diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index 882d357c..5e698b9a 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -8118,8 +8118,8 @@ $\MerkleCRH{Sapling} \typecolon \MerkleLayer{Sapling} \times \MerkleHash{Sapling
 \rightarrow \MerkleHash{Sapling}$ is defined as follows:
 
 \begin{formulae}
-  \item $\MerkleCRH{Sapling}(\layerInput, \leftRepr, \rightRepr) := \PedersenHash(\ascii{Zcash\_PH},
-           l \bconcat \leftRepr \bconcat \rightRepr)$
+  \item $\MerkleCRH{Sapling}(\layerInput, \leftRepr, \rightRepr) :=
+           \PedersenHash(\ascii{Zcash\_PH},\, \layerRepr \bconcat \leftRepr \bconcat \rightRepr)$
   \item where $\layerRepr = \ItoLEBSP{6}\big(\MerkleDepth{Sapling} - 1 - \layerInput\big)$.
 \end{formulae}
 
@@ -8127,7 +8127,7 @@ $\MerkleCRH{Sapling} \typecolon \MerkleLayer{Sapling} \times \MerkleHash{Sapling
 \securityrequirement{$\PedersenHash$ must be \collisionResistant\!.}
 
 \vspace{1ex}
-\pnote{The prefix $l$ provides domain separation between inputs at different layers of the
+\pnote{The prefix $\layerRepr$ provides domain separation between inputs at different layers of the
 \noteCommitmentTree. $\NoteCommitAlg{Sapling}$, like $\PedersenHash$, is defined in terms of $\PedersenHashToPoint$,
 but using a prefix that cannot collide with a layer prefix, as noted in \crossref{concretewindowedcommit}.}
 } %sapling
@@ -14454,7 +14454,9 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
           length of the input to $\SinsemillaHash$ is $10 + 2 \mult \MerkleHashLength{Orchard}$
           bits, not $6 + 2 \mult \MerkleHashLength{Orchard}$ bits.
 } % nufive
-    \item No changes before \NUFive.
+\sapling{
+    \item Correct $l$ to $\layerRepr$ in two places in \crossref{saplingmerklecrh}.
+} %sapling
 \end{itemize}