For many purposes, we need anonymous authentication. I haven't heard about much innovation on that and similar privacy fronts in awhile.
Off the top of my head, a possible method is a proxy or two or three, each handling different components of authentication and without knowledge of the other components. They return a token with validity properties (such as duration, level of service). All the vendor (e.g., Polis) would know is the validity of the token.
I'm sure others have thought about it more ...
You could do it now with OpenID SSO that only takes passkeys. The downside is that losing the passkey would lose the account. The problem is that OpenID leaks the authenticating sites to authentication site.
The problem is that lots of sites need/want email address. So would need system for anonymous email, and that would either need real email to forward, or way to read email.
I mean I can prove with a zero-knowledge-proof that have solved a Sudoku puzzle without actually giving away the solution so this seems possible?