If someone had their masternode coins stolen it was probably due to poor security on their box.

With almost 400 masternodes I'd be shocked if someone didn't have their coins stolen.

For people's peace of mind, I still think the private keys should never need to touch the masternode. All thats needed to validate ownership of coins is a signed message. The user should be able to sign a message using Darkcoin QT on an offline computer and then transfer the signed message to the masternode using a USB drive. This signed message contains all the proof that the network needs for authorizing the masternode to receive dividends and process darksends.