You could do it now with OpenID SSO that only takes passkeys. The downside is that losing the passkey would lose the account. The problem is that OpenID leaks the authenticating sites to authentication site.

The problem is that lots of sites need/want email address. So would need system for anonymous email, and that would either need real email to forward, or way to read email.