Newbie Question on Secret Contract

I am a newbie and trying to understand the Secret Contract Storage.
According to documentation, only a contract has access to its own storage.
On the other hand, the storage is on the public blockchain.
Does that not mean everyone can access/read the Secret Contract Storage?

The state is store encrypted on the public blockchain. Only the contract knows how to decrypt its own state.

The contract is public and so the decryption key also needs to be public for contract to access.
ie. wouldn’t everyone able to access decryption key and decrypt the state?

The decryption keys never leave the Trusted Execution Environment, only trusted code can access yhem and this code is sandboxed so it cannot leak the keys.

Sorry. Some more questions.

Is the trusted code referring to Secret Contract or the validator program?
Can someone masquerade as the trusted code?

My understanding is also that there are multiple Trusted Execution Environments.
Are there copies of the same decryption key kept in all Trusted Execution Environments
or single copy of decryption key with parts stored in the different Trusted Execution Environments?
ie. whether the key will be lost if some of the validators de-commissioned