TLDR for those who missed this:

. RPi 0, 0W, 02W, 2 & 3 have permanent ROM that is burned in at the factory

. "Firmware" is split between the Pi AND the microSD

. Verifying the code on the microSD is authentic is vital, but simple

. Sharing a signer is not ideal, but can be viable w/ trusted 3rd parties nostr:note1jkxrv339ujzqkja4a0hn43vehrfhwfz7tzfd0w08ua84qafnz4usrdfpsl