That’s not airgapped. If the device connects to the internet, it isn’t airgapped. Your device is broadcasting the transaction
Discussion
it's air gapped on Graphene via Permissions
So how is the transaction broadcast? This is not cold storage. It is not as secure as a passport.
Apps can ignore permission settings, or use hidden permissions. Huge part of why I like have root on Android
is that proven on GrapheneOS? If so....kinda ruins their entire schtick
Idk I just know it happens on LineageOS. So far it’s only been google speech recognition, it gains mic permission even though I have it disabled in the settings. I know because a root app called bouncer (auto revokes permissions), will ask if I want to revoke the mic permission in speech recognition randomly, despite having the permission denied in settings.
Many apps have a permission called “access restricted settings” and many can read device state, meaning they can read your device ID