docs: document mutex lock ownership caveat

app/jobs/mutex_application_job.rb

@@ -22,6 +22,11 @@ class MutexApplicationJob < ApplicationJob
     end
   end
 
+  # Redis::LockManager#unlock is not owner-checked. If a job runs past the TTL,
+  # Redis can expire the key, a newer job can acquire it, and the older job can
+  # then delete the newer job's lock on unlock. Current mutex users treat locks as
+  # short race dampeners, so this is acceptable for now. Future iterations should
+  # move Redis::LockManager to token-checked unlocks.
   def with_lock(lock_key, timeout = Redis::LockManager::LOCK_TIMEOUT)
     lock_manager = Redis::LockManager.new