I've been thinking through various scenarios about the cold storage method via using a signed message. I even considered whether we need authentication at all (as in, if you'd just let the MN start with "Here's my pub key", what motivation would someone have to run your MN
for you? But it would be an attack vector with malicious nodes misbehaving, etc., so I concluded that's not a wise idea).
A simple one-time signed (random) message wouldn't work either for authentication (for a cold wallet) because someone else could just present the same signed message as their own, putting us back to not having authentication at all (as described above).
But what about this?:
A 1,000 DRK address wants to create a masternode, so he:
1. Signs a message "I want to create a masternode. I have 1,000 DRK, as you can see. Oh, BTW, my desired Masternode public key is *newly generated DRK address*" This message would get stored, *permanently* in a "potential" Masternode list.
2. Exports the private key corresponding to the newly created MN public key above.
3. Takes his 1,000 DRK wallet offline.
4. Imports the newly generated private key to his Masternode candidate.
5. Starts Masternode as normal, with no real worry about someone discovering his private key, as that would just take us back to the (undesirable) no authentication described above.
There would be little reason (that I can think of) to do garbage collection on a list as described above, as you could only add to it with a 1,000 DRK address. So in my view, an entry should stay until either:
1. The originating private key requests it be removed.
2. The originating private key requests it be updated to a new address (if someone managed to hack your Masternode and you wanted to return to a valid authenticated state).
3. The network detects that any of the 1,000 DRK have been transferred.
If any of the above were to occur, the network would immediately reject the validity of any Masternode using the public key defined in the message.
This seems pretty simple and elegant to me. (or is this what has been planned all along and I'm just stupid?)