With this setup, or with additional “moving parts” to be added to the overall system, is there a way to at a later date to assert that a certain user identity was responsible for a transaction? Assume that we are able to store any/all data that is in-context (i.e., is part of the REST call for the transaction) at the time the transaction is requested.
Thanks to @alnbhclyn for their thoughts below. I think I need to clarify — the key gap above seems to be the link between a JWT and the specific contents of a transaction. Is there a means of “signing” the transaction with the JWT or some part thereof such that a positive link between the two can be made at any point in the future?