Please read https://grapheneos.org/articles/attestation-compatibility-gu.... It's possible to support GrapheneOS by using the Android hardware attestation API either as an alternative to the Play Integrity API or instead of it. By using the hardware attestation API, you can make a list of allowed key fingerprints for the SelfSigned boot state for non-Google-certified operating systems. We list all our current keys for non-end-of-life devices on that page. Recently, Swissquote used this approach to add support for GrapheneOS to their Yuh app and may be adding it to their main Swissquote app soon.
You can test hardware attestation on any modern Android device but you'd need GrapheneOS on a real device to fully check that you have the SelfSigned fingerprint allowlist working properly. It wouldn't be hard to do it without testing it though, and our users can test if app developers ask our community on https://discuss.grapheneos.org/.
You can test hardware attestation on any modern Android device but you'd need GrapheneOS on a real device to fully check that you have the SelfSigned fingerprint allowlist working properly. It wouldn't be hard to do it without testing it though, and our users can test if app developers ask our community on https://discuss.grapheneos.org/.