@jonah in Wireguard, your peer (which would be the VPN provider) *only* needs your public key to decrypt your packets and verify your identity. None should generate your private key for you or require you to provide it to them. This is asymmetric cryptography 101. Would you met an email service generate your PGP key for you?