No, YOU don’t understand end to end encryption, and you don’t understand browsers. You say you could “write down a base64 encoded binary blob on a website”. Yes you could and how do you decrypt it? The asnwer is with a key (asymmetric or symmetric) that the recipient must have in memory of the receiving software - the browser that the filter has already intercepted and compromised. So “moar layers” is not protection since the filter could inject any JS it likes to reveal the inner key and/or conversation. It could do this ad nauseum and the only protection is how determined the filter is.

But this is also a nonsense argument just on a practical level. The problem is kids connecting to adult websites, or websites with some adult content. The government thinks it reasonable that every single website that potentially hosts adult content should capture proof of identity of adults. I contend that really the issue is kids having access to those websites at all, and that proxies can and would be a far more effective way to control the issue without imposing on adults. No solution is perfect, but a filter is a far more effective way than entrusting some random website with personal information.