I think it would be best to return an error, instead of panic, when ttl + timestamp would overflow. Otherwise, someone might construct tokens with the timestamp maximum value to have the validating side panic on each parsing (if validating side sets non-zero ttl).