There is a new branch for OpenCore Legacy Patcher called vault2 which will bring Secure Boot to OpenCore.
This is an exciting news for everyone who uses OpenCore which can bring some comfort for those who are concerned about OpenCore’s Security.
There are several concerns when using OpenCore on Macs and Hacks which raise the question if using OpenCore and OpenCore Legacy Patcher safe?
If you us macOS Ventura or earlier version of macOS I can say yes, since you don’t need to disable SIP or AMFI which are crucial to ensure your Mac’s security but when you are using unsigned 3rd party kexts it will reduce your security, so you should avoid disabling them as for long as you can.
I’m not a security expert but when I realized that for macOS Sonoma you need to disable SIP and AMFI it got me concerned so until I investigate the security aspect of using Sonoma on any of my Macs or Hacks I won’t be using it as my daily driver.
The good news is with the new Valut2 branch in development one can rest easier knowing the developers of OC and OCLP are doing their best to ensure the security of their bootloader.
Here is the link to Vault2 documentation:
https://dortania.github.io/OpenCore-Post-Install/universal/security/vault.html