I tried to find something definitive, but it would take more time than I have right now. So to some degree this is assumptions, though generalized.
* Does the site know who the user is: No. That's the entire purpose here.
* Does the site know who the attestor is: Yes, they need to validate asymmetric crypto on the proof, so they need a list of public keys (which they can attach attestor identity to).
* Does the attestor know what kind of content I want to visit: They should not. With the JWT you can validate without telling the attestor which user's proof you validate. OTOH, if there's some "is this one revoked" type of API one could easily re-introduce such an information channel on accident.
* does the attestor know who the user is: Yes (or at least have some bits of information about you they are willing to attest to others. In practice assume it's Google/Apple/MS with information associated with your account, or your bank or ...)
* Does the user always know site/attestor: From a technical perspective yes. From a practical human one... doubtful.
--Googler, though far removed from this project, so no internal knowledge.