Wouldn't this require the API provider to know that tbe citizen is connecting to the app? Grindr users might be squeamish about letting the current US admin know about that.

ICAO compliant ID cards (aka passports) and many national ID cards already are smartcards with powerful crypto processors.

Hand out certificates to porn, gambling or whatever sites, that allow requesting the age of a person from the ID card, have the user touch their ID card with their phone to sign a challenge with its key (and certificate signed by the government), that's it.

Government doesn't know what porn site you visited, and porn site only gets the age.

Not necessarily, you can define the protocol such that it's all done with opaque IDs instead of identifying info.