I have configured my home router to redirect all plaintext DNS traffic through it. I did it because Chromecasts try to sidestep DNS and go straight to Google.
While doing that was a couple of lines of nftables config, blocking DoH would require an actively maintained list. Even then, it would be trivial to host your own by renting some server space.
A bank card is far more practical than a second phone. Even if Google Pay did work on GrapheneOS, I would not use it. It looks like a privacy nightmare.