I'd like to clarify/correct a few things in this article so there is no misinterpretations.
Firstly, you are correct in your understanding of using a "compressed copy" of Bitcoin. The chain relay smart contract as part of the wrapping process very literally verifies Bitcoin block headers inside the smart contract. Providing layer 1 security to verify chain state and ultimately wrap/unwrap operations. This approach means we can securely verify Bitcoin without VSC nodes directly needing to run Bitcoin core, keeping the entire network lightweight.
it appears as though anyone might be allowed to host collateral on their VSC node and issue wrapped token
Separate piece of software. VSC core doesn't directly do wrapping.
The security itself is 'simply' an extension of DPOS voting. Those with the most votes will control multisig keys on Bitcoin and wherever else
There is no DPOS or multisig on Bitcoin. Wrapping consists of only collateralization and chain proofs. VSC does do multisig and DPOS on the hive side to bring assets from HIVE into VSC world, but not for other chains. A multisig on Bitcoin would be inefficient, expensive, and not up to high security standards. The Bitcoin wrapping technology was designed to prevent fund loss even if well above 50% of nodes were malicious. Being a malicious node will never be profitable and will result in attackers always losing their money, while users still being largely unaffected
Can you go into more detail how this works?
If a wrapping provider fails to complete an upwrapping request after a certain period of time, the BTC being unwrapped gets liquidated for the collateral of the wrapping provider. This results in users always getting their money back, and the malicious wrapping provider always losing their money. Good providers will earn rewards off successful wrapping operations, and can continue to do so as long as they are truthful.