It's easy, I could create it in a day or two, just create a plugin that acts as a marketplace and pulls data about other plugins from Github, since most plugins are hosted on Github anyway. And that way we won't have to worry about data transfer. Mat blocked access to plugins because data transfer fees are expensive.
It's not expensive if you index it and install it directly from Github, is it? Without all the fancy stuff, the number of GitHub stars could act as a rating, and you could ship a sqlite that holds the index for the plugins.
And we'll be done with all that craziness, it's the easiest plugin ever. Updates could be pulled from Github, either from the master branch or from the releases tab, whatever.
Go!
As well as updates, it’d be good too also include the option to install older versions (i.e, just allowing a specific version based on the available releases). That’d remove the need for certain rollback plugins when updating/installing plugins from the wp-admin UI as well.