Userdebug builds of GrapheneOS with ADB root access are officially supported. We recommend setting ro.adb.secure=1 rather than making a standard userdebug build with always-on unauthenticated ADB if it's not solely for development.
Modifying the official builds by replacing part of the core OS with Magisk and then using that to modify the rest of the OS dynamically is what's not officially supported and strongly discouraged. That doesn't mean there isn't official support for root, which is available in userdebug builds without the same massive negative impact to the security model of the OS.
I've been trying to make a UserDebug build for the last few days by following the official instructions at https://grapheneos.org/build, and am running into some trouble which I suspect are due to minor steps in the documentation that are missing or incorrect.
Is it possible to get some help on this? Posted some messages to the #general and #development channels on Discord (you mentioned in your very helpful comment at https://news.ycombinator.com/item?id=42536302 that's the go-to for support) but am not getting any response. I'd even be happy to make a fat donation or pay for some support here.
Also out of curiosity, have you guys considered providing an official release that is configured this way, perhaps gated behind a giant "Proceed at your own risk" banner? Is your reasoning here influenced by a perception that providing root access without enough friction might weaken your bid for Play Integrity recognition or your chances of individual app developers like banks treating your OS on equally trusted footing as Google's?