usually the Twitch Extension Handler auto refreshes the JWT, so you shouldn’t get a JWT/auth error
I do a Basket type flow. So user clicks a button, I check the JWT is still good on my EBS, and the user then gets the bits button to ok/click, then the Twitch Bits popuo
Webhooks!! Extensions have a transaction webhook.
https://dev.twitch.tv/docs/api/webhooks-reference#topic-extension-transaction-created
So you can compare webhooks, or the API endpoint with your inbound collected data.
I actually proposed a PayPal style approach when bits in extensions first came out, looooooong ago (and before uservoice existed), post to create a transaction then the bits usage would fulfill that payment, and this is roughly what I do currently, jsut with the lack of meta data.
If you want to make your own suggestion(s) you can do so on the uservoice https://twitch.uservoice.com/forums/310213-developers
Edit: there is also RFC0011 that I forgot existed
Edit 2: Wrote up my PayPal-esque flow here