the second key used for ECDH with ASD is a one shot only need its secret while generating it, the public key in the prefix with the nonce lets you decrypt the message if you use a key you have the secret for as the second key. PKI based encryption is confusing at first, but you can always encrypt to yourself using a one shot second key, if you have the private key from the other half.