They also run proprietary Google blobs in a privileged process to pass basic Play Integrity and give certain Google apps higher privileges than the normal Android sandbox.

Aside from Google, Fairphone 6 (both the stock OS and /e/OS) ship with proprietary, Chinese TCL blobs for image processing (most likely also privileged).

Besides that, /e/OS often uses way outdated Linux kernel versions and firmware bundles with many known CVEs and old major Android versions, having many unfixed vulnerabilities that are not marked high/critical (ASBs only give you high/critical fixes).

Fairphone does not have a secure enclave, only TrustZone. So, secrets can be extracted using frequently-found side-channel accounts. The lack of a secure enclave + the many available CVEs, it will probably fail within seconds when using data extraction tools like Cellebrite, even when the phone is locked. So better not bring your phone to demonstrations or border crossings.

But hey, it doesn't matter, because Murena's CEO says security hardening is only for spies and pedophiles.

(Friends don't recommend friends Fairphone or /e/OS.)