Pro and Cons of using Google Play vs. Aurora

A bunch of really good questions! Let's see how good I can address them:

BlueSky I installed the PS in a separate Profile. But still is this now undermining the whole idea of GOS and ruins the privacy since Play service and framework are sniffing in the background the whole time?

It doesn't undermine the idea of GOS (otherwise it wouldn't be so deeply implemented). Google doesn't have privileged access (except optional eSIM activation in owner profile). In your example you're doing a good job at compartmentalization, so Google should only get the data other apps share over PS and GSF. If you don't depend on notification forwarding, you can also disable the profile running in the brackground.

BlueSky Is it more dangerous to install it into the profile that i actually use?

I don't think it's more "dangerous" regarding security, all apps stay sandboxed no matter the profile. You need to figure out in your threat model how important privacy towards Google is for you, since that is what you control with your decisions when and where to use Sandboxed PS. You probably need some kind of appstore in your profiles. Maybe you would entertain the idea of using Aurora Store in your owner profile to manage all apps, but push them to different user profiles where you actually use them (discussed in this thread)

BlueSky What are the pros and cons of using the sandboxed version vs Aurora?

There are many discussions on this forum about this (search "Aurora" and sort by latest). The short answer is that Play Store is more convenient (especially lately because Google is rate limiting Aurora to hell) but Aurora doesn't need PS or a Google Account from you. You should also check the other alternatives and supplements such as F-Droid (Droid-ify, Neo Store) and Obtainium. Pick what fits your use case the best, none of them are generally bad (as long as you don't use outdated apps such as Aurora Droid).

BlueSky Is aurora less secure due to Account sharing, and in case of update i read that signature spoofing could be more of a risk?

The account sharing is not a security risk to my knowledge, rather a privacy benefit. I'm not sure about signature spoofing, but I think the apks are signed by the Play Store and not Aurora (unlike apps from the F-Droid repository which are signed by F-Droid).

BlueSky It rarely could happen that i would enter credit card data into an App but it could happen if that makes it a difference.

Any app you give your credit card to is a potential risk (leaks, breaches etc), but I don't think it makes a difference where you install the app from as long as it's the most up to date version and you made sure it's the correct one (e.g. via pgp-signature when downloading via F-Droid or Obtainium). A general advice is to use virtual credit cards or even auto-disposable credit cards that are easier to destroy and recreate, and set a charge limit for them. You can generally use pseudonyms since names on credit cards rarely get verified.

Hope this helps you. Please be aware that the article you linked is quite old by now and many things have changed or been added ever since. Check out the Features, Usage, FAQ and Releases sections on the official homepage to get up to date information.

Edit: Typos

N1b The account sharing is not a security risk to my knowledge, rather a privacy benefit.

Sharing what apps you install with random strangers is a 'privacy benefit'?

N1b via pgp-signature

Standard SHA-512 checksums are much stronger than pgp signatures.

N1b I mean privacy towards Google which won't identify and monetize you when using Aurora or F-Droid wisely.

Google will still get info about your device model unless you spoof it in Aurora store's settings, and Aurora store also connects to Google for Internet connectivity checks.

N1b Is there any reason/evidence to believe Aurora compromises your privacy compared to play store?

Using Play store on GrapheneOS with a throaway account is a lot better than using Aurora store, since you won't be giving random strangers history of what apps you install. No user app can access Hardware identifiers on Android 10 and above, So I don't really think there is a privacy risk with Play store if you use a throaway account on GrapheneOS.

N1b For me this is like a watered down version of using the Tor Browser for privacy benefits compared to using Google Chrome.

Lol Far from It. Tor browser's threat model is very, very and very different from Aurora store's. BTW Tor browser is for anonymity, anonymity and privacy are different.

It is important to note (due to the comment above regarding "Sandboxed Google Play sounded too good to be true") that on GrapheneOS, the Google Play apps can only access/do what every other app you install can. That's the entire point of the approach. They're made to work within the regular app sandbox. If Google Play can do it on GrapheneOS, so can any other app.

Therefore, when evaluating whether it's the approach you want to go for, when asking a question about what Google Play can and cannot do on GrapheneOS, you can instead ask "can a regular app do X?" instead, and the same thing would apply.

In my personal opinion, for the vast majority of people/use cases, using Sandboxed Google Play on GrapheneOS is the way to go. Using Aurora Store can make sense sometimes, but mostly doesn't, especially given how unreliable it is as of late (I'm only really evaluating Play Store and Aurora Store as a Play Store frontend here, because realistically almost everybody is going to need to download an app that's only available there at some point).

I'm assuming that you've read these already, but just in case you haven't done so yet, or for future reference for people who may find their way here in the future, please give two sections on the website a read to get a better understanding of the design philosophy and implementation of Sandboxed Google Play:

https://grapheneos.org/features#sandboxed-google-play
https://grapheneos.org/usage#sandboxed-google-play