Depends on your use case. I think it makes sense to have the main profile be as close as possible to empty, but on the other hand it can also help to install apps in that profile to make them available for adding to other profiles. I also think it makes sense to have a profile for nostr apps, a profile for whatever centralized services you're probably still trying to finish migrating to noster from, and other profiles for focused use cases.

I don't know what "the" recommended way is though. These are just some suggestions from me, as someone who the nostr:npub1235tem4hfn34edqh8hxfja9amty73998f0eagnuu4zm423s9e8ksdg0ht5 devs say is "not technical," less capable of providing useful input than a chat bot, etc. nostr:note1s20yph8mj6hcndsd9nqpmw4wdulme9706hv8kwhmzr8p7ny0wmhq9mcxp0

Profiles are used for these situations:

- You want to run a separate VPN configuration for apps.

- You need to separately encrypt certain data with different keys, and have them be placed at-rest even when the device (Owner profile) is in 'AFU'.

- You want to restrict inter process communications between apps.

- You want to run multiple unique instances of one app.

- You want a large group of app data and files you can delete in a button press but not factory reset the device.

Ideally, you want to use as little profiles as possible unless the purpose is for one of these five. You'll overcomplicate things otherwise by having to swap profiles all the time. Most people use a profile to separate apps for privacy invasive services they want to use or for any apps requiring sandboxed Google Play. Some may also use it to separate identities or online profiles. There isn't an ideal way, just things you can do to keep it sensible.

If those are like workspace profiles on regular android, I put a work related apps and trackers in the work profile and shut it all down after a long day at work. Can still talk to family...