It's hard to do completely cleanly -- building an independent IdP that uses iris scanning or other two-factor systems is totally possible, and actually relatively easy.
Providing anonymized addresses is harder, since your IdP wouldn't be contacted until after the user has selected an address. In that case, you'd want a browser extension that generated addresses conforming to some scheme @youridp.com and automatically filled or selected them in the dialog when using Persona. Totally doable, but that part requires getting out in front of the call to navigator.id.request.
- An independent Identity Provider (IdP) uses some means of identification for the user (two-factor, iris scan, whatever)
- The IdP provides an anonymized email address to each site that the user logs into.
I'll have to read the spec a bit more to see if that's possible...