diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index 3d5a5a14..2b29bc7c 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -2159,10 +2159,10 @@ It is used in \crossref{spendstatement}.}
 \begin{securityrequirements}
   \item Security definitions for \pseudoRandomFunctions are given in \cite[section 4]{BDJR2000}.
   \item In addition to being \pseudoRandomFunctions, it is required that
-        $\PRFnf{x}$\changed{, $\PRFaddr{x}$, and $\PRFrho{x}$} be collision-resistant
-        across all $x$ --- i.e.\ it should not be feasible to find $(x, y) \neq (x', y')$
-        such that $\PRFnf{x}(y) = \PRFnf{x'}(y')$\changed{, and similarly for $\PRFaddr{}$
-        and $\PRFrho{}$}.
+        $\PRFnf{x}$,\changed{ $\PRFaddr{x}$, \sprout{and} $\PRFrho{x}$}\sapling{, and $\PRFnr{x}$}
+        be collision-resistant across all $x$ --- i.e.\ finding $(x, y) \neq (x', y')$
+        such that $\PRFnf{x}(y) = \PRFnf{x'}(y')$ should not be feasible\changed{, and
+        similarly for $\PRFaddr{}$ and $\PRFrho{}$\sapling{ and $\PRFnr{}$}}.
 \end{securityrequirements}
 
 \pnote{$\PRFnf{}$ was called $\PRFsn{}$ in \Zerocash \cite{BCG+2014}.}