it best to create 3 different sso domains or just one?

Enhanced Linked Mode lets you view and search across all linked vCenter Server systems and replicate roles, permissions, licenses, policies, and tags. Do you want this, then go for Enhanced Linked mode, which is having one SSO domain and multiple PSCs talking to it. In short when first PSC deployed, new SSO domain got created, from second instance onwards just point it to existing SSO domain. If you create different SSO domain per site, you don't have Enhanced linked mode.

if I do just one, then my psc will have to be located in just one site?

if you do just one SSO domain, No, your PSC doesn't need to be located at one site. I would go with per site at least 1 PSC deployment, may be more for higher availability and load balancing.

can i do a sso domain (vsphere.local) across all 3 sites and have them replicate?

First instance PSC deployment at Site 1, you create vSphere.local as your SSO domain, now at Site 2 and Site 3 when you deploy PSC, don't create domain but join existing vSphere.local domain, this will satisfy Enhanced Linked mode requirements and those multiple site VMDIR will be synching.