From ae39a3a377b8b39c4ce1ad58f32115cb77e7cebb Mon Sep 17 00:00:00 2001
From: Jesse Posner <jesse.posner@gmail.com>
Date: Wed, 28 Aug 2024 16:10:54 -0700
Subject: [PATCH] Update comment

Responds to:
https://github.com/BlockstreamResearch/secp256k1-zkp/pull/278#discussion_r1716574466
---
 include/secp256k1_frost.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/secp256k1_frost.h b/include/secp256k1_frost.h
index c0dfa4b32..b7d58b835 100644
--- a/include/secp256k1_frost.h
+++ b/include/secp256k1_frost.h
@@ -356,7 +356,7 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_frost_pubkey_xonly_twea
  *  3. Avoid copying (or serializing) the secnonce. This reduces the possibility
  *     that it is used more than once for signing.
  *
- *  Remember that nonce reuse will leak the secret key!
+ *  Remember that nonce reuse will leak the secret share!
  *  Note that using the same agg_share for multiple FROST sessions is fine.
  *
  *  Returns: 0 if the arguments are invalid and 1 otherwise
@@ -427,7 +427,7 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_frost_nonce_process(
  *  This function overwrites the given secnonce with zeros and will abort if given a
  *  secnonce that is all zeros. This is a best effort attempt to protect against nonce
  *  reuse. However, this is of course easily defeated if the secnonce has been
- *  copied (or serialized). Remember that nonce reuse will leak the secret key!
+ *  copied (or serialized). Remember that nonce reuse will leak the secret share!
  *
  *  Returns: 0 if the arguments are invalid or the provided secnonce has already
  *           been used for signing, 1 otherwise