kvaradhan3 To the extent possible, I want to minimize the chatter among the apps. I am assuming here that the apps don't get to peek into any other entity's data, or call back home with in privacy exposing ways.
I am not clear on what is meant by "apps don't get to call back home with in privacy exposing ways". Also I am not clear on how that relates to Play. If a user enters data into an app, and the app has network access, the app may send the data somewhere unwanted. But that has nothing to do with sandboxing or Play.
kvaradhan3 Google Play Services and Google Play Store, I think are oddly special (it is android afterall) [...]
What "sandboxed Google Play" means is that on GrapheneOS Play Services and the Play Store are not "oddly special"; they are regular apps.
kvaradhan3 I am concerned/worried/trying to comprehend that if Google play services was authenticated and connected back to Google, what my exposure would be.
There may be legitimate cause for concern. If a user enters data into an app, and the app shares the data with Play, and especially if the app asks Play to send the data somewhere, then the data will be sent somewhere.
But, going back to the bank app, if the bank app demands that Play is installed and demands that a Google account is signed into, that is up to the app, and it's not clear what the GrapheneOS developers could do about that. If a user chooses to install and enter data into a privacy-invasive app, then the user's privacy will be invaded.
Meanwhile, if the bank app didn't use Play Services at all, it could still send any data entered into it wherever it wanted to (including to Google).