Hi,
I don't understand what you really want. You say someting about other computers. Who are these other people/copmuters and there they are? Inside your (or your childs) network or unknown public internet users?
Did you try to set up a game through
battle.net or a "local" game? In addition, your configuration looks like you mixed up with your subnets. On your childs side, you configure your interface as part of an /24 subnet, but on your side, its just a /32 "range".
It may work anyway, bit I think its still confusing.
So I think, a good start would be to clean up your wg-config. I like to use a seperate "subnet" for vpn traffic. So there is no ProxyArp needed, because the VPN-Server works as a Gateway for his own subnet. Disadvantag is that you can't use (without some more work) broadcast features. Mostly use for some autodetections and so on.
Maybe this will help a bit.
On his computer: (LAN IP 192.168.1.x)
[Interface]
PrivateKey = {blah}=
ListenPort = 12457
[Peer]
PublicKey = {blah2}=
Endpoint = {my home}:12457
On my computer: (LAN IP 192.168.88.x)
[Interface]
PrivateKey = {blah3}=
ListenPort = 12457
[Peer]
With this configuration, you should create (and play) games using the dedicated vpn IPs (192.168.123.2 or 3 ) or maybe (not tested) your orignal local IPs (192.168.88.xxx or 192.168.1.xxx).
An complete other soloution could be using a layer2 vpn. I like SoftEtherVPN.
You could install it, bind the vpn to a tap-device (within the SoftEther configuration) and than bind the tap-device (with linux tools like brctl, systemd-networkd config) to your physical interface.
If anybody connect to this vpn, it's just like an additional wire to your network. So all works, inlcuding DHCP in the same subnet and so on.
The strange double-bridge is not needed, if your SC-Host and VPN-Host are NOT the same device. Because if you bridge the VPN directly to the physical interface (without the help of an additional tap-device) the VPN Client can't reach the vpn-server itself.