Have you tried WireGuard? I used ZeroTier in the past (and OpenVPN before that) but found that WireGuard seemed to perform much better (more throughput, less CPU usage)
Being a layer 3 VPN makes Wireguard inappropriate for many scenarios for which Zerotier is used at least without layering something else on top of it which can significantly increase complexity and lower performance.
There’s also dsvpn which is an extremely simple vpn! The only bad part is that the code has no comments, but it is still auditable in a few hours due to the low amount of lines of code.
Wireguard is a (completely) different product. Wireguard is a vpn, where as zero tier is a way to define networks over a network. As they call it: an ethernet switch for planet earth. With centralized configuration. Sdn and more buzzwords. It is quite impressive.
That said: you can do sort of vpn things with zerotier if you want to.
It's a rather different beast, AFAIK. WireGuard works as an openvpn replacement, with a client-server architecture, while zerotier has no real idea of a server (beyond the zerotier controller, which is offered as a SaaS as well), there're just clients connecting between each other, and offers UDP hole punch, so you don't have to open ports and configure things like that.
THAT is ZT advantage.
EDIT:
I got back to WireGuard after writing this comment, and I may be wrong. I may have misunderstood a lot about wireguard so far, I'll check it again soon.
Round one should really be talking to an expert in the field with crypto. I'm concerned that Guy On SO may not be as thorough as your product really deserves.
I'd rather not waste a cryptographer's time with something that contains flaws that Guy On SO can spot. I do know enough about cryptography to generally tell if Guy On SO seems to know what they're talking about or not.
