Because it's non-interactive, this construction can produce multisig signatures offline.   Each device produces a signature using it's own k-share and x-share.   It's only necessary to interpolate M of n shares.

There are no round trips.

The security is Shamir + discrete log.  

it's just something I've been tinkering with and I can't see an obvious problem.  

It's basically the same as schnorr, but you use a threshold hash to fix the need to be online.

Just seems more useful to me.