diff --git a/protocol/protocol.pdf b/protocol/protocol.pdf
index 60dbc1a..60a35d0 100644
Binary files a/protocol/protocol.pdf and b/protocol/protocol.pdf differ
diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index c46f4fa..70cdb66 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -1010,12 +1010,17 @@ blockchain.
 \changed{
 \subsection{Decryption by a Viewing Key Holder}
 
+A \viewingKey holder also acts as a recipient using its $\TransmitPrivate$ key
+component. How to decrypt transactions using this key component is described in
+the preceding section. The following applies to decryption using the $\DiscloseKey{}$
+component of the \viewingKey.
+
 Let $\DiscloseKey{}$ be a \viewingKey holder's \discloseKey.
 Then for each \PourDescription in its \blockchainview, the \viewingKey holder
 will attempt to decrypt the corresponding \coinsCiphertext as follows:
 
 \begin{enumerate}
-  \item For $i$ in $\{1..\NNew\}$,
+  \item For $i$ in $\{1..\NOld\}$,
     \begin{itemize}
       \item Let $\DerivedKey{i} := \PRFdk{\DiscloseKey{}}(i, \hSig)$.
       \item Let $\DisclosePlaintext{i} := \SymDecrypt{\DerivedKey{i}}(\DiscloseCiphertext{i})$.
@@ -1024,11 +1029,11 @@ and $\vOld{i} := \bot$, and continue with the next $i$.
       \item Extract $\SharedKey{i}$ and $\vOld{i}$ from $\DisclosePlaintext{i}$.
       \item Let $\SharedPlaintext{i} := \SymDecrypt{\SharedKey{i}}(\SharedCiphertext)$.
     \end{itemize}
-  \item If $\SharedPlaintext{i} = \bot$ for all $i$ in $\{1..\NNew\}$, then set
+  \item If $\SharedPlaintext{i} = \bot$ for all $i$ in $\{1..\NOld\}$, then set
 $\CoinPlaintext{i} = \bot$ for $i$ in $\{1..\NNew\}$ and return
 $(\vOld{\mathrm{1}..\NOld}, \CoinPlaintext{\mathrm{1}..\NNew})$.
   \item Otherwise, let $\SharedPlaintext{}$ be the first non-$\bot$ value in
-$\SharedPlaintext{1..\NNew}$.
+$\SharedPlaintext{1..\NOld}$.
   \item Extract $\TransmitKey{1..\NNew}$, $\TransmitPublicNew{\mathrm{1}..\NNew}$,
 and $\EphemeralPrivate$ from $\SharedPlaintext{}$.
   \item For $i$ in $\{1..\NNew\}$,