> I don't see any requirement to support hardware attestation in the recaptcha documentation, the Play Services seem to be "enough".

Doesn't Play Integrity use hardware attestation, but specifically checking the Google keys?

If you use the Play Services on GrapheneOS, you still don't pass Play Integrity because your system is signed by GrapheneOS and not by Google.

> they might be using an app (with enormous access to the phone as the Play Services have) to be able to link a ton of data together, possibly including the local activity on the phone

But anything your phone can possibly do in software can be spoofed, so how would that help?