In advanced security checks, the vbmeta.digest is included in hardware-backed attestation data. This makes it extremely difficult to "spoof" or fake, as the key is locked inside a secure hardware chip. Modifying the Digest (Rooting & Custom ROMs) Sstichttps://www.sstic.org DroidGuard: A Deep Dive into SafetyNet - Sstic
Now ro.boot.vbmeta.digest will match the hash of custom_vbmeta.img . Note: Google Play will still detect a custom key, but device integrity is cryptographically sound. ro.boot.vbmeta.digest
This is why unlocked bootloaders break SafetyNet: When you unlock the bootloader, the device either: In advanced security checks, the vbmeta
The digest if: