diff --git a/zk-token-sdk/src/encryption/elgamal.rs b/zk-token-sdk/src/encryption/elgamal.rs
index c2dfafda6..3e474bdd7 100644
--- a/zk-token-sdk/src/encryption/elgamal.rs
+++ b/zk-token-sdk/src/encryption/elgamal.rs
@@ -23,7 +23,7 @@ pub struct ElGamal;
 impl ElGamal {
     /// Generates the public and secret keys for ElGamal encryption.
     #[cfg(not(target_arch = "bpf"))]
-    pub fn keygen() -> (ElGamalPubkey, ElGamalSK) {
+    pub fn keygen() -> (ElGamalPubkey, ElGamalSecretKey) {
         ElGamal::keygen_with(&mut OsRng) // using OsRng for now
     }
 
@@ -31,7 +31,7 @@ impl ElGamal {
     /// secret keys for ElGamal encryption.
     #[cfg(not(target_arch = "bpf"))]
     #[allow(non_snake_case)]
-    pub fn keygen_with<T: RngCore + CryptoRng>(rng: &mut T) -> (ElGamalPubkey, ElGamalSK) {
+    pub fn keygen_with<T: RngCore + CryptoRng>(rng: &mut T) -> (ElGamalPubkey, ElGamalSecretKey) {
         // sample a non-zero scalar
         let mut s: Scalar;
         loop {
@@ -45,7 +45,7 @@ impl ElGamal {
         let H = PedersenBase::default().H;
         let P = s.invert() * H;
 
-        (ElGamalPubkey(P), ElGamalSK(s))
+        (ElGamalPubkey(P), ElGamalSecretKey(s))
     }
 
     /// On input a public key and a message to be encrypted, the function
@@ -82,8 +82,8 @@ impl ElGamal {
     ///
     /// The output of the function is of type `DiscreteLog`. The exact message
     /// can be recovered via the DiscreteLog's decode method.
-    pub fn decrypt(sk: &ElGamalSK, ct: &ElGamalCiphertext) -> DiscreteLog {
-        let ElGamalSK(s) = sk;
+    pub fn decrypt(sk: &ElGamalSecretKey, ct: &ElGamalCiphertext) -> DiscreteLog {
+        let ElGamalSecretKey(s) = sk;
         let ElGamalCiphertext {
             message_comm,
             decrypt_handle,
@@ -97,7 +97,7 @@ impl ElGamal {
 
     /// On input a secret key and a ciphertext, the function decrypts the
     /// ciphertext for a u32 value.
-    pub fn decrypt_u32(sk: &ElGamalSK, ct: &ElGamalCiphertext) -> Option<u32> {
+    pub fn decrypt_u32(sk: &ElGamalSecretKey, ct: &ElGamalCiphertext) -> Option<u32> {
         let discrete_log_instance = ElGamal::decrypt(sk, ct);
         discrete_log_instance.decode_u32()
     }
@@ -105,7 +105,7 @@ impl ElGamal {
     /// On input a secret key, ciphertext, and hashmap, the function decrypts the
     /// ciphertext for a u32 value.
     pub fn decrypt_u32_online(
-        sk: &ElGamalSK,
+        sk: &ElGamalSecretKey,
         ct: &ElGamalCiphertext,
         hashmap: &HashMap<[u8; 32], u32>,
     ) -> Option<u32> {
@@ -160,8 +160,8 @@ impl From<RistrettoPoint> for ElGamalPubkey {
 /// Secret key for the ElGamal encryption scheme.
 #[derive(Serialize, Deserialize, Debug, Zeroize)]
 #[zeroize(drop)]
-pub struct ElGamalSK(Scalar);
-impl ElGamalSK {
+pub struct ElGamalSecretKey(Scalar);
+impl ElGamalSecretKey {
     pub fn get_scalar(&self) -> Scalar {
         self.0
     }
@@ -189,27 +189,27 @@ impl ElGamalSK {
         self.0.to_bytes()
     }
 
