I was messing with dom0 settings, trying to get a Veikk tablet to work (couldn’t get it to work).
This allowed a USB drive to direct connect to dom0.
This drive was used on other computers.
I no longer trust dom0 isn’t compromised.
What is the best way to reset dom0 to a backup state, without any potential compromise making it thru the restore?
Reinstall Qubes OS, dom0 shouldn’t be hard to recover. The real question is going to be if you can safely restore all/any of your appVM backups.
Is there anyway to blank out then restore dom0 from a backup without a full OS reinstall?
I don’t think so, besides if dom0 is compromised you should assume all appVMs are compromised.
There is a way, but you’ll probably see very quickly why I wouldn’t recommend it. You can create an image of /dev/mapper/qubes/dom0-root and then restore it using dd.
——-
I agree with you that it would be nice to be able to “purge and reflash” the LVM partition that dom0 resides in.
In fairness, I can also see why no solution to this has ever been made. “You’re not supposed to do anything in dom0!”
——-
This disclaimer is not meant for @renehoj and @Emily, because I’m sure they already know this. This is for anyone else who reads this and somehow take away from this that this is the “go-to” way to restore from backups.
….it definitely isn’t…. 
By using dd:
Ok, you have been warned. Now go have fun 
It takes me 10-15 minutes to reinstall the OS, another 5 minutes to restore the immediate appvm I need and another 45 minutes to restore the rest.
I just did it today because I lost audio and my CPU was running hot. Everything is fixed. It was probably related to installing the latest kernel that didn’t agree with subsequent dom0 updates.