you can generate a private key k, and send the service K (k*G)
the service can generate random value t, and add T (t*G) to K to get R (which is the resulting pubkey)
You can get the private key r by adding t and k together.
The service doesn’t learn anything about the resulting private key, and it can even prove it generated a key for you by revealing t (T would not work since you could fake it)