-    pub fn from_bytes(bytes: &[u8]) -> Option<ElGamalSK> {
+    pub fn from_bytes(bytes: &[u8]) -> Option<ElGamalSecretKey> {
         match bytes.try_into() {
-            Ok(bytes) => Scalar::from_canonical_bytes(bytes).map(ElGamalSK),
+            Ok(bytes) => Scalar::from_canonical_bytes(bytes).map(ElGamalSecretKey),
             _ => None,
         }
     }
 }
 
-impl From<Scalar> for ElGamalSK {
-    fn from(scalar: Scalar) -> ElGamalSK {
-        ElGamalSK(scalar)
+impl From<Scalar> for ElGamalSecretKey {
+    fn from(scalar: Scalar) -> ElGamalSecretKey {
+        ElGamalSecretKey(scalar)
     }
 }
 
-impl Eq for ElGamalSK {}
-impl PartialEq for ElGamalSK {
+impl Eq for ElGamalSecretKey {}
+impl PartialEq for ElGamalSecretKey {
     fn eq(&self, other: &Self) -> bool {
         self.ct_eq(other).unwrap_u8() == 1u8
     }
 }
-impl ConstantTimeEq for ElGamalSK {
+impl ConstantTimeEq for ElGamalSecretKey {
     fn ct_eq(&self, other: &Self) -> Choice {
         self.0.ct_eq(&other.0)
     }
@@ -262,19 +262,19 @@ impl ElGamalCiphertext {
     }
 
     /// Utility method for code ergonomics.
-    pub fn decrypt(&self, sk: &ElGamalSK) -> DiscreteLog {
+    pub fn decrypt(&self, sk: &ElGamalSecretKey) -> DiscreteLog {
         ElGamal::decrypt(sk, self)
     }
 
     /// Utility method for code ergonomics.
-    pub fn decrypt_u32(&self, sk: &ElGamalSK) -> Option<u32> {
+    pub fn decrypt_u32(&self, sk: &ElGamalSecretKey) -> Option<u32> {
         ElGamal::decrypt_u32(sk, self)
     }
 
     /// Utility method for code ergonomics.
     pub fn decrypt_u32_online(
         &self,
-        sk: &ElGamalSK,
+        sk: &ElGamalSecretKey,
         hashmap: &HashMap<[u8; 32], u32>,
     ) -> Option<u32> {
         ElGamal::decrypt_u32_online(sk, self, hashmap)
@@ -507,7 +507,7 @@ mod tests {
         let (_, sk) = ElGamal::keygen();
 
         let encoded = bincode::serialize(&sk).unwrap();
-        let decoded: ElGamalSK = bincode::deserialize(&encoded).unwrap();
+        let decoded: ElGamalSecretKey = bincode::deserialize(&encoded).unwrap();
 
         assert_eq!(sk, decoded);
     }
diff --git a/zk-token-sdk/src/instruction/close_account.rs b/zk-token-sdk/src/instruction/close_account.rs
index 01d47ba0e..7f36819c7 100644
--- a/zk-token-sdk/src/instruction/close_account.rs
+++ b/zk-token-sdk/src/instruction/close_account.rs
@@ -5,7 +5,7 @@ use {
 #[cfg(not(target_arch = "bpf"))]
 use {
     crate::{
-        encryption::elgamal::{ElGamalCiphertext, ElGamalSK},
+        encryption::elgamal::{ElGamalCiphertext, ElGamalSecretKey},
         errors::ProofError,
         instruction::Verifiable,
         transcript::TranscriptProtocol,
@@ -39,7 +39,7 @@ pub struct CloseAccountData {
 
 #[cfg(not(target_arch = "bpf"))]
 impl CloseAccountData {
-    pub fn new(source_sk: &ElGamalSK, balance: ElGamalCiphertext) -> Self {
+    pub fn new(source_sk: &ElGamalSecretKey, balance: ElGamalCiphertext) -> Self {
         let proof = CloseAccountProof::new(source_sk, &balance);
 
         CloseAccountData {
@@ -74,7 +74,7 @@ impl CloseAccountProof {
         Transcript::new(b"CloseAccountProof")
     }
 
-    pub fn new(source_sk: &ElGamalSK, balance: &ElGamalCiphertext) -> Self {
+    pub fn new(source_sk: &ElGamalSecretKey, balance: &ElGamalCiphertext) -> Self {
         let mut transcript = Self::transcript_new();
 
