This is fair.

Their client node software is audited though, and the contents of your packets are not accessible to the router. This is why the amount of the possible meddling is limited to a DoS, AFAICT.

Who audits the Tor nodes that do onion routing is anyone's guess; I suppose ZeroTier is no worse than them.

> Their client node software is audited though, and the contents of your packets are not accessible to the router. This is why the amount of the possible meddling is limited to a DoS, AFAICT.

Normally the coordinator just forwards the keys from your peers, and so doesn't see the contents (the traffic doesn't pass through it, and even if it did it didn't have the key).

However, that assumes that the coordinator is being truthful with the network topology that it sends you. It could send you any topology that it wants to! This means that it could start MITMing whenever it wants to by telling you that $SERVER_IP's peer is now actually $COORDINATOR_KEY at $COORDINATOR_IP.

Theoretically you could defend against this by, say, running a cronjob that validates that the Wireguard keys are unchanged. But at that point you're not really gaining much compared to just using wg-quick.

Tor is different, because the .onion domain name inherently encodes the public key of the site you're connecting to. There is no way to change the key without also changing the URLs that people connect to!

zerotier adhoc networks are controllerless, though ipv6 only.

The client can be set to not allow routes/addresses from a controller.

The client and controller are licensed BSL.

Does this require addresses of nodes to be globally routable? (With such addresses you can as well connect directly.)

Ad-hoc networks don't seem particularly useful here. From their documentation:

> Keep in mind that these networks are public and anyone in the entire world can join them. Care must be taken to avoid exposing vulnerable services or sharing unwanted files or other resources.