Why does Kiwi even have a key system?

Isn't it greedy to do so...?

This isn't the offical Kiwi Documentation website! The official explanation can be found here.

Firstly, what does KiwiExploits collect?

KiwiExploits mainly uses the data in order to provide their key systems, and not for any other malicious purposes.

According to Kiwi's Privacy Policy,

We collect information about the apps and devices you use to access KiwiExploits services, which helps us provide features like automatic product updates. The information we collect includes unique identifiers, browser type and settings, device type and settings, operating system, and GEO location information. We also collect information about the interaction of your apps, browsers, and devices with our services, including IP address, crash reports, system activity, extensions and the date, time, and referrer URL of your visit request on the site. We collect this information automatically when a KiwiExploits service on your device(s) contacts our servers.

The main things collected here are your IP adress and your HWID, which is needed for the key system to operate. We can reasonably conclude that this is to prevent others from using an already used key, which would be unfair to both the person that had gotten the key and the exploit developer themselves. There is nothing invasive here, as the data is cleared out frequently (probably around ~24 hours?).

Provide our services We use your information to deliver our services, like processing the terms you search for in order to return results. Third parties may also use your information to deliver targeted advertisements based on user interaction.

This also shows that they need it in order to provide their key system.

Back to the main question...

I believe that this information panel here will answer it for you.

KiwiExploits needs the key system in order to maintain it's services! Although no one is really sure where a lot of the money goes to, it can be assumed that the majority goes to maintaining Kiwi's web services (such as their website), while others are saved up for paying developers.

Why have a one-time key?

Let's face it: you only open up exploits once a day. Perhaps only on weekends. Would you rather have go though 4 key systems in order to obtain a "24 hour" key or go though 2 key systems in order to obtain a single use key, given you are likely to use it only once a day?