NUT-11: Optional P2PKWitness.digest for multi-party SIG_ALL

11.md

@@ -105,12 +105,20 @@ Signatures are stored in `P2PKWitness` objects and are provided in either each `
 
 ```json
 {
-  "signatures": <Array[<hex_str>]>
+  "signatures": <Array[<hex_str>]>,
+  "digest": <str>, // Optional.
+  "mts": <str>, // Optional.
 }
 ```
 
 The `signatures` are an array of signatures in hex and correspond to the signatures by one or more signing public keys.
 
+To facilitate the signing of multi-party `SIG_ALL` transactions, the SHA256 digest of the message to be signed can be stored in the optional `P2PKWitness.digest` of the `Proof` to be signed. Wallets SHOULD sign a `SIG_ALL` proof over this digest, if present, and ignore it entirely for `SIG_INPUTS` proofs.
+
+In cases where `SIG_ALL` signers require detailed information about the inputs and outputs (eg: where there are multiple receivers), the plain text _message to sign_ can be stored in the `P2PKWitness.mts` of the `Proof` to be signed. Wallets **MUST** sign a `SIG_ALL` proof over the SHA256 of this message. if present, and ignore it entirely for `SIG_INPUTS` proofs.
+
+If both `digest` and `mts` are included, a wallet SHOULD use the `mts` and IGNORE the `digest`, or MUST validate the `digest` matches the `SHA256(mts)` before using it.
+
 #### Signature flag `SIG_ALL`
 
 `SIG_ALL` is enforced only if the following conditions are met: