Assign tokens into a database so they can be revoked on hacked account

Currently we are using stateless JWTs and JWT Refresh tokens.

The way they are currently planned to be revoked is by sending a response to the client saying "Delete tokens" and the web client will delete it from the cookies/state

Should we instead be saving tokens to a database this way we can just revoke them by deleting the records of the tokens?