This is true but it's worth noting that (1) the entire point of this node is to be globally agreed on since it's the root of the identity mechanism, (2) it is auditable (https://github.com/did-method-plc/did-method-plc?tab=readme-...) and operations themselves are self-certifying (https://github.com/did-method-plc/did-method-plc?tab=readme-...). There are some potential issues (like PLC could choose to deny some operations), and the plan is to upstream PLC into an independent entity so that it isn't tied to Bluesky the company.