A cool fun project... thanks for sharing.

Security items:
- Consider using an ssl certificate to encrypt the data transfer from your server to the client, it would help against man in the middle attacks from injecting code before it runs on the client side.

- You might want to provide the sha256 hash of your client side page where the client javascript sits that calculates private and public keys. As an example, "c6c329f13831bda7bc25ce8195787cb3395d03a457401e0518876d0ff5c17166" so that someone can verify whether or not it gets tampered with on the client side by a browser helper object.

- Consider converting the text values of the privkey to an image using a javascript function, it would make it difficult for other software on the client side that maybe scanning for privkey values in browsers.

Other suggestions:
-Provide the template for images, allow users to use their own.