My comment about JWT wasn't that it complicates the current problem, but that it complicates the design in general.
The alternative is to do it the traditional way, with DB records associated with the user, rather than pushing everything to the client. It wont solve the problem you're describing, but it might make working on a solution easier.
The feature you're describing is just a slight tweak of the standard shopping cart, so the standard tried-and-true shopping cart design would serve you well, barring extenuating circumstances like some kind of significant DB limitation.
DB tables for the items, and for the shopping cart itself. When the user goes to check out the cart, you make an offer on the cart, which is basically just a clone of the shopping cart into a new table with all the item prices denormalized (and therefore locked in). Add a field for the offer expiration date and you've got a working design that is very similar to the standard well-worn design, and without any complicated JWT stuff.
You still need the client to retry with a new offer if the current offer has expired, but adding retry logic to clients is a pretty normal thing for clients to have.
It's a pretty significant departure from your current design, so it's probably not actually a useful answer, but this is what I meant about the JWT making things more complicated in general.