1. Attacker might able to steal private key after user make a transaction from special address,but how do you plan to prevent this accident?
If you're concerned about your private key being exposed after you make a payment from a "special" address, then spend all the outputs associated with this address in a single transaction. In short, send the entire amount without creating change. When you have emptied your address, the private key of that address becomes useless for an attacker, stealing it does not give them any control over your funds.
2. How do someone veto a transaction which made by attacker where we can verify who's the owner or attacker without compromise owner privacy?
You have already been told that confirmed transactions cannot be reversed, and you're unlikely to quickly notice your funds having been stolen while the transaction is still in the pool of unconfirmed transactions. Oftentimes scammers are stupid enough to have sent stolen funds to their verified accounts on centralized exchanges. In this case, you can try to contact the technical support of the exchange and ask them to freeze stolen money.
3. Assuming a transaction is reversed, that means blocks would become invalid since it's hash (along with all next blocks) will become invalid? How do you plan to solve this problem?
Again, you can't reverse a transaction that is confirmed, but you can make it disappear from the blockchain along with the corresponding block by convincing miners to perform a blockchain rollback.