diff --git a/zip-0032.rst b/zip-0032.rst
index 4f037630..8aef6aec 100644
--- a/zip-0032.rst
+++ b/zip-0032.rst
@@ -73,7 +73,8 @@ Most of the notation and functions used in this ZIP are defined in the Sapling p
 
 - PRF\ :sup:`expand`\ (*sk*, *t*) := BLAKE2b-512("Zcash_ExpandSeed", *sk* || *t*)
 
-- ToScalar(*x*) := LEOS2IP\ :sub:`512`\ (*x*) (mod *r*\ :sub:`J`\ )
+- ToScalar(*x*) := LEOS2IP\ :sub:`512`\ (*x*) (mod *r*\ :sub:`J`\ ), where *r*\ :sub:`J`\ is the order
+  of the Jubjub large prime subgroup.
 
 The following algorithm standardized in [#NIST-SP-800-38G]_ is used: