From 60db5fe85dfb87fecf3d66c15df813453ca41ff2 Mon Sep 17 00:00:00 2001
From: Daira Hopwood <daira@jacaranda.org>
Date: Wed, 29 Jul 2020 19:33:49 +0100
Subject: [PATCH] ZIP 32: fixes https://github.com/zcash/zcash/issues/4641

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
---
 zip-0032.html | 6 +++++-
 zip-0032.rst  | 5 ++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/zip-0032.html b/zip-0032.html
index 4eefe83f..02bde6c1 100644
--- a/zip-0032.html
+++ b/zip-0032.html
@@ -624,11 +624,15 @@ License: MIT</pre>
                  of a hierarchical deterministic wallet is given by:</p>
                 <ul>
                     <li>
-                        <span class="math">\(\mathsf{BLAKE2b}\text{-}\mathsf{256}(\texttt{“Zcash_HD_Seed_FP”}, S)\)</span>
+                        <span class="math">\(\mathsf{BLAKE2b}\text{-}\mathsf{256}(\texttt{“Zcash_HD_Seed_FP”},\)</span>
+                        <span class="math">\([\texttt{0x20}]\,||\,S)\)</span>
                     .</li>
                 </ul>
                 <p>It MAY be used to uniquely identify a particular hierarchical deterministic wallet.</p>
                 <p>No corresponding short tag is defined.</p>
+                <p>Note: a previous version of this specification did not have the
+                    <span class="math">\(\texttt{0x20}\)</span>
+                 byte prefixing the seed. The current specification reflects the implementation in <cite>zcashd</cite>.</p>
             </section>
         </section>
         <section id="specification-key-encodings"><h2><span class="section-heading">Specification: Key Encodings</span><span class="section-anchor"> <a rel="bookmark" href="#specification-key-encodings"><img width="24" height="24" src="assets/images/section-anchor.png" alt=""></a></span></h2>
diff --git a/zip-0032.rst b/zip-0032.rst
index 0ad8ebdb..de9ab242 100644
--- a/zip-0032.rst
+++ b/zip-0032.rst
@@ -410,12 +410,15 @@ Seed Fingerprints
 
 A "seed fingerprint" for the master seed :math:`S` of a hierarchical deterministic wallet is given by:
 
-* :math:`\mathsf{BLAKE2b}\text{-}\mathsf{256}(\texttt{“Zcash_HD_Seed_FP”}, S)`.
+* :math:`\mathsf{BLAKE2b}\text{-}\mathsf{256}(\texttt{“Zcash_HD_Seed_FP”},`:math:`[\texttt{0x20}]\,||\,S)`.
 
 It MAY be used to uniquely identify a particular hierarchical deterministic wallet.
 
 No corresponding short tag is defined.
 
+Note: a previous version of this specification did not have the :math:`\texttt{0x20}` byte prefixing the seed.
+The current specification reflects the implementation in `zcashd`.
+
 
 Specification: Key Encodings
 ============================