So basically the question is, again: should we refund if the user only has the guarantee letter but not the private key, or should we stick to the rule that if you lose the private key you lose access to your funds?
I (still) haven't tested WWM (sorry, I couldn't resist making up this nickname) myself, so forgive me if I ask something dumb, but: what is the point of a Letter of Guarantee if it can't be used as evidence?
What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
Yep. You can expect a long line of users abusing this.
But isn't this "second user" a possibility after the user emptied the private key by himself?
So this raises another question for the community: Do you think we should show the private key on the deposit page as well if that implies we also have access to it?
That sounds like another can of worms. How about asking the user to enter the last 5 characters to confirm he copied it?
What if we refund this user based on the guarantee letter and then we receive another support request from 'someone else' with the same guarantee letter while also having the private key telling us that he doesn't see his balance on Whirlwind anymore and accuses us of scamming? Do we refund that user as well?
We simply ignore the second person?
One way or another, it will look bad. What if the second user claims you made up the first user?