How is it truly different to any other ID system(s) though. What unique usable possibility is provided to this hypothetical attacker and how many are taken away?
The only thing it actually differs in is scale, like you described. But scale does not mean an inherent vulnerability that can be practically exploited.
If you're however able to make everyone ignore the noise of some massive attack then you already don't need to bother with any of it anyways.
If you can attack the foundation of the system, like elliptic cryptography then every bank and retirement fund on earth is in danger. Much bigger fish to fry.
The only thing it actually differs in is scale, like you described. But scale does not mean an inherent vulnerability that can be practically exploited.
If you're however able to make everyone ignore the noise of some massive attack then you already don't need to bother with any of it anyways.
If you can attack the foundation of the system, like elliptic cryptography then every bank and retirement fund on earth is in danger. Much bigger fish to fry.