Sorry if I wasn’t clear.
The goal is the same with the current Kicksecure live mode.
Anti-forensics as well as leaving minimal traces on Dom0 of activities.
(as you can see when running your cleanup script, records of every dispVM etc…)
The current solutions as far as I can see here are:
Running dom0 in RAM:
Qubes dom0 ZRAM Live Mode
Qubes dom0 OverlayFS Live Mode
and your script:
Really disposable (RAM based) qubes
The advantages of dom0 in live mode seems to be better than deleting logs with a script as the latter can be quite easily found even after deleting.
The first solution requires copying the entire dom0 to RAM at boot, via a grub change.
Perhaps just mounting some directories in RAM rather than copying the whole dom0 ie:
[zram0]
zram-size = 8G
compression-algorithm = zstd
mount-point = /var
[zram1]
zram-size = 2G
compression-algorithm = zstd
mount-point = /tmp
Encrypted RAM not only for cold-boot attacks, side-chain etc…