Auditing placement of all cached copies of original and variants of a given source resource in the case of user error.
Software-layer at-rest encryption option with unique keys at a JWT parameter key lookup granularity (but with key storage/lookup server side with custom providers).
Cache key bonus strings to eliminate (already-impossible SHA256 collisions, but for compliance)