Sorry I explained it poorly and emphasized the wrong thing.

The way it would work is not active destruction of data just a different view of data that doesn’t include any metadata that is encrypted in second profile.

Data would get overwritten only if you actually start using the fallback profile and populating the "free" space because to that profile all the data blocks are simply unreserved and look like random data.

The profiles basically overlap on the device. If you would try to use them concurrently that would be catastrophic but that is intended because you know not to use the fallback profile, but that information is only in your head and doesn’t get left on the device to be discovered by forensic analysis.

Your main profile knows to avoid overwriting the fallback profile’s data but not the other way around.

But also the point is you can actually log in to the duress profile and use it normally and it wouldn’t look like destruction of evidence which is what current GrapheneOS’s duress pin does.