Interesting. But this kind of thing makes something very clear: just because a company can say "powered by GrapheneOS" doesn't mean that it's safe, private, or secure. A tampered with GrapheneOS isn't GrapheneOS. This is why using the Auditor app on real GOS is a good idea.
GOS is open source, and it's far better to rip off GOS and use their name to seem credible. Also, having used AOSP, which is not so great from a user experience perspective, GOS is actually pleasant to use. Very smart, FSB agent.
And it seems like this Protelion thing is mostly focused on their VPN. If I were a government, I'd stay the hell away from this company too.