Signing on any device that connects to the internet is insecure. Leave those devices for broadcasting the completed transaction you want shared. Only sign on a device that will never connect to any other device, e.g., coldcard, tails os bootable usb with disabled network communication. As for the broadcasting privacy. I don't have an answer which is better. never used grapheneOS. But it's a general rule of thumb that mobile devices will generally be less private.
Discussion
> But it's a general rule of thumb that mobile devices will generally be less private.
I disagree with this claim. in desktop OS usually all programs run in the user's context, hence they can access each other's data without much effort, unless the other program prompts the user for a password each time. in Android different apps are isolated from each other's user data. any windows malware can steal your wallet.dat. not so in Android.
of course the system itself has the required privileges, and privilege escalation is s thing. but there are also good reasons to prefer mobile from a security perspective.