Great post! Some good details here, will add onto some of the information:

The Auditor app essentially acts an intrusion detection utility. The hardware attestation method of verification is for extremely sophisticated attacks. If such an attacker somehow manages to change something with kernel/root level access, the Auditor app can detect that by performing hardware-based attestation, comparing itself to a uncompromised one. Don't trust, Verify.

The Google Play apps you install via the apps repository are not a special version of them, they are the real Google Play services apps, the permission controls exist because you installed them as a user app rather than a system one.

A special app/service called GmsCompat essentially acts as a intermediary whenever Google Play Services tries to call something privileged or query certain information. It stops Google Play from breaking and also allows GmsCompat to shim Google Play functionality in a privacy respecting way. This is also why you may often see notifications come from GmsCompat when doing Google Play specific things. The name Sandboxed Google Play comes from the default sandbox of user-installed apps, rather than it being a special sandbox.

Also the Proton Mail app could be better than the PWA, as it relies on the hardware-backed keystore (the same your OS uses) to store the mailbox's decryption data in.

If you enable PIN code on the mobile app there's little way of them getting in, unlike the PWA where you can just tap and sign in.

Some favourite apps of mine are: