Added witness.mts for flexibility

Author: robwoodgate

11.md

@@ -63,13 +63,18 @@ Signatures are stored in `P2PKWitness` objects and are provided in either each `
 {
   "signatures": <Array[<hex_str>]>,
   "digest": <str> // Optional.
+  "mts": <str>, // Optional.
 }
 ```
 
 The `signatures` are an array of signatures in hex and correspond to the signatures by one or more signing public keys.
 
 To facilitate the signing of multi-party `SIG_ALL` transactions, the SHA256 digest of the message to be signed can be stored in the optional `P2PKWitness.digest` of the `Proof` to be signed. Wallets SHOULD sign a `SIG_ALL` proof over this digest, if present, and ignore it entirely for `SIG_INPUTS` proofs.
 
+In cases where `SIG_ALL` signers require detailed information about the inputs and outputs (eg: where there are multiple receivers), the plain text _message to sign_ can be stored in the `P2PKWitness.mts` of the `Proof` to be signed. Wallets **MUST** sign a `SIG_ALL` proof over the SHA256 of this message. if present, and ignore it entirely for `SIG_INPUTS` proofs.
+
+If both `digest` and `mts` are included, a wallet SHOULD use the `mts` and IGNORE the `digest`, or MUST validate the `digest` matches the `SHA256(mts)` before using it.
+
 ## Tags
 
 More complex spending conditions can be defined in the tags in `Secret.tags`. All tags are optional. Tags are arrays with two or more strings being `["key", "value1", "value2", ...]`. We denote a specific tag in a proof by its `key`.