diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index f6e15e3a..170895ee 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -567,6 +567,9 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\windowedPedersenCommitment}{\term{windowed Pedersen commitment}}
 \newcommand{\windowedPedersenCommitments}{\term{windowed Pedersen commitments}}
 \newcommand{\WindowedPedersenCommitment}{\titleterm{Windowed Pedersen Commitment}}
+\newcommand{\homomorphicPedersenCommitment}{\term{homomorphic Pedersen commitment}}
+\newcommand{\homomorphicPedersenCommitments}{\term{homomorphic Pedersen commitments}}
+\newcommand{\HomomorphicPedersenCommitment}{\titleterm{Homomorphic Pedersen Commitment}}
 \newcommand{\distinctXCriterion}{\term{distinct-$x$ criterion}}
 
 % Conventions
@@ -729,8 +732,6 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\AuthProvePrivate}{\mathsf{rsk}}
 \newcommand{\AuthProveBase}{\mathcal{H}}
 \newcommand{\AuthProvePublic}{\mathsf{rk}}
-\newcommand{\ValueCommitBase}{\mathcal{V}}
-\newcommand{\TrapdoorBase}{\mathcal{R}}
 \newcommand{\NotePosition}{\mathsf{pos}}
 \newcommand{\NotePositionBase}{\mathcal{J}}
 \newcommand{\NullifierRand}{\mathsf{nr}}
@@ -1253,8 +1254,8 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
 \newcommand{\MixingPedersenHash}{\mathsf{MixingPedersenHash}}
 \newcommand{\WindowedPedersenCommitAlg}{\mathsf{WindowedPedersenCommit}}
 \newcommand{\WindowedPedersenCommit}[1]{\WindowedPedersenCommitAlg_{#1}}
-\newcommand{\RawPedersenCommitAlg}{\mathsf{RawPedersenCommit}}
-\newcommand{\RawPedersenCommit}[1]{\RawPedersenCommitAlg_{#1}}
+\newcommand{\HomomorphicPedersenCommitAlg}{\mathsf{HomomorphicPedersenCommit}}
+\newcommand{\HomomorphicPedersenCommit}[1]{\HomomorphicPedersenCommitAlg_{#1}}
 \newcommand{\Digits}{\mathsf{Digits}}
 \newcommand{\PedersenRangeOffset}{\Delta}
 \newcommand{\Mask}{\mathsf{Mask}}
@@ -4637,35 +4638,35 @@ instantiated using $\WindowedPedersenCommitAlg$ as follows:
 
 
 \sapling{
-\nsubsubsubsection{Raw Pedersen commitments} \label{concreterawcommit}
+\nsubsubsubsection{Homomorphic Pedersen commitments} \label{concretehomomorphiccommit}
 
 The windowed Pedersen commitments defined in the preceding section are
 highly efficient, but they do not support the homomorphic property we
 need when instantiating $\ValueCommit{}$ (see \crossref{spendsandoutputs}
 and \crossref{saplingbalance}).
 
-In order to support this property, we also define \quotedterm{raw}
+In order to support this property, we also define \quotedterm{homomorphic}
 \xPedersenCommitments as follows:
 
 \begin{formulae}
-  \item $\RawPedersenCommit{\ValueCommitRand}(D, \Value) :=
-          \scalarmult{\Value}{\ValueCommitBase} + \scalarmult{\ValueCommitRand}{\FindGroupJHashOf{D, \ascii{}}}$
+  \item $\HomomorphicPedersenCommit{\ValueCommitRand}(D, \Value) :=
+          \scalarmult{\Value}{\FindGroupJHashOf{D}, \ascii{v}} + \scalarmult{\ValueCommitRand}{\FindGroupJHashOf{D, \ascii{}}}$
 \end{formulae}
 
 
-See \crossref{cctrawcommit} for rationale and efficient circuit implementation
+See \crossref{ccthomomorphiccommit} for rationale and efficient circuit implementation
 of this function.
 
 The commitment scheme $\ValueCommit{}$ specified in \crossref{abstractcommit} is
-instantiated using $\RawPedersenCommit{}$ as follows:
+instantiated using $\HomomorphicPedersenCommit{}$ as follows:
 
 \begin{formulae}
   \item $\ValueCommit{\ValueCommitRand}(\Value) :=
-           \RawPedersenCommit{\ValueCommitRand}(\ascii{Zcash\_cv}, \Value)$.
+           \HomomorphicPedersenCommit{\ValueCommitRand}(\ascii{Zcash\_cv}, \Value)$.
 \end{formulae}
 
 \begin{securityrequirements}
-  \item $\RawPedersenCommitAlg$ must be a computationally binding and at least
+  \item $\HomomorphicPedersenCommitAlg$ must be a computationally binding and at least
         computationally hiding \commitmentScheme, for a given personalization input $D$.
   \item $\ValueCommitAlg$ must be a computationally binding and at least
         computationally hiding \commitmentScheme.
@@ -8431,19 +8432,20 @@ This can be implemented in:
 for a total of $... \smult \ell + 756$ constraints.
 
 
-\nsubsubsection{Raw Pedersen commitments} \label{cctrawcommit}
+\nsubsubsection{\HomomorphicPedersenCommitment} \label{ccthomomorphiccommit}
 
 The \windowedPedersenCommitments defined in the preceding section are
 highly efficient, but they do not support the homomorphic property we
-need when instantiating $\ValueCommit{}$ (see \crossref{spendsandoutputs}
-and \crossref{saplingbalance}).
+need when instantiating $\ValueCommit{}$ (see \crossref{saplingbalance}
+and \crossref{spendsandoutputs}).
 
-In order to support this property, we also define ``raw'' Pedersen commitments as
-follows:
+\introlist
+In order to support this property, we also define \homomorphicPedersenCommitments
+as follows:
 
 \begin{formulae}
-  \item $\RawPedersenCommit{\ValueCommitRand}(D, \Value) =
-          \scalarmult{\Value}{\ValueCommitBase} + \scalarmult{\ValueCommitRand}{\FindGroupJHashOf{D, ascii{}}}$
+  \item $\HomomorphicPedersenCommit{\ValueCommitRand}(D, \Value) =
+          \scalarmult{\Value}{\FindGroupJHashOf{D, \ascii{v}}} + \scalarmult{\ValueCommitRand}{\FindGroupJHashOf{D, \ascii{}}}$
 \end{formulae}
 
 In the case that we need for $\ValueCommit{}$,