I have had recently gone through the horror of transferring WhatsApp conversations when changing phones (android for iPhone). Actually, the thing that it is close to impossible for everyday folk is a good thing for its security reputation - I suppose.
I suspect that the transfer, that I did with the help of a 3rd party software that cost me 15 Euros and the rest of my privacy, works in a way that the messages go unencrypted from the android to a computer (to be processed with a 3rd party software that you have given full access to your devices and you have nothing else than to just trust it), from where, unencrypted, they go to the new phone, encrypting themselves in the process with the new private key, that the new phone has.
That is sort of understandable generalization of the process, I hope I am at least somehow right. However, if one would have changed an Android phone for another Android phone, the transfer is much easier as the new phone can restore the chats from a Google Drive where the messages had been backed up to.
Now, the messages are backed up encrypted otherwise, it would have kind of lose its point. But the new phone has a new private key generated, right? How come it is able to decrypt the messages from a backup? Does the private key leave the original phone and is backed up too? Is the calculation of the new private key somehow related to the phone number verification? Why does it work so easily for Android to Android or iPhone to iPhone but so hard across?