Trying to digest the article and see if I missed something. I see a disconnect between the “digital Geneva Convention” to “provide parameters on offensive cyber operations …” and blockchain’s purpose of verifiable transaction tracking, which could as the article suggests be a signature or hash registered and used in a cyber attack/covert action to claim credit (regardless of independent attribution) for that operation.
The Geneva Convention comparison and Tallinn attempt to set legal and accepted behavior boundaries to the cyber warfare domain before any action and impose costs after violations if they can be attributed.
In the former case, claiming credit and admission is the last thing an actor wants to do, and in the latter it is also the last thing an actor wants to do. Even when the actor wants to claim credit for retribution or deterrence, signatures and blockchain are not necessary as unique identifiers can be embedded in the payload, code, patterns, etc. and then claimed.
There is even less incentive for malicious actors to pre-register an operation since cyber attacks are useful precisely due to their asymmetry and lack of certain attribution. Which brings us to false flags — Ah never mind …