Removes dangerous private key throwaway

src/eckey.js

@@ -119,25 +119,23 @@ ECKey.prototype.verify = function(hash, sig) {
 }
 
 var ECPubKey = function(input, compressed) {
-    if (!(this instanceof ECPubKey)) { return new ECPubKey(input, compressed); }
-    if (!input) {
-        // Generate new key
-        var n = ecparams.getN();
-        this.pub = ecparams.getG().multiply(ecdsa.getBigRandom(n))
-        this.compressed = compressed || false;
+  if (!(this instanceof ECPubKey)) {
+    return new ECPubKey(input, compressed)
   }
-    else this.import(input,compressed)
+
+  this.import(input,compressed)
 }
 
-ECPubKey.prototype.import = function(input,compressed) {
+ECPubKey.prototype.import = function(input, compressed) {
     var decode = function(x) { return ECPointFp.decodeFrom(ecparams.getCurve(), x) }
+
     this.pub =
           input instanceof ECPointFp ? input
         : input instanceof ECKey     ? ecparams.getG().multiply(input.priv)
         : input instanceof ECPubKey  ? input.pub
         : typeof input == "string"   ? decode(convert.hexToBytes(input))
         : Array.isArray(input)       ? decode(input)
-                                     : ecparams.getG().multiply(ecdsa.getBigRandom(ecparams.getN()))
+                                     : null
 
     this.compressed =
           compressed                 ? compressed
@@ -147,11 +145,11 @@ ECPubKey.prototype.import = function(input,compressed) {
 }
 
 ECPubKey.prototype.add = function(key) {
-    return ECPubKey(this.pub.add(ECPubKey(key).pub),this.compressed)
+    return ECPubKey(this.pub.add(ECPubKey(key).pub), this.compressed)
 }
 
 ECPubKey.prototype.multiply = function(key) {
-    return ECPubKey(this.pub.multiply(ECKey(key).priv),this.compressed)
+    return ECPubKey(this.pub.multiply(ECKey(key).priv), this.compressed)
 }
 
 ECPubKey.prototype['export'] = function(format) {