I've set up GrapheneOS on my Pixel with 2FA fingerprint + PIN unlock. No way will anyone be getting into it without my cooperation.
My only issue was less compatibility with my local emergency services, since they can't see me on a map for some reason if I call from a GOS phone.
My solution to that was a second Pixel as an emergency phone - one with the stock OS, that I'll swap sims with and take with me when hiking, stand up paddle bording and doing other activities that carry risk. This phone has no sensitive information in it. I also have a PLB for added protection.
Don't know if/how this works in the US, but the EU emergency number can always be called without a simcard/subscription, so no need to swap simcards. (And sometimes even from a locked phone)
GrapheneOS provides PSDS, SUPL (which are enabled by default IIRC) and an optional Wi-Fi based location provider, so there shouldn't be any positioning issues with E911
They are not making a "GrapheneOS smartphone", they are just helping providers make their new devices compatible with the security requirements, so GrapheneOS can be installed on it. But GrapheneOS will not come by default AFAIK.
Probably their legal obligation to comply with secret government orders (FISA, NSL etc - the government probably already said don't make unhackable phones or else) and their informal wish to remain on the regime's good side.
If the Duress PIN is an obvious one, it may be one of the first ones your adversaries try. Like 1111 for example. So you may not even have to tell them the Duress PIN for them to attempt it.
My only issue was less compatibility with my local emergency services, since they can't see me on a map for some reason if I call from a GOS phone.
My solution to that was a second Pixel as an emergency phone - one with the stock OS, that I'll swap sims with and take with me when hiking, stand up paddle bording and doing other activities that carry risk. This phone has no sensitive information in it. I also have a PLB for added protection.