Right, we don’t really know how decentralised fiat cash will work as nobody has tried to do it before, so we’re really just guessing here.
On one hand, perhaps the answer should be to prefer simplicity first, rather than trying to intuit requirements that may not exist. That way the code is easier to read and understand, especially for contracts people will learn from and copy like cash.
On the other hand, the point of ‘smart’ contract logic is to try and ensure everyone has the right view at the right time and that others can check that they had the right view at the right time, so that suggests trying to avoid weird situations like someone unilaterally cancelling obligations an issuer still thinks they have (which can only ever be a mistake, right?). And yes the opposite too - the issuer exits money without the holder of the asset knowing! That should be hard to do anyway, the issuer would need to know the StateRef of the thing they were trying to unilaterally exit, but we should exclude it via signing anyway.
This takes us back to the old discussions we had last year on the topic. For instance does signing an exit mean “I agree to this” or does it merely mean “I disagree that this is legally correct but am aware of the change and am signing to reflect my awareness”.