Knowing the key used to *encrypt* a message does not necessarily imply knowing the key used to *de*crypt the message.

WhatsApp uses the [Signal protocol](https://en.wikipedia.org/wiki/Signal_Protocol), which is one of many mathematical ways for two people to agree on a key over an insecure connection **without anyone sniffing the connection being able to get the key**. The mathematical details are mildly complicated, but if you want some reading, the [Diffie-Hellman algorithm](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) is relatively easy to understand.

It relies on the fact that large numbers are hard to factor: basically, you come up with a number *a*, and I come up with a number *b*, and we compute the product *ab* without actually communicating either *a* or *b*. Since you know both *ab* and *a*, you can compute *b*, and similarly, I can compute *a*. That is, we’ve exchanged keys with each other. The attacker between us only sees *ab*, and if they can’t factor *ab*, they don’t know what *a* or *b* are. Now we can use *ab* as an encryption key, as long as decrypting *ab* requires knowledge of *a* and *b*. (The full details are more complex than this, but this is the basic underlying idea.)