yeah no one issue with this is
"to instantly unblacklist all the coins, transfer all the coins"
the attacker just has a script ruining all the time trying to transfer your coins, as soon as you "un blacklist" he transfer, your left with nothing.
All you have done is made your coins useless to you.
A single transaction would both unblacklist and transfer the coins. Either both happen or neither happens. There would not be any time between the unblacklisting and the transfer so the attacker could not steal your coins by running a script like you described.
For this to be effective some system must be online monitoring the unblacklist transaction. This system should differentiate between good and bad unblacklisting. If the attacker compromised the private keys could they compromise the monitoring system? If its a 3rd party service you still have to communicate the good unblacklisting likely requiring some authentication that could be compromised with the key. Anything like passwords protecting access to the monitoring system could also just be used to protect the keys.
If the monitoring system doesn't differentiate between good and bad and notifies you about everything, wouldn't it be better to queue up the pending transactions and approve all the transactions periodically on some secure system like a trezor, offline computer or a 3rd party service.
This is the most serious criticism I think. If all unblacklisting triggers a notification, then there could easily be too much noise and the theft goes unnoticed. It may be necessary for the 3rd-party service to analyze the transactions to look for suspicious ones. For example, you could set it up to only notify you if more than X BTC is unblacklisted in a 24-hour period. A clever attacker might be able to steal a bit at a time, but you'd probably prevent him from stealing everything. This is about the same as the current hot/cold wallet approach. A hacker who just steals a bit out of your hot wallet may go unnoticed for a while and be able to steal a bit, but eventually you will notice and he won't have been able to steal everything.
The key here is of course to have the system locked down as much as possible as it will have programmatic access to the private keys with your funds. Blocking all incoming ports and denying all incoming and outgoing traffic except that for your application (possibly on a hardware firewall and on your system) and making your application secure enough shouldn't be that much of a challenge.
I guess it remains to be seen whether the risk/reward of my suggestion is better than this alternative. I would personally opt for cold storage rather than your suggestion. Locking down a computer system is very hard and it isn't a one-time affair. It requires on-going maintenance. I suspect that the cost of taking coins in/out of cold storage would be lower than the cost of sufficiently securing a system like the one you described.
Thanks everyone for the feedback.