Authentication Overview (WA 2.0)

Each client has a static keypair which is created at the beginning and it shouldn't create them anymore. In each connection a temporary keypair is created.

The client sends its temporary key to server. With the client's temporary key and the server's temporary key, a shared key is created and used by the client to get server's static key. With the client's temporary key and the server's static key it can extract the certificate and the payload is encrypted with the client's static key and the server's temporary key.

With the last key created, it derivates and expands in 2 different keys which are used for the write and read in WhatsApp communication.

(C,c)   : client's public key C and private key c
(S,s)   : server's public key S and private key s
(C',c') : client's ephemeral public key C' and private key c'
(S',s') : server's ephemeral public key S' and private key s'

Client->Server: C'

Client<-Server: noise_box((S',s'), (S,s), C', pad_len, app_data, 2)
# outputs cv_h1

Client->Server: noise_box((C',c'), (C,c), S', pad_len, app_data, 4, cv_h1)[DH_LEN:]
# outputs cv_h2 
# NOTE: C' is omitted since it was already sent

cc_client || cc_server = KDF(cv_h2, zeros[CV_LEN], SUITE_NAME || (byte)6, CC_LEN*2)

# After this, the following messages can be sent repeatedly in any order:

Client->Server: noise_body(cc_client, pad_len, app_data)
# updates cc_client

Client<-Server: noise_body(cc_server, pad_len, app_data) 
# updates cc_server

Static keys are stored (base64 encoded) in settings-number.dat.

Technical info here.

See Login.php for the implementation.