[chill1]

1) Requires a private SSH/GPG key that was associated with your GitHub account at some arbitrary date in the near past. It would be trivial to design a cryptographic scheme to prove ownership of a GitHub account without compromising private keys. So why do it the way they have?

2) Requires that you provide government issued identification (and possibly more) to be able to withdraw or sell the airdropped tokens for USD or bitcoin.

Call me paranoid, but this feels like a honeypot. It feels like an attempt to compile a database of programmers/developers (and their real identities) - with a bit of a bias towards those with knowledge in the areas of cryptography and/or cryptocurrencies.

Even if that is not the intent. Would you trust this company to safely store such information about you?

[rasengan]

1) Nowhere is a private key exposed in the process. I do not know how you came to this conclusion after reading the paper and the code.

2) Namebase definitely makes things easier, but you can absolutely claim your airdropped coins locally on your own computer.

As a final note, if you think this is targeting those with knowledge in the areas of cryptography, I assure you, any cryptographer who reviews the code and paper would not have the same conclusion as you.