The main current answer is that the public repos are trying to prevent this.
There are two public repos included in the root deps.edn - Maven Central and Clojars. All other repos must be explicitly included in the top-level deps.edn in use (transitive deps.edn repos are ignored - this differs from pom.xml).
Maven Central has policies to encourage using reverse domain names and/or trademarked names that you control, with requirements for verification. Clojars is now doing similar things, but their naming policies are somewhat laxer and I don't know the current state of everything they are doing.
The signing key stuff is problematic for lots of reasons (clojars doesn't require, keys must be registered - how do you know if the key you find is one you should trust, etc). This requires a lot of manual intervention. I have been following SLSA which I think is taking a smarter approach to provenance and verification. Would love to spend some time really working on how to integrate something like this into both our Clojure build systems and our dependency management tools to work together. Especially for open source libraries distributed as source, we should be able to hash+compare the actual source and relate it to a commit - Clojure's options are WAY BETTER than compile-to-class langs that make new artifacts different than the original source.
Hoping to spend some time on this kind of stuff next year.