Meta sneakily introduced “Platform Integrity Attestation API” which basically calls home to see whether the user has a valid license to play.
This means that to run apps user has to have online connection to perform an integrity test. Whether it’s only a test on launch or continues call home like Denuvo-like DRMs is not yet clear. This could also mean that modified headsets could fail to pass this test essentially closing down the device for modifications that could damage “platform integrity”. Not all details are clear yet but this doesn’t look good.
Currently it’s optional and up to app developers to enable it.
You can also use the standard android CLI tools to lock and unlock the bootloader, but that web app is really convenient.
Edit: and for anyone wondering, you can re-lock it with any ROM, or after rooting (you don’t lose root). I’m running grapheneos with a locked bootloader. Only difference between this and the stock ROM is a message that’s displayed when you boot that warns you the phone isn’t stock.