From da7358a48c3b957b085b6d6e113977e37cbe5639 Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@electriccoin.co>
Date: Thu, 23 Jun 2022 22:33:10 +0000
Subject: [PATCH 1/3] Fix incorrect namespaces in circuit debug code

Closes zcash/orchard#329.
---
 src/circuit.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/circuit.rs b/src/circuit.rs
index f40a34a0..b61ccb29 100644
--- a/src/circuit.rs
+++ b/src/circuit.rs
@@ -507,7 +507,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
                 let ak = ak_P.extract_p().inner().clone();
                 let rivk = ScalarFixed::new(
                     ecc_chip.clone(),
-                    layouter.namespace(|| "rcv"),
+                    layouter.namespace(|| "rivk"),
                     self.rivk.map(|rivk| rivk.inner()),
                 )?;
 
@@ -609,7 +609,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
 
             let rcm_new = ScalarFixed::new(
                 ecc_chip,
-                layouter.namespace(|| "rcm_old"),
+                layouter.namespace(|| "rcm_new"),
                 self.rcm_new.as_ref().map(|rcm_new| rcm_new.inner()),
             )?;
 

From 1a1c3c30b0ad55eb2bee6e3c32aba3d5e7ef3960 Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@electriccoin.co>
Date: Thu, 23 Jun 2022 22:46:45 +0000
Subject: [PATCH 2/3] book: Finish incomplete sentence on nullifier page

Closes zcash/orchard#195.
---
 book/src/design/nullifiers.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/book/src/design/nullifiers.md b/book/src/design/nullifiers.md
index f84a5145..f9a11bad 100644
--- a/book/src/design/nullifiers.md
+++ b/book/src/design/nullifiers.md
@@ -246,7 +246,8 @@ The $\mathit{Commit}^{\mathsf{nf}}$ variants were considered to avoid directly d
 $\mathsf{cm}$ (which in its native type is a base field element, not a group element). We
 decided instead to follow Sapling by defining an intermediate representation of
 $\mathsf{cm}$ as a group element, that is only used in nullifier computation. The circuit
-already needs to compute $\mathsf{cm}$, so this improves performance by removing
+already needs to compute $\mathsf{cm}$, so this improves performance by removing an
+additional commitment calculation from the circuit.
 
 We also considered variants that used a choice of fixed bases $\mathcal{G_v}$ to provide
 domain separation for zero-valued notes. The most performant design (similar to the chosen

From e76a91adff185d495ddcf4ad34ab2318901835db Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@electriccoin.co>
Date: Thu, 23 Jun 2022 22:51:05 +0000
Subject: [PATCH 3/3] Document how to obtain inputs for `Builder::add_spend`

Closes zcash/orchard#244.
---
 src/builder.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/builder.rs b/src/builder.rs
index 8ccc6274..fd1e9fd5 100644
--- a/src/builder.rs
+++ b/src/builder.rs
@@ -236,8 +236,16 @@ impl Builder {
 
     /// Adds a note to be spent in this transaction.
     ///
+    /// - `note` is a spendable note, obtained by trial-decrypting an [`Action`] using the
+    ///   [`zcash_note_encryption`] crate instantiated with [`OrchardDomain`].
+    /// - `merkle_path` can be obtained using the [`incrementalmerkletree`] crate
+    ///   instantiated with [`MerkleHashOrchard`].
+    ///
     /// Returns an error if the given Merkle path does not have the required anchor for
     /// the given note.
+    ///
+    /// [`OrchardDomain`]: crate::note_encryption::OrchardDomain
+    /// [`MerkleHashOrchard`]: crate::tree::MerkleHashOrchard
     pub fn add_spend(
         &mut self,
         fvk: FullViewingKey,