Remote attestation in theory includes all aosp-compliant attestation implementations (in practice that's GrapheneOS already), but the current project plans and implementation openly reject it.

Only "open" in a twisted sense, and definitely not user-controlled: Remote attestation per definition means to accept only pre-approved operating systems. If anybody builds an implementation, regardless whether it is aosp-compliant or not, this will be excluded, until the App developer or someone in the chain explicitly approves that implementation. That is the whole purpose of that technology. Including GrapheneOS in that pre-approved list just shifts power from Google and the App Developer to GrapheneOS Developers and the App Developer. Nice for GraphenOS, still bad for users and devs of any other OS variant or platform.