Unfortunately, yes, you have basically the right idea.

There's a weird logic error in people's thinking.

We've been able to write digital proofs of authenticity for 40 years. Suppose I write such a certificate, and now 100,000 people note that their program saw this certificate, without of course checking any of it.

Of course, they would do exactly same thing if Rom Tichford, who did not create the work, wrote a fake certificate of authenticity using Rom's own signature.

So what value do these 100,000 people signing off on it have?

My answer is, "None". The cryptopeople's answer is, "Everything, it's the most secure thing ever," and yet when you ask why, it's crickets.