From ffa033d9785bbcd36d39bbae333378212b553482 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sat, 9 Aug 2025 00:02:16 -0400
Subject: [PATCH] Clarify transcripting for Clsag::verify, Mlsag::verify, as
 with Clsag::sign

---
 networks/monero/ringct/clsag/src/lib.rs | 4 ++++
 networks/monero/ringct/mlsag/src/lib.rs | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/networks/monero/ringct/clsag/src/lib.rs b/networks/monero/ringct/clsag/src/lib.rs
index d312698c..eb2f81b7 100644
--- a/networks/monero/ringct/clsag/src/lib.rs
+++ b/networks/monero/ringct/clsag/src/lib.rs
@@ -377,6 +377,10 @@ impl Clsag {
   }
 
   /// Verify a CLSAG signature for the provided context.
+  ///
+  /// WARNING: This follows the Fiat-Shamir transcript format used by the Monero protocol, which
+  /// makes assumptions on what has already been transcripted and bound to within `msg_hash`. Do
+  /// not use this if you don't know what you're doing.
   pub fn verify(
     &self,
     ring: &[[EdwardsPoint; 2]],
diff --git a/networks/monero/ringct/mlsag/src/lib.rs b/networks/monero/ringct/mlsag/src/lib.rs
index f5164b88..ac2e482f 100644
--- a/networks/monero/ringct/mlsag/src/lib.rs
+++ b/networks/monero/ringct/mlsag/src/lib.rs
@@ -122,6 +122,10 @@ impl Mlsag {
   }
 
   /// Verify a MLSAG.
+  ///
+  /// WARNING: This follows the Fiat-Shamir transcript format used by the Monero protocol, which
+  /// makes assumptions on what has already been transcripted and bound to within `msg`. Do not use
+  /// this if you don't know what you're doing.
   pub fn verify(
     &self,
     msg: &[u8; 32],