         // add a domain separator to record the start of the protocol
diff --git a/zk-token-sdk/src/instruction/transfer.rs b/zk-token-sdk/src/instruction/transfer.rs
index 9f38832bd..72949511d 100644
--- a/zk-token-sdk/src/instruction/transfer.rs
+++ b/zk-token-sdk/src/instruction/transfer.rs
@@ -6,7 +6,7 @@ use {
 use {
     crate::{
         encryption::{
-            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSK},
+            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSecretKey},
             pedersen::{Pedersen, PedersenBase, PedersenComm, PedersenDecHandle, PedersenOpen},
         },
         errors::ProofError,
@@ -38,7 +38,7 @@ impl TransferData {
         spendable_balance: u64,
         spendable_ct: ElGamalCiphertext,
         source_pk: ElGamalPubkey,
-        source_sk: &ElGamalSK,
+        source_sk: &ElGamalSecretKey,
         dest_pk: ElGamalPubkey,
         auditor_pk: ElGamalPubkey,
     ) -> Self {
@@ -234,7 +234,7 @@ impl TransferProofs {
     #[allow(clippy::too_many_arguments)]
     #[allow(clippy::many_single_char_names)]
     pub fn new(
-        source_sk: &ElGamalSK,
+        source_sk: &ElGamalSecretKey,
         source_pk: &ElGamalPubkey,
         dest_pk: &ElGamalPubkey,
         auditor_pk: &ElGamalPubkey,
diff --git a/zk-token-sdk/src/instruction/update_account_pk.rs b/zk-token-sdk/src/instruction/update_account_pk.rs
index 6b5e5b7e1..e7bd022fa 100644
--- a/zk-token-sdk/src/instruction/update_account_pk.rs
+++ b/zk-token-sdk/src/instruction/update_account_pk.rs
@@ -6,7 +6,7 @@ use {
 use {
     crate::{
         encryption::{
-            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSK},
+            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSecretKey},
             pedersen::PedersenBase,
         },
         errors::ProofError,
@@ -55,9 +55,9 @@ impl UpdateAccountPkData {
         current_balance: u64,
         current_ct: ElGamalCiphertext,
         current_pk: ElGamalPubkey,
-        current_sk: &ElGamalSK,
+        current_sk: &ElGamalSecretKey,
         new_pk: ElGamalPubkey,
-        new_sk: &ElGamalSK,
+        new_sk: &ElGamalSecretKey,
     ) -> Self {
         let new_ct = new_pk.encrypt(current_balance);
 
@@ -105,8 +105,8 @@ impl UpdateAccountPkProof {
 
     fn new(
         current_balance: u64,
-        current_sk: &ElGamalSK,
-        new_sk: &ElGamalSK,
+        current_sk: &ElGamalSecretKey,
+        new_sk: &ElGamalSecretKey,
         current_ct: &ElGamalCiphertext,
         new_ct: &ElGamalCiphertext,
     ) -> Self {
diff --git a/zk-token-sdk/src/instruction/withdraw.rs b/zk-token-sdk/src/instruction/withdraw.rs
index b5cf979cf..9f16d076d 100644
--- a/zk-token-sdk/src/instruction/withdraw.rs
+++ b/zk-token-sdk/src/instruction/withdraw.rs
@@ -6,7 +6,7 @@ use {
 use {
     crate::{
         encryption::{
-            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSK},
+            elgamal::{ElGamalCiphertext, ElGamalPubkey, ElGamalSecretKey},
             pedersen::{PedersenBase, PedersenOpen},
         },
         errors::ProofError,
@@ -43,7 +43,7 @@ impl WithdrawData {
     pub fn new(
         amount: u64,
         source_pk: ElGamalPubkey,
-        source_sk: &ElGamalSK,
+        source_sk: &ElGamalSecretKey,
         current_balance: u64,
         current_balance_ct: ElGamalCiphertext,
     ) -> Self {
@@ -96,7 +96,7 @@ impl WithdrawProof {
     }
 
     pub fn new(
-        source_sk: &ElGamalSK,
+        source_sk: &ElGamalSecretKey,
         final_balance: u64,
         final_balance_ct: &ElGamalCiphertext,
     ) -> Self {