[8n4vidtmkvmk]

Yes. If they nefariously typosquat, that could be grounds for losing your license.

Adding a link to your verified license in your package.json or personal website so that installers can check that the author of the package they are using does have a license sounds perfectly fine.

Proving you reside or are licensed in some country before you can publish to that countries repository sounds very doable too.

We don't even have to do this perfectly. It's not about preventing people from skirting the system, it's about giving users and developers the option to install from only verified sources.

Would you rather get heart surgery from a licensed doctor or an unlicensed one? What if both existed where you live? I'd probably ask to see their license before going through with it.