When you look into rooting or bootloader unlocking, one or more steps involve running some tool that isn't open source, or at least is primarily distributed as a binary of unspecified providence. You don't really know that the tools won't inject some unwanted software onto your device.

What would be a good way to promote transparency and trustworthiness of the alternative rom tooling? Or is there an alternative set that just doesn't jump out when searching for the tools?

> or bootloader unlocking, one or more steps involve running some tool that isn't open source

fastboot is open source. That's literally all you need to unlock the bootloader on a great number of phones. The vast majority of users don't need to root their phones, and doing so is a pretty big security hole for the users that think they need to.

On the other hand, your alternative is to stick with OEM/carrier OSes, which are quite obviously compromised for benefiting the OEM/carrier and not the user.

Rooting is needed for backups and migrating your data to a new device or over a firmware wipe. And good ad blocking.

I agree the majority of users make do without this, and so have little choice but to send their phone data to Google servers for migrating / backup.

Many apps allow exporting their data without requiring root. There are adblockers that set themselves up as a 'VPN connection' on your device for filtering out ads, those do not require root.

That vpn ad blocking sounds promiding. Are there reputable FOSS apps that do this?

Edit: this looks promising: https://github.com/M66B/NetGuard/blob/master/README.md

Successfully being used on a 1st-gen Moto Z Play, no root, stock firmware. Works great.