Developers porting custom ROMs often need to disable verification to test early builds that may not be correctly signed with the manufacturer's keys. It allows unsigned or user-signed images to boot on the hardware.
fastboot flash vbmeta --disable-verification --disable-verity vbmeta.img
Here is the standard procedure for most devices that support AVB.
Android devices use a "Chain of Trust." During boot, the vbmeta partition (Verified Boot Metadata) checks the cryptographic signatures of various images to ensure they haven't been modified. If you try to install a custom kernel, a Magisk-patched boot image , or a Custom ROM without disabling these flags, the device will detect a signature mismatch and enter a . Android Verified Boot 2.0
In practice, power users rarely flash a standalone vbmeta.img . Instead, they use a generated by the Android toolchain. The complete, recommended command for disabling verification (and often verity) is:
fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img