Vboot allow to verify the integrity of the system before booting. It is a strong security feature which can protect against a lot of attacks.
The Chromium project provides a lot of informations about vboot:
I started looking at this issue myself but currently I can't get neither the old and the new build system to produce a valid c201 image.
So can grub, which we support on x86 https://libreboot.org/docs/gnulinux/grub_hardening.html (and should appear on arm thanks to uboot)