Assume Alice and Bob have their public keys revealed on blockchain. If Alice wants to send some message to Bob, she can multiply her private key by Bob's public key and calculate their "shared public key". She can send symmetrically-encrypted message to Bob and attach her public key at the beginning. Bob can receive it, multiply her public key by his private key and calculate the same "shared public key" to decrypt received message.

(AlicePrivateKey*BobPrivateKey)*BasePoint=(BobPrivateKey*AlicePrivateKey)*BasePoint
AlicePrivateKey*(BobPrivateKey*BasePoint)=BobPrivateKey*(AlicePrivateKey*BasePoint)
AlicePrivateKey*BobPublicKey=BobPrivateKey*AlicePublicKey

It is not possible for anyone else to calculate this shared point, because there is no such operation over ECDSA. Adding and subtracting points is possible. Multiplying and dividing given point by given number is possible. But it is impossible to multiply or divide two points.

Exchanging some basic messages over mempool after OP_RETURN should be enough to start communication. Later, both parties can communicate using any protocol, because sending big messages on blockchain is too expensive. Revealing public keys is necessary to create valid transaction. Some bytes after OP_RETURN are encrypted and can contain IP addresses, hostnames, IRC channels, emails or anything meaningful for all parties having this shared key and it should be enough to send next messages off-chain.