If there was a way to start a masternode without using the private key of the collateral, a 3rd party service could be used to monitor and restart the masternode without concern over the loss of funds. Also when on the go, one could upgrade and restart a masternode without having to bring the collateral private key along. Here is a simple scheme using the already existing bip32 xpub: Configure the bip32 xpub public address in the masternode config file. Send collateral to bip32 derived path 1 To start the masternode, broadcast to the network: xpub public key and the start command signed with the private key of bip32 derived path 2 Using the xpub public key the network will be able to verify that: The collateral is present in derived path 1 The start command issuer controls that collateral since he is in possession of private key of derived path 2 Now one can hand over starting control of the masternode to a 3rd party or bring the private key of derived path 2 along on the road without concern of loosing the collateral. Please share your thoughts, criticism and implementation considerations with this or similar schemes. Thanks!