Note that signatures do not constitute zero knowledge proofs, however, because I can transmit your signature to a third party and convince them of the same thing you convinced me of, namely the authenticity (or whatever) of a particular document. Of course, larger protocols built around signatures don't suffer, because at worst you just need to make sure you sign a sufficient collection of data (to avoid interpretation as a different message given a different context)... but it's not zero-knowledge.
> It is also a zkp in case of a scheme with a challenge nonce
This is my point - it is not zk because as verifier you can show the transcript to a 3rd party and convince them that the thing to be proved is true, even if the thing to be proved can't let you successfully impersonate the prover thanks to a nonce. In a zkp scheme, the transcript proves nothing - it's as if you took the signing scheme transcript and made it so you couldn't determine which pubkey was being signed for: the 3rd party would have no reason to believe you hadn't faked the transcript.
In short, zkp transcripts must be fakeable, as counterintuitive as that sounds.
