending problem of inconsistency