Question on how Bhutan national ID on Ethereum works

When the user signs something with their national ID, does the party they verify against receive the full ID signed by the government (such that it can be leaked), and does these credentials (that conform to "W3C standard" right) include a "decentralized identifier", and on Ethereum there is a lookup table somewhere with Bhutan "decentralized identifiers" to public keys, such that the party being verified against can verify that the person was the owner of the credentials?

In other words, can the credentials trivially be leaked, as there is no "trapdoor" or such (as this requires the government key being the one that authenticates, and if user authenticates that part has to be sacrificed but the benefit is the government is no longer notified each time ID is used)?