Haven't found a solution to the problem of memory providers stealing private keys though.
Option A: It can solve it the same way we do security in meatspace: rent itself a facility and hire armed guards to keep thieves out.
Option B: A distributed algorithm to generate keys might be possible. Sort of like a multi-party PKI variant of Diffie-Hellman key exchange, resulting in all parties knowing the public key, but the secret key is only recoverable when all nodes agree it's time to perform a spend. I wonder if anyone has created such an algorithm.