It seems like the tl;dr is:

Cloudflare is helping to develop & eager to implement an open protocol called ARC (Anonymous Rate-Limited Credentials)

What is ARC? You can read the proposal here: https://www.ietf.org/archive/id/draft-yun-cfrg-arc-01.html#n...

But my summary is:

1. You convince a server that you deserve to have 100 tokens (probably by presenting some non-anonymous credentials)

2. You handshake with the server and walk away with 100 untraceable tokens

3. At anytime, you can present the server with a token. The server only knows

  a. The token is valid

  b. The token has not been previously used

- The server has a public + public key for ARC, which is how it knows that it was the one to issue the tokens. It's also how you know that your tokens are in the same pool as everyone else's tokens.

- It seems like there's an option for your 100 tokens to all be 'branded' with some public information. I assume this would be information like "Expires June 2026" or "Token Value: 1 USD", not "User ID 209385"

- The client actually ends up with a key which will generate the 100 tokens in sequence.

- Obviously the number 100 is configurable.

- It seems like there were already schemes to do this, but providing only one token (RFC 9497, RFC 9474) but I'm not sure how popular those were.