> Just allowing a service provider to receive a third party attestation that you "allowed" still allows the third party to track what you are doing even if the provider can't. That's still unacceptable from a privacy standpoint, I don't want the government, or agents thereof, knowing all the places I've had to show ID.

Isn't this solvable by allowing you to be the middle man? A service asks you to prove your age, you ask the government for a digital token that proves your age (and the only thing the government knows is that you have asked for a token) and you then deliver that to the service and they only know the government has certified that you are above a certain age.

The service gets a binary answer to their question. The government only knows you have asked for a token. Wouldn't a setup like that solve the issue you're talking about?