The idea of it is as simple as it is dangerous. It would provide websites with an API telling them whether the browser and the platform it is running on that is currently in use is trusted by an authoritative third party (called an attester). The details are nebulous, but the goal seems to be to prevent “fake” interactions with websites of all kinds. While this seems like a noble motivation, and the use cases listed seem very reasonable, the solution proposed is absolutely terrible and has already been equated with DRM for websites, with all that it implies.

It’s all a bit nebulous at the moment, but at least initially it seems to me like your browser’s “attester” would have a lot of insights into your browsing habits. It also has the potential of killing 3rd party browsers like FF who could lose access to websites unless they jump onboard, and who may still lose access if websites decide not to trust their (hopefully more private) attestation service.

There’s still a lot of whatifs floating around because Google just surprise pulled this project out of their ass days ago after working on it in secret for at least a year.