They’re asking app developers to trust their keys specifically, which would mean that the app might work on GrapheneOS, but not my fork of GrapheneOS with some cherry picked fix I want.
It would be much better if we stamped this out now, before all online services require attestation.
Something that worries me about that is attestation. This is the advice from the GrapheneOS Devs:
https://grapheneos.org/articles/attestation-compatibility-guide
They’re asking app developers to trust their keys specifically, which would mean that the app might work on GrapheneOS, but not my fork of GrapheneOS with some cherry picked fix I want.
It would be much better if we stamped this out now, before all online services require attestation.