And? Just, uh, boot without secure boot and patch things until they work again without enforcing code signing? The only way this sort of thing could be possibly partially enforced is by remote attestation for apps that depend on a server to function. So do what iOS jailbreaks did, except you don't need a vulnerability to start because secure boot will always be optional.

Secure boot will not always remain optional for windows.

And how could that possibly be enforced?

Same way it works for anti cheat.

The whole point of anti-cheat is to provide some sort of proof to a game server that your client is unmodified. What would be the server in this case?