diff --git a/src/libspark/aead.cpp b/src/libspark/aead.cpp
index ada79bcc2c..6f31038da4 100644
--- a/src/libspark/aead.cpp
+++ b/src/libspark/aead.cpp
@@ -3,6 +3,8 @@
 namespace spark {
 
 // Perform authenticated encryption with ChaCha20-Poly1305 using key commitment
+// NOTE: This uses a fixed zero nonce, which is safe when used in Spark as directed
+// It is NOT safe in general to do this!
 AEADEncryptedData AEAD::encrypt(const GroupElement& prekey, const std::string additional_data, CDataStream& data) {
 	// Set up the result structure
 	AEADEncryptedData result;
@@ -43,6 +45,8 @@ AEADEncryptedData AEAD::encrypt(const GroupElement& prekey, const std::string ad
 }
 
 // Perform authenticated decryption with ChaCha20-Poly1305 using key commitment
+// NOTE: This uses a fixed zero nonce, which is safe when used in Spark as directed
+// It is NOT safe in general to do this!
 CDataStream AEAD::decrypt_and_verify(const GroupElement& prekey, const std::string additional_data, AEADEncryptedData& data) {
 	// Derive the key and commitment
 	std::vector<unsigned char> key = SparkUtils::kdf_aead(prekey);