...You are right...
I know.
It's just hard for the Dash guys around here to accept there is simple security flaw. It just took few posts to expose it.
The main defense is 'we wouldn't host our services with just anyone that could harm us.' You already have. LOL. 'You created a system of 4,000 nodes that route through a handful of service providers that you need to trust.'
So what are we going to do about this issue? This is how things get stronger. Find an issue > then fix it.
edit
Is there a chart of how many nodes are hosted on different VPSs? Chaeplin used to produce a chart.
Can you share your vision on a possible attack scenario given the current situation (not some malicious provider magically acquired all the private keys situation)?
I mean who the attacker can be, what he should do and what he'll be able to achieve?