Diffe-Hellman-Merkel key exchange is vulnerable to attacker-in-the-middle attacks.

Eave could just do key negotiation with Alice and separately do key negotiation with Bob. You have to use a slightly more complicated cryptographic protocol to avoid this issue.

How would the keys get stored in the user's private browsing window? Do they lose all chat history when they log in on a private browsing window and then close it?