I tried out iodéOS 3.2 on my FP4 today just to find out that audio and video recording qualities are awful. My issues sound exactly like the ones described here. So I wanted to see if the issues on Signal are related to iodéOS first by reverting back to Fairphone OS.
As part of the setup instructions for iodéOS, I flashed the avb_custom_key provided on their GitHub. All went well, I was able to lock the bootloader too.
Now that I’m back on Fairphone OS, I figured I should relock the bootloader again but I then remembered part of the iodéOS setup instruction mentioning that if I get “get_unlock_ability: 0” and try to lock my bootloader that I will brick my phone. Turns out I do get 0.
I did follow the FP OS installation instructions but couldn’t find any mention of the avb_custom_key. Am I correct in thinking that I need to flash the original FP4 avb_custom_key before I can lock the bootloader again? If that’s correct, where would I get this file?
That’s a firmware / driver issue, your experience will most likely not be much different on stock FPOS.
The stock keys are built in, there’s no keyfile you could flash.
Try clearing the custom root of trust fastboot erase avb_custom_key and reinstalling stock FPOS. Not sure if that’s necessary, but the stock install script at least doesn’t clear it, so it’s worth a try.
Oh and could you check the version of FPOS you have installed (Settings → About phone), up until very recently, if you downloaded the A.170 release, you would have gotten the A.163 version instead, because of a wrong URL.
Safe, no, I never recommend locking the bootloader, because there’s always a risk involved.
You seem to be on the right version, but ultimately you’ll have to decide if you want to risk it.
There’s really no need to lock the critical partitions, but in the spirit of following the official instructions, you can of course do it. If you do, check get_unlock_ability before you lock the bootloader completely.