Comment by pastel8739

I’m not sure that requirement is violated here; the interactive nature of a challenge-response protocol is required to prove that someone knows the private key. Without an interactive process, the prover could have just found the signatures lying around somewhere and reused them without knowing the private key at all. This means that the verifier would not be able to prove anything beyond “the private key X signed these messages”.