@ChipMixer: What do you do if someone claims you have stolen Bitcoin from private key you have given. If it is a small amount, it may not have much impact because of the trust you have. But, what happens if it is a large amount? I hope you have already thought about it and have come up with a solution or is working on one! Good luck! By the way, I have sent you a PM! Please reply! Thanks!
Good question. Funds from cannot be stolen, unless you know private key. ChipMixer knows the key, you as a customer knows it and nobody else. Let's assume there was a hacker who somehow got the private key too.
How he got it?
Method 1. Eavesdropping
Customer visited http website? No, it redirects to https and you cannot start mixing with http.
Customer visited https and it was eavesdropped? No, https is encrypted, so private key will also be encrypted.
Customer visited .onion website? It is encrypted, so private key is also encrypted.
Customer visited MITM or forged copycat of ChipMixer? Attacker serves his address and does not give you any chips. Why risk that you will sweep them immediately?
Method 2. Hacking the server
Destroying the session deletes chip private key. In this case attacker would sweep hot wallet and active sessions. If for some reason you do not want to sweep everything instantly, there is no reason to sweep single private key of active session. This would only hurt ChipMixer reputation and that decreases your change for large loot.
This shows that single private key cannot be evesdropped, and hacking the server would result with much bigger mess.
Another group - ChipMixer. Stealing single chip hurts reputation. It is not worth to be little dishonest, when you pay much more for ads and sig campaigns.
Last group - Customer. Let's say you sweeped 1.024 BTC chip. You can write a post that somebody else sweeped it and you demand a refund. If you don't get a refund, you've lost nothing. If you get a refund, you've earned 1.024 BTC and nothing stops you from posting more complaints. Which is why ChipMixer will not refund.
The no refund policy is a good decision because otherwise setting a precedent will make you the target of wannabe scammers.
Another reason why if you are paranoid about this, just sweep the chips as soon as you get them. This is probably the safest way that you can go about it. Really, there is no need to panic. Just because your private key is exposed doesn't mean that chipmixer is any less secure than say, blockchain.info. If someone hacked into your computer then your blockchain.info account would be compromised as well, it's not just chipmixer. in teh end it comes down to whether you trust Chipmixer or not, and whether your computer is secure or not. If there are two yeses for these questions then you shouldn't have any sort of problem with hacks when using chipmixer honestly.