Should Lox credentials be locked when they might be updated?

Currently the Lox module has some methods that read the current Lox.#credentials and then after some async time write to Lox.#credentials. In principle, we could run simultaneously:

1. #blockageMigration.
2. #attemptUpgrade.
3. generateInvite.

So in principle, the credentials from one operation might overwrite the credentials from another. And it is not clear which credentials should be kept.

@cohosh or @onyinyang what actually happens at the Lox authority level? How does it handle simultaneous requests? How are clients expected to interact with it to update their credentials? Is there a way to tell which credentials are the newest ones, and therefore the ones we should keep?

Otherwise, do we just need to "lock" the credentials in the module whilst any of these operations are ongoing?