Consider using ownable authentication for the router

Perhaps we can have a preconfigured owner (maxis multisig) to allowlist nodes (in practice governance would probably just hand over this permission).

Bottom line: let's try to find a way that doesn't need governance to get involved to wire this up, while still retaining control if needed.