i have a question in android documentation it is mentioned that android process can communicate using local sockets. does it mean that two applications with different user id can communicate using local sockets and by that "bypass" the sandbox?

It is indeed possible to do IPC using local sockets on Android, see LocalSocketServer and LocalSocket classes. These translate to UNIX sockets in the abstract namespace.

A word of warning though: Samsung has started restricting local socket use in certain cases through SELinux in their latest firmwares (unfortunately they do not use the same policies as AOSP). I'm not completely clear on the details, but I have seen instances where SELinux blocked the local socket from connecting on these firmwares. Probably depends on the SELinux context of the different processes trying to use the local socket not matching. Be sure to test that if you end up going this route.