My response explaining the work that needs to be done on implementing alternatives to Play Services and how that will work:
reddit.com/r/GrapheneOS/c
A lot of these are really standard AOSP APIs that are typically provided by Play Services but fully support other implementations.
Conversation
Even for implementing actual Play Services APIs, it can be done without a terrible permission granting the ability to fake the signature checks that are a core part of the security model. It can be specific to the Play Services signature and it can be scoped to where it's needed.
1
I would also only want real implementations of APIs that can be provided without using Google services against their terms of use. APIs with a hard dependency on Google services due to their design can be stubbed out and treated as unreachable, which apps already need to handle.
Replying to
The only robust and reliable for those is apps adopting an alternative implementation. It's possible to write alternate implementations of clients for Google services, but it's not a good idea without a stable API or permission to do it. I also don't want that vendor lock-in.
1
1