diff --git a/zcash_primitives/src/keys.rs b/zcash_primitives/src/keys.rs
index 6510947e1..4268c32ea 100644
--- a/zcash_primitives/src/keys.rs
+++ b/zcash_primitives/src/keys.rs
@@ -1,4 +1,6 @@
-//! Sapling key components
+//! Sapling key components.
+//!
+//! Implements section 4.2.2 of the Zcash Protocol Specification.
 
 use blake2_rfc::blake2b::{Blake2b, Blake2bResult};
 use ff::{PrimeField, PrimeFieldRepr};
diff --git a/zcash_primitives/src/note_encryption.rs b/zcash_primitives/src/note_encryption.rs
index e876bb1b9..fe1463faa 100644
--- a/zcash_primitives/src/note_encryption.rs
+++ b/zcash_primitives/src/note_encryption.rs
@@ -297,6 +297,8 @@ impl SaplingNoteEncryption {
         let shared_secret = sapling_ka_agree(&self.esk, &self.to.pk_d);
         let key = kdf_sapling(&shared_secret, &self.epk);
 
+        // Note plaintext encoding is defined in section 5.5 of the Zcash Protocol
+        // Specification.
         let mut input = Vec::with_capacity(NOTE_PLAINTEXT_SIZE);
         input.push(1);
         input.extend_from_slice(&self.to.diversifier.0);