From ed20d539b24d2e44466e4a8565c9260048064c75 Mon Sep 17 00:00:00 2001
From: Daira Hopwood <daira@jacaranda.org>
Date: Tue, 13 Jul 2021 11:49:36 +0100
Subject: [PATCH] [book] merkle-crh.md: corrections.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
---
 book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md b/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md
index 7b0d7b0c..303d12ff 100644
--- a/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md
+++ b/book/src/design/circuit/gadgets/sinsemilla/merkle-crh.md
@@ -28,12 +28,12 @@ $a,b,c$ are constrained by the $\textsf{SinsemillaHash}$ to be $250$ bits, $20$
 
 In a custom gate, we check this message decomposition by enforcing the following constraints:
 
-1. $a_0 = l_{\star}$
+1. $a_0 = l$
 <br>
 $z_{1,a}$, the index-1 running sum output of $\textsf{SinsemillaHash}(a)$, is copied into the gate. $z_{1,a}$ has been constrained by the $\textsf{SinsemillaHash}$ to be $240$ bits. We recover the subpieces $a_0, a_1$ using $a, z_{1,a}$:
 $$
 \begin{aligned}
-z_{1,a} &= \frac{a - a_{0..=10}}{2^{10}}\\
+z_{1,a} &= \frac{a - a_0}{2^{10}}\\
         &= a_1 \\
         \implies a_0 &= a - (z_{1,a} \cdot 2^{10}).
 \end{aligned}