You're thinking of Bitcoin. In the RSA blinded signature scheme the token holder doesn't need a private key, so there's nothing to reveal. The tokens are signed by the issuer (i.e. the bank), using the issuer's private key, and the blinding ensures that the issuer can't see the actual tokens at the time they're signed—that's revealed only when they're redeemed. The tokens themselves are just unique random numbers and not associated with anyone's identity. The issuer keeps track of which ones have been redeemed so that they can't be claimed twice. That's the risk you take by not turning them in immediately: anyone who had the token before you could claim it first, and then your copy of the token would be worthless.
Edit: In the case of off-chain exchange of Bitcoin wallets it would reveal the private key (naturally, since that's what you're exchanging) but for that reason you would only trade a wallet with a unique private key not used anywhere else. The only thing that key is useful for is spending the funds in that wallet. It's not linked to your identity. This is exactly like the "physical bitcoin" model (BitBills, Cascascius coins, etc.) except there is no tamper-evident hologram to prove that the private key hasn't been accessed—you're taking that on trust until you empty the wallet or hand it off to someone else.
Edit: In the case of off-chain exchange of Bitcoin wallets it would reveal the private key (naturally, since that's what you're exchanging) but for that reason you would only trade a wallet with a unique private key not used anywhere else. The only thing that key is useful for is spending the funds in that wallet. It's not linked to your identity. This is exactly like the "physical bitcoin" model (BitBills, Cascascius coins, etc.) except there is no tamper-evident hologram to prove that the private key hasn't been accessed—you're taking that on trust until you empty the wallet or hand it off to someone else.