Actually, to preserve the integrity of telepatheic's reply, I'll revise my proposal here:
I propose that a further imposition (and opportunity for earnings) be made on miners. In the same way that a transaction can be broadcast and propagated to all miners, I propose that a replacement-address also be capable of such propagation. The replacement-address would contain the following values:
{
OA:[An "Old Address", let's call it 1AddrToLock]
RAddr:[A bitcoin address to replace it, let's call it 1ReplacementAddr]
OASig:[the signature resulting from the first two items when signed with 1AddrToLock]
RASig:[the signature resulting from the first three items when signed with 1ReplacementAddr]
}
Once a block in the main chain contains such a replacement-address, miners must exclude all transactions that spend any outputs from 1AddrToLock unless they have a single output equal to 1ReplacementAddr, at least until a revert-address appears in a block. A revert-address would be similar to the replacement-address:
{
RAddr:[1AddrToLock from lock-request]
ULRSig:[the signature resulting from the first item when signed with 1ReplacementAddr]
}
In this way, a private key could be temporarily rescinded.
Problems: The transactions in a block are not always simple enough to fall into the paradigm assumed by this idea. They're really scripts that take input and have to return a 1 in order to be valid. One of the inputs is usually a signature generated by a private key (if I remember correctly). So a more accurate description of the function of the replacement-address would be to invalidate a private key (the one matching 1AddrToLock) except when it simply defers to an alternate private key (the one matching 1ReplacementAddr).
This idea came to me when I heard that a hacker had gained root access to LocalBitcoins' webserver for about 40 minutes. I don't think they would have used it, but there are occasions when one might want to use it.
And maybe miners could publish "replacement rates" that must be provided through 1ReplacementAddr in orer to include a replacement-address in the block they're working on. If the block also contains a transaction from 1ReplacementAddr that has a high enough fee, the miner would include the replacement-address. So if a miner doesn't want to respect (new) replacement-addresses, they can just publish a really high replacement fee and ignore (exclude from their block) replacement-addresses that aren't accompanied by expensive enough transactions from 1ReplacementAddr. But once ANY miner accepts the replacement-address, ALL miners are obligated to honor it.
Am I still missing something?