Chaum blind-signed tokens are vulnerable to double-spends. As far as I understand it, this is unfixable without appealing to the issuer and keeping revocations lists.
Um, what? The basic system obviously isn't vulnerable to double spends. Are you perhaps talking about why the construction is unsuitable for offline use or for grafting onto a blockchain?