I think the solution is for the editor to have a hard limit on how many edits it will apply to one image. You'd need to write into the output file how many edits had been performed before signing it and then refuse to process the edited image any further if it's too high.

Any scheme like this would be eventually broken somehow, so it's altogether a bad idea imho