The connect permission can't currently be made subject to consensus using MultiChain's built-in permissions system. However you could implement your own logic for this using transaction filters. For example, you could say that any address can only be granted connect permissions if that grant transaction contains metadata with a series of messages from different admins that consent to grant that permission (and these messages are checked via the verifymessage and verifypermission callbacks). These messages could be in JSON format and would need to contain three fields:
- The address of the admin creating the message (checked via the verifypermission callback).
- The address for which connect permissions are approved according to that admin.
- A signature by the admin address coverting the recipient address with, say, the prefix "approve". This can be created with signmessage and checked via the verifymessage callback.