why the sha256 hash of the public key and not simply publish the sha256 hash of the “PRIVATE” key instead? Sha256 is secure and there is no way backwards to get the private key. This would mean that everyone in here could only check afterwards whether the person knew the correct private key, i.e. only after the pubkey had been made public by a TX.
What do you need SHA256(privkey) for? If you don't know the privkey how do you know he has it? Then, I don't think it is too difficult to bruteforcing 2^65 SHA256.
With SHA256(pubkey) you can calculate the BTC address and verify that he actually has the pubkey, and if he has the pubkey he also has the privkey.
I think that is the only way to prove that someone has the key before the transaction is made and without exposing the pubkey.