The original id is just a 64bit number and it is retrieved from the flash chip.
The RP2040 does not have an internal id in the cpu itself (according to the documentation) :
https://raspberrypi.github.io/pico-sdk-doxygen/group__pico__unique__id.html
I don't know if the dump is just a raw dump of the flash chip?
If so, then it should be there.
If not, someone will be able to hack it.
Just speculating here but the firmware is probably the same as for the hwfly.
So we know the decoding algorithm. Then it is just a matter of trying all keys and comparing the output.
With a 64bit key, that will be peanuts for a normal cpu.
I'm sure there are smart kids here who can break this encryption on a Sunday afternoon.