Here’s an explanation I stumbled on from MobileCoin Foundation on Twitter:
1/ Ultimately it’s the node operators. It would require them to run a new version of code and would likely also require a hard fork.
If the node operators change the code such that the constant for coin supply is no longer 250,000,000 then that would change the total supply.
2/ Because MobileCoin is a privacy-protecting ledger, we don’t know the balance of any transaction thus calculating the total number of coins in the ledger is tricky. We do, however, know that any set of transactions with bulletproofs balance…
3/ Ergo, if you are printing coins, that transaction wouldn’t balance and couldn’t be signed by the consensus system.
This is why the genesis block in MobileCoin is unsigned (and we will be releasing the private keys publicly for the first MobileCoin transaction)…
4/ Using the genesis private keys you can verify that 250,000,000 coins were created, then using only publicly available data in the ledger you can verify that no coins were created or destroyed from that point.
To print new coins would require another unsigned transaction.