1) Once a day, your device derives a new key ("daily tracing key").
2) It uses that to derive a new "proximity ID" every time your device's bluetooth address changes (15min), which is broadcast to nearby BT sensors.
4) If someone tests positive, they choose to publish their (previously secretly) "daily tracing keys."
5) Your device frequently DLs all published daily tracing keys and KDFs to see if they match recorded proximity IDs.
At that point all of your BTLE mac addrs over the previous period become linkable. Why do they change to begin with? Because tracking is already a problem.
At that point adtech (at minimum) probably knows who you are, where you've been, and that you are covid+.
Published keys are 16 bytes, one for each day. If moderate numbers of smartphone users are infected in any given week, that's 100s of MBs for all phones to DL.
Keys published by a device have to then be in turn "published" to *all* devices in the world. That's a major DoS vector!
I'm not super optimistic about opt-in contact tracing becoming a major factor, but I do kind of anticipate that someone will end up using this for some other interesting thing.