4.2.1 ZTT Auditing

The design of the ZTT requires auditing to verify the structure of the tree. Zoom will partner with independent external auditors which (in a privacy-preserving way) ensure that the append-only property of the ZTT is respected. Clients query the auditors to ensure that their view of the ZTT’s commitment has been audited and is consistent with everyone else’s. If the client can reach the auditor and detects a fork in the ZTT, they can send the auditor the forked and signed commitments in addition to the warning, so that the auditor can disclose the inconsistency. If Zoom clients cannot reach any of the auditor servers, they will signal a degraded encryption level.

We will publish code so that interested parties can also audit the ZTT.

Additionally, organizations using Zoom will be able to review updates to the ZTT and track their employees’ device changes.