I would be a bit reluctant to run CopperheadOS now. Sadly the main developer left after somewhat hostile actions from the CEO, and there have been lots of changes in the organization.
IMHO the best option for a secure phone is pure Android without Google blobs. That is, AOSP on a Pixel phone. Plus an F-Droid userland.
If a Pixel is too expensive, you can always try to get an AOSP device-independent image on a new phone that supports Treble. For example, the super cheap Nokia 1 seems to work well [1].
Agreed. For anyone interested in doing their own monthly signed AOSP builds for Pixel phones with OTA updates, take a look at a project that I built that fully automates the process in AWS: https://github.com/dan-v/rattlesnakeos-stack.
AOSP is clean, but doesn't have anti tracking measures available in CopperheadOS: fake IMEI or MAC addresses (this has been mainlined in Android Q, though), for instance.
IMHO the best option for a secure phone is pure Android without Google blobs. That is, AOSP on a Pixel phone. Plus an F-Droid userland.
If a Pixel is too expensive, you can always try to get an AOSP device-independent image on a new phone that supports Treble. For example, the super cheap Nokia 1 seems to work well [1].
[1] https://github.com/phhusson/treble_experimentations/wiki