Message content is E2EE, metadata is for the most part not protected or encrypted with Whatsapp afaik. And for purposes of anti-spam/abuse, I would suspect that metadata could be as useful or more useful than the content itself.
Also there is this:
Reporting someone’s message sends the key [forwards the most recent messages in that thread] to WhatsApp.
Though my understanding on how this ^ works is a bit different than @Stiffly2505. My understanding is that If (and only if) a participant in the conversation reports a message to Whatsapp, then Whatsapp will receive:
“the last five messages sent to [to the user who made the report] by the reported user or group, and they won’t be notified. WhatsApp also receives the reported group or user ID, information on when the message was sent, and the type of message sent (image, video, text, etc.)”
My understanding is that it is conceptually like the reporting user forwards to Whatsapp the most recent (5) messages in the conversation. I don’t think Whatsapp would actually need your key because the other party to the conversation (the one who reported you) has access to the conversation on their end as well and they are choosing to share it.
Whatsapp is admittedly light on the technical details of this process, but this is how I understand it would work. I believe this investigative piece by Propublica is the original source for some of this info, I’m not motivated enough to reread it, but you may be interested in doing so.
There is no “your key” and “their key”, the messages have exactly one symmetric key. And that is forwarded and not the message contents to keep provability (ie that the reporting client didn’t just make up the decrypted message contents) as otherwise you could just falsify reports.
Do you have a source for this information, particularly:
Reporting someone will provide the key for the conversation between you and them to Meta.
I couldn’t find mention of this in the docs, ToS, or Privacy Policy, but I only skimmed + keyword searched. If there is more info on this, I’d really like to learn more, because it seems like an important distinction (whether the exposure is limited to last 5 messages versus limite to all of your communication with that person or group)