Device integrity is important, but in the sense that I don't want police to be able to get in if they take my phone while it's locked. The phone should not be trying to protect itself from me, the owner.
I'm not planning on running any banking apps, nor any other proprietary apps that need any sort of remote attestation. For sensitive data, nothing like "other people's social security numbers". Just my own data, which I would prefer remain private.
Seedvault uses Android's built-in backup infrastructure, so it won't back up things like Signal, or proprietary apps that resist being backed up. Only a rooted app (or rooted adb) can properly backup an Android device.
By "mess with apps' internal states", I want to see what data proprietary apps are storing about me, and selectively delete it. I want to replace their certificate authorities with my mitmproxy's certificate authority, and intercept their connections to understand them. I want to try modifying apps' code -- for example, call recording doesn't work on my current phone, because there's supposedly some XML file somewhere that marks all the US as "recording is illegal". GrapheneOS claims to fix this, but there may be future problems in that same style, which could be fixed by modifying just one file.
I don't get it either, and what order are you supposed to read it? Does the title come first, or at the end?