ttmp12 What exactly do you mean? Which 3 profiles do you mean? I can run many user profiles on GrapheneOS. Much more than 3.
Reboot your phone. Log in to the owner profile when prompted. Now switch to a secondary user, login to that, now switch to yet another secondary user, login to that. Now you are logged in on 3 profiles; owner and two secondary users. You can now happily switch between them. If you have fingerprint unlock enabled, you can unlock using fingerprint alone when switching. If you have open apps with unsaved changes, those apps are still open with your unsaved changes when you come back, if you have notification sharing between the profiles, you get notifications from them all.
But now, switch to another secondary user that you still haven't logged in to. Login to it. Now, notice how the one of the two other logged in secondary user profiles that was least recently switched to got logged out and shut down completely. If you try to switch back to it, you cannot use fingerprint to unlock, but need to put in the encryption PIN/password. Notice how if you do login to it again, any unsaved changes have been lost. And even if you do not switch back to that user profile, notice how you are no longer getting notifications from it. It was completely shut down.
This is what I mean with that you can only be logged in to three user profiles at the same time. Repeat the experiment with private space set to lock on phone reboot, and you will notice it takes up one of those three slots too.
ttmp12 How is encryption/protection handled? Is it different from user profiles? In other words, what are the exact security/privacy tradeoffs?
At least assuming you select to use separate credentials for your private space when setting it up, it will have files and app data separately encrypted in the same manner as a secondary user. GrapheneOS developers have confirmed this.
This means private space unlocking will be protected with its own weaver slot for unlock attempt throttling, and assuming you have set a strong password, not even the most advanced adversary can break into your private space, even if they get hold of your phone when main profile is unlocked and they immediately disassembles your phone to get access to the still powered on raw chips. As long as your private space is locked that is.
So this is the same as for secondary users.
The privacy tradeoffs are rather what apps can do, not a physical adversary. As I mentioned, clipboard is shared between main profile and private space, so apps in the private space can read text you copied in your main profile and other way around.
ttmp12 Who are you referring to when you say "we are not entirely certain"? Are you a developer, community member, etc.?
Community member and beta tester.