design the protocol. we can run down the rabbit holes of anonymous attestation and yao's millionaire problem, but there's a simpler problem: the age of whom? Once you have a unique identifier, or even an anonymous one derived from a verified one, you are still creating an user identity scheme that is being imposed on people.

what is most likely in play, as we have seen in other identity schemes, is that the cryptography will be sufficiently opaque that experts won't be able to reason about it until after the products are forced on people, or, they will just accept junk protocols and use the law to shift liability to the user to comply with identifying themselves truthfully on the internet. the other scenario is if the protocol provides strong anonymity, it will use a bunch of new primitives without mature standards that happen to have escrow access built in.