TPM has solved this now for more than a decade.

Verified boot + TPM encryption key storage is a huge layer of protection for the boot process.

Check out the Arch wiki for TPM. It has some good reading.

https://wiki.archlinux.org/title/Trusted_Platform_Module

Its one or the other. Either Google Play Services will push notifications, or the apps have to have the ability to handle push notifications on their own (which isn’t common).

Google Play Services can be sandboxed in GrapheneOS, but there isn’t an open source Google Play Services since its not included in AOSP. It is very much a proprietary blob.