Yeah it's really great, before switching to GrapheneOS I used LineageOS for years so battery life is already good in that case. But the whole access control, and checking every few months which apps are hardly used is just super practical. I don't do online banking on my phone though, I guess for people who do it's not feasible. The only thing I don't like is that it only works with Google Pixels
Online banking (anecdotally) works great, though may use the sandboxed google play services. At least here in Switzerland with Swiss banking apps I've never had issues with it.
I would recommend people to install the play services and play store in the main profile. Then, install apps in the main profile too but remove all permissions and abilities, restrict and disable them. After that, enable them in a "banking" profile. One can then selectively enable and disable the play store to update these apps which propagate to the other profiles. The disabled apps are still updated normally by the play store.
I do believe that they are working on a feature to limit app intercommunication in a similar vein as the other scopes. This would be cool because it would allow one to allow "point to point" communication of certain apps with the play services but otherwise restrict them. Though I don't know the state of development for this feature.
