Hi, big fan of GrapheneOS here
TLDR: Would an exclusive Pixel 6a with GrapheneOS and Monerujo be a valid or even better solution for storing XMR compared to Trezor One? I would access the Internet only once per year and also don't have to give up privacy when buying the device.
Now the detailed version:
I hope to get some advice from you regarding crypto. I have some Monero (XMR) currently stored in Monerujo on my GrapheneOS Pixel 6 and want a secure place for most of them. I will always leave a few XMR on that device to buy services like VPN, Domains etc. But where should I store and only rarely touch the rest? Most people would say get a hardware wallet like a Trezor One or Ledger Nano S and that's probably the best answer. I wonder though: Would a new Pixel 6a with GrapheneOS that I exclusively use for storing XMR in in a well-maintained, open source software wallet like Monerujo be a better or equally good solution?
For hardware wallets I would choose a Trezor One because they have their source code fully open on GitHub. It has the benefit of creating and keeping the private keys offline at all times. It is also widely used and a proven process, if there is any issue I will probably find help in the large community. It has to be paired with my Pixel 6 in Vanadium and I wonder if there's some attack surface there (wouldn't connect it with MacOs, Windows or even Linux because they are less secure systems compared to GrapheneOS). The inconvenience while doing transactions is negligible since it comes with added security and I'm using the device mainly for storing XMR and not spending them. I'd buy the wallet directly from their website to minimize the risk of getting a tampered device, but that means I'll have to leave identifiers like phone number and address which I don't like (in Germany it's harder to anonymize those and I'd have to jump through some hoops). So, the main disadvantage here is lack of privacy when ordering the thing.
The Pixel 6a with Monerujo solution has the benefit of relying only on GrapheneOS and Monerujo (or whatever wallet App I choose in the future). It's easier to use and maintain and allows me to acquire anonymously (pay cash in store) without any identifiers attached. I would also keep the device offline for almost all the time. Just if I need to access my stored XMR (maybe once a year) I would connect to the internet, update GrapheneOS and Monerujo and do the transaction. I have to pay about 300€ for the device but that's fine with me (the Trezor is not that much cheaper and getting an anonymous phone number and address to order it would probably be more expensive anyway). The main disadvantage here would be that the Pixel 6a is not always offline upon seed creation, so I'd have to trade in some security.
Obviously in both cases I keep my private seed offline on paper or titanium.
What do you think about the GrapheneOS solution and what would you choose? I'm looking forward to your feedback.