How are you trying to validate the jwt? As far as i can tell there is no rig bug. The payload is signed with the secret and I am able to verify the signature on jwt.io consistently.
I think a possible gotcha here is that the secret given from the dev site is base64 encoded, so on jwt.io (or with whatever library you are using) you must make sure you check the button secret base64 encoded.
Additionally, I’ve used the jwt created from the rig to send messages to and from clients over Twitch Pubsub. As a general suggestion, when troubleshooting the rig, ensure you’ve pulled down the latest changes, clear local storage, and recreate the views.