In a group signature scheme based on Pointcheval-Sanders (PS) single-message signature, the anonymous credential $(\sigma_1,\sigma_2)$ issued by the group manager (GM) with secret key $sk = (x,y) \in \mathbb{Z}_p^2$ and public key $pk = (\tilde X,\tilde Y) \leftarrow (\tilde g^x,\tilde g ^y )$ to a user $\mathcal{U}_i$ with a single secret key $sk_i \in \mathbb{Z}_p $ is computed as $(\sigma_1,\sigma_2) \leftarrow (g^\mu,(g^x.\tau^y)^\mu)$, where $\tau = g^{sk_i}$ is the commitment and $\mu \in \mathbb{Z}_p$.
Similarly, we could construct a group signature scheme based on PS multi-message signature. In this case, the anonymous credential $(\sigma_1,\sigma_2)$ issued by the GM with secret key $sk = (x,y_1,...,y_n) \in \mathbb{Z}_p^{n+1}$ and public key $pk = (\tilde X,\tilde Y_1,...,\tilde Y_n) \leftarrow (\tilde g^x,\tilde g ^{y_1},...,\tilde g^{y_n} )$ to a user $\mathcal{U}_i$ with multiple secret keys $sk_1,...,sk_n \in \mathbb{Z}_p^n $ is computed as $(\sigma_1,\sigma_2) \leftarrow (g^\mu,(g^x\cdot\tau_1^{y_1}\cdot...\cdot\tau_n^{y_n})^\mu)$, where $\tau_i = g^{sk_i}$ is the commitment of $sk_i$ and $\mu \in \mathbb{Z}_p$.
I would like to construct a new group signature scheme in which the system users prove the possession of an anonymous credential valid under a publicly known message $m$ plus their respective secret keys. It appears that I could use the PS multi-message setting to acheive my objective. While issuing the credential for a user, GM would simply compute $(\sigma_1,\sigma_2) \leftarrow (g^\mu,(g^x\cdot\tau_1^{y_1}\cdot...\cdot\tau_{n-1}^{y_{n-1}}\cdot g^{my_n})^\mu)$.
Would such a scheme adhere to the security notions of anonymity, traceability and non-frameability?
