First of all, I strongly recommend you to ask these questions in the #dev channel of our Discord server so we can notice them in a short time.
How is it possible that a Fat contract code can create a private key and later (potentially on a different machine) it can access that private key, all while never leaking the private key outside the system? More generally, how is Fat Contract data securely transmitted from one TEE to another?
First, you can easily create private key in Fat Contract since they are actually just bytes. The only obstacle I can imagine is that you need to carefully choose the Rust crates to use since no_std is require in Fat Contract.
Second, to transmit sensitive data from TEE to other parties, encryption is the choice. Specifically, you can implement a method (with access control) to dump your private key. And user should send his public key as argument when invoking it. Given user’s pubkey, the contract can use key agreement to generate an encryption key with
agree(contract_sk, user_pk), and use it to encrypt the sensitive data (e.g., with aes-gcm-256). When user gets the ciphertext and contract’s pubkey, he can restore the encryption key with
agree(user_sk, contract_pk) and then decrypt the sensitive data. Actually this is the normal way to securely share data between parties even without TEE.
Would it be trivial to implement a currency with private transactions using a Fat Contract?
I would say yes. First, all the transactions (called Commands in Fat Contract) are transparently encrypted when you use js-sdk (https://github.com/Phala-Network/js-sdk) to construct and send them to contract. Second, if by currency you mean ERC-20 token, then you just need to find a template for Ink! contract (like ink/examples/erc20 at master · paritytech/ink · GitHub or openbrush-contracts/examples/psp22 at main · Supercolony-net/openbrush-contracts · GitHub). You can compile it and deploy it to our workers since Fat Contract extend Ink! and we support unmodified Ink! contracts.