SIG_ALL for multi-party transactions #319
Description
The SIG_ALL flag requires transactions to be signed over both the input proofs and the output blinded messages.
This presents a problem for multi-party SIG_ALL transactions, where parties are in separate locations, as they must each sign the "first input proof" using the transaction's aggregated "message to sign".
Passing around inputs and outputs so parties can construct the message to sign is problematic and potentially leaches privacy, because the blinding factors must also be sent if other parties are to read them, otherwise they are "signing blind".
In practical terms, only the agreed receiver (or trusted co-ordinator) needs the underlying unblinded messages. So it is simpler if they create, store and craft the message to sign, then pass that around for signing.