I you have a lot of groups in your system and you have a user that is a member of large number of groups, the performance of any action because very slow as a result of all the entries in the node_access table. Now, that said, I don't see where these entries are needed. The only thing they are doing , that I can see, is helping users view unpublished nodes. The thing is, og will take care of that for us as long as og_moderation provides the permissions management. So I propose we get rid of:
function og_moderation_node_access_records($node) and
function og_moderation_node_grants($account, $op)
When I have done this my users members can still view unpublished content, yet non members get access denied. I feel like I must be missing something but can't figure out what it could be. In any case, patch to follow with the change I am suggesting.