If I understand right, it would work something like this:

1. 3Speak delegates Broca to Alice for 24 hours (the delegation automatically expires if not used)
2. Alice uploads the video together with checksums/hashes of all the files uploaded
3. Bob (upload node) sends the video to IPFS (and receives Alice's delegated Broca, if I understand right?)
4. Validator nodes randomly check to verify that the video is still uploaded

If that sounds about right, I guess one possible attack vector you mentioned would be that Bob creates thousands of alternative accounts that get a delegation, so that he can get paid to keep uploading. Even if the uploaded files are real in the sense of their size and actual storage, there might not be interest in them, so 3Speak (or any delegator) pays for the upload of non-useful content. Essentially, if Bob makes any profit from the delegation, he is incentivized to game the system by continuously uploading any content.