I think you are both kind of wrong :). There are different Play Integrity levels. GrapheneOS passes the basic level, which is enough for many apps, including a bunch of European banking apps. GrapheneOS does not pass the strong level, which does remote attestation, but Google does not want to add the GrapheneOS signing key fingerprints.

My European banking and credit card apps work fine on GrapheneOS because they don't require the strong integrity level.

Google is using Play Integrity at the strong level to shut down competition. It's kinda ironic, since GrapheneOS is much more secure than the many phones out there with abysmal device security and slow updates that Google does accept with strong integrity.

Yeah you're right, serves me right for writing that while busy doing other things this morning.

The intent of the comment stands though.

I meant to point out that GrapheneOS has perfectly good support for verifying device integrity via Hardware Attestation, just not the method which requires Google to acknowledge the OS signing keys.