diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index 56e46d82..17186e9f 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -6053,6 +6053,15 @@ to use the \sighashAlgorithm defined in \cite{ZIP-243}. After \NUFive activation
 \transaction versions use the \NUFive \consensusBranchID \hexint{F919A198} as defined in
 \cite{ZIP-252}.}
 
+\nufive{
+\consensusrule{
+\nufiveonward{Any \sighashType encoding used in a version 5 \transaction \MUST be the
+canonical encoding of one of the defined \sighashTypes, i.e.\ one of \hexint{01},
+\hexint{02}, \hexint{03}, \hexint{81}, \hexint{82}, or \hexint{83}. (Previously,
+undefined bits of a \sighashType encoding were ignored.)}
+} %consensusrule
+} %nufive
+
 
 \lsubsection{Non-malleability (\SproutText)}{sproutnonmalleability}
 
@@ -14545,6 +14554,10 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
 
 \historyentry{2022.2.19}{}
 \begin{itemize}
+\nufive{
+    \item In \crossref{sighash}, add a consensus rule that \sighashType encodings \MUST
+          be canonical for v5 \transactions.
+} %nufive
     \item In \crossref{joinsplit}, clarify that balance for \joinSplitTransfers is enforced
           by the \joinSplitStatement, and that there is no consensus rule to check it directly.
     \item In \crossref{internalh}, add a security argument for why the \shaHash-based