Why not? We know know that most users are not going to check the code on github. I'm not going to waste my time checking that code either to see if what you're saying is true. Besides, what's even the point of this service you've created when I can do the exact same thing using steemit anyway?
Here's are the facts:
- you've created a service which simply reproduces existing functionality of steemit,
- you're asking for peoples active keys in order to use this service,
- you're charging a fee to use this service, and
- you're basically an unknown entity in the community.
Not throwing around the private keys that control the funds in your wallets in cryptocurrency security 101.
Ask those who use the service. Doing it manually on steemit.com or busy.org or esteem is going to take you forever. You don't check the code for steemit either yet you trust your active key with it. That's the hypocrisy that I was talking about. I doubt you would understand the code anyway so obviously you wouldn't check it. The point that I was trying to make was that the trust behind apps like steemit comes from the code being visible to the public. You still don't seem to get it... Oh well!