Would it not be reasonable and safe and private to implement age verification through login.gov? An Oauth implementation that knows your identity and age can produce a verifiable token that attests your age but not identity. The only way your identity would leak would be if both the porn site and the oauth retain the tokens (which they would both claim not to do else no one would use this), and the attacker gets access to both.
I know it's unlikely to happen because of America's (misguided IMO) extreme distaste for digital government ID, but it seems like the current solution (people uploading pictures of their driver's license to porn websites) is worse in every possible way.
replies(3):