Please correct me if I'm wrong, but doesn't PoS require the miners to keep their private keys online on the machine doing block validation? Isn't this a major security flaw, since if a vulnerability in the software is found that allows an attacker to extract the private key, he can clean out pretty much all miners wallets, making it a breeze to gain >50% stake?