Some initial thoughts/questions:
a) what do you mean by "unaddressed issues - transaction timeout control"?
b) since this is distributed transactions (context propagation, commit protocol termination etc.) have you considered the scope of the testing that needs to be done in order to ensure this works in *all* cases?
c) "any prepared but incomplete transactions have to be recovered manually"?
d) in case 2, where the client is within the same container as a tm instance, which tm is it trying to control/invoke? The remote one (in the other container instance) or the local one? Because we seem to have gone from controlling transactions (begin, commit, rollback) in the first scenario, to really doing distributed transactions in the second scenario. As you can imagine, these are very different situations.
e) what about interoposition, particularly in the case where A calls B calls C calls D, and maybe even D calls A?