We don't vet node operators. Node operators each individually choose who to peer with in a liquid democracy. Anyone can peer with anyone else; consensus is an emergent property of the graph.
Okay, so do the current node operators publish their peering requirements?
Given your description it sounds like governance is whatever the MobileCoin foundation and its partners dictates. Unlike the consensus in this thread I think there's a lot to like and explore for a privacy token that chooses a different set of tradeoffs but the opaque governance, token holder distribution/circulating supply and lack of acknowledgement to the Monero project really sets it back.
The MobileCoin Foundation only publishes software, the nodes decide whether they want to run that software or not. Ultimately all of the nodes can run whatever code they want and call it MobileCoin if they can agree upon it.
The governance is actually quite simple: a set of decentralized nodes individually choose what software to run and who to peer with. Consensus is an emergent property of that trust graph.
What do you do differently from Stellar or Ripple at the consensus layer which both started out with similar ideas, but quickly found that their validators fall apart due to the strongly-connected validator set requirement not being met? In other words, how do you avoid the exact same fate that both Stellar and Ripple ran into in their consensus models when they also tried to let "node individually choose"?
