Is a Chinese phone's stock OS better than GrapheneOS for my threat model?

You could get plausible deniability to an extent by not loading the sensitive data onto your phone, right? Just memorize the passphrase and store it on a website. Only you know the website and only you know the password and it’s not on your device. Disappearing messages as well. I wonder the extent to which the SimpleX hidden chats are deniable. The way it works is you hide the chat with a password that you enter into a regular search bar and only after searching that does the chat come up. I imagine not to the extent that GOS considers, because there’s no plausible deniability on ssds, which is the main problem.