You linked to a page that has the "how" of attestations, not the "what," so it's not super surprising that you don't see an answer there. This page details the "what"[1].
> PyPI could check the GitHub immutable tag, read the commit hash, and verify the whole chain of hashes from the files to the tree to the commit.
Tags are neither immutable nor durable on GitHub. This also breaks in the presence of any non-trivial build backend, including anything that produces a non-pure-Python wheel. Complexity is often bad, but just about every complex aspect of PyPI's attestation scheme has a reason behind it.