What I'd do is get a cheap Pixel 6a or 7a, install GrapheneOS on it and make a user profile for the kid. This user profile doesn't have permission to install apps, instead all apps will be installed on the owner profile that the kid doesn't have access to and then pushed to the user profile. This way you control what apps can be used. I'd still let the kid choose the pin for the user profile and not telling me, because privacy.
Disadvantages of this that I can think of:
- There's no remote monitoring out of the box (but I'm against that anyway, would rather have the kid learn to use it responsibly than try to track everything).
- The kid can still do a lot via websites and web apps, so education and open conversation is king.
- The whole update/restart issue where you need to log in to the owner profile first. You'd need to disable auto-reboots (if 48h or less wouldn't do the trick) and have a daily or otherwise regular routine to get the phone and do the app and system updates on the owner profile. Make sure the kid has a good charging habit so the phone doesn't run out of battery away from home.
Not sure if this is what you're looking for, but it's a good start for security, privacy and education in my opinion.