The whole removal of nat and directly connecting to the destination with the source address seems like a privacy and security nightmare.. imo..
The security extension thing seems a bit wack. I'd still like all my traffic to originate from a single source and be tagged with that address only. This possible?
Nothing stops you using site- or link-local addresses and NATing to a single (or several) public IPv6 addresses, just as you do with IPv4. There was no "removal of NAT", it's just not necessary any more.
A proper firewall without NAT is generally fine, especially in combination with privacy extensions (which likely overall give better privacy than IPv4+NAT), but if you want to completely conceal the network layout behind your router, go nuts with NAT, no problem.
You can use NAT6 if you insist but there's no reason to. The aforementioned privacy extensions keep you from being tracked long-term based on address alone and your firewall is still blocking incoming traffic.
The security extension thing seems a bit wack. I'd still like all my traffic to originate from a single source and be tagged with that address only. This possible?