One question is whether it is possible to confirm whether the password given is a duress password.
My understanding is that after the system is running, the system program detects the duress password and executes an operation to destroy the data in the security chip.
If the system is not running, remove the security chip and simulate the system to input the password to the security chip. If it is a duress password, the security chip will return a password error, and the duress password will be exposed.
If the attacker knows that the mobile phone system is GrapheneOS, he will know that the password handed over may be a duress password, and thus perform such a test.
I am not sure whether the security chip has a function like environmental detection. Only when the system is detected to be intact will subsequent operations be performed. If there is such a function, then add a middleman in the communication link between the system and the security chip, normal operations are allowed to pass, and operations such as destruction are directly discarded, which can also prevent the key in the chip from being destroyed.