Disregarding all other problems with your proposal, you're just passing the buck to your "secondary" private key.

If you're so careful with your "secondary" private key, then why wouldn't you just be that careful with your "primary" private key? Why play it so loose at all?

Why would you wait out some arbitrary self-invoked penalty on your business transactions when you can sign them with your offline super secure "secondary" key and broadcast them immediately?

In other words, this sounds like indirection that leads right back to the same fatal crux you started with: securing a private key.