I looked at this a looong time ago, but the basic idea is that the tokens (equivalent to cash coins/banknotes) are generated on the end user’s device, through some public-key cryptographic back-and-forth protocol. The issuer (bank/central bank/payment provider) does not see these tokens (they’re only on the end users device), but can verify that they’re legit (i.e. issued by them) somehow.

You can take one of these tokens to them, and deposit it in an account. They won’t know who it’s from but they know it was legitimately issued by them. Depositing a token is also supposed to be the only way of figuring out if it is a legit token, the bank will not tell you if a token is legit unless you deposit it.

When someone pays with these tokens in a shop, the shop will want to immediately (during checkout) deposit them, to make sure they’re legit, and also to make sure the token hasn’t been double spent. A shop that doesn’t do that makes itself vulnerable to fraud. This means shops will have a hard time hiding their revenue (to dodge taxes) compared to cash.

If someone you trust gives you a token (birthday money from your grandma, say), you don’t have to immediately deposit said token, since presumably you trust your grandma to not give you fake or double-spent tokens. Since you trust you grandma, there is no need to deposit the token and involve the bank, and that transfer would be untraceable (it’s literally just copying a number from her phone to yours).

The idea is that shop owners would have a hard time dodging taxes without opening themselves up to fraudsters using fake tokens, while the customer cannot be identified. You’d also be able to exchange tokens with family and friends in a way that isn’t traceable, as long as you trust them to not screw you over.