(Note: I haven't been very involved with the planning for this year's exercise, mostly leaving it to Ruby)
I quite like it as a real trust-building exercise. I think overall actually getting 100+ people on the internet to not take a destructive action like this is surprisingly hard, and I think it is a really great, surprisingly unique, attribute of our communities that we can coordinate on making things like this happen.
I find myself reasonably compelled by some of the arguments for something like "asking for opt-in before sending the codes", though I don't yet actually have a logistically good way of making this happen. I think having a whole two-step process where you ask people to register themselves on a list is quite onerous, and probably wouldn't get a great response rate.
A thing that feels more reasonable to me is to instead of sending out the codes in the email in plain text, instead you get a link to a form that shows you the code at the end, after 1-2 boxes of dialog that ask you whether you are OK with there potentially being real consequences of you using these codes. It's still not great, and it would still be hard to distinguish the people who opted-in and received the codes but decided not to use them from the people who just decided to not receive their codes in the first place (which is a safer move in the end, if you want to make sure you don't use them).