Really hope people nowadays know that you really never give someone your private key!
Lol. I've seen people enter their private key when Google Forms asks for their address. You're largely underestimating human stupidity!
There are 3 ways of signing the transaction:
1.By importing his private key;
By importing mnemonic seed
By importing his wallet file + passphrase
So you're saying you've created the worst possible system to send a payment. The very basics of cryptocurrencies is that you only need to give an address to receive a payment. Asking for private keys is shady at best, but more likely a long con leading to an exit scam once you've collected enough user funds.
it's not necessary to provide private keys for claiming your tokens.
Then why are you asking for it? Even if you're honest (which I have no reason to believe), you're introducing another risk factor by storing private keys on your server.
Tagged.These are all good points, why don't they just send payment to our address it easy and it's always been this way from all bounty campaigns no amount of explanation these people can do to defend asking people's private keys.