From 3e67a8f45bcfa906da53728f5f4d09c41fb476d2 Mon Sep 17 00:00:00 2001
From: Jack O'Connor <oconnor663@gmail.com>
Date: Thu, 3 Mar 2022 12:06:14 -0500
Subject: correct the security notes for the C API

---
 c/README.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/c/README.md b/c/README.md
index e213704..06e7a00 100644
--- a/c/README.md
+++ b/c/README.md
@@ -197,8 +197,7 @@ bits of collision resistance, for any N up to 256. Longer outputs don't provide
 security.
 
 Avoid relying on the secrecy of the output offset, that is, the number of output bytes read or
-the arguments to [`seek`](struct.OutputReader.html#method.seek) or
-[`set_position`](struct.OutputReader.html#method.set_position). [_Block-Cipher-Based Tree
+the `seek` argument of `blake3_hasher_finalize_seek`. [_Block-Cipher-Based Tree
 Hashing_ by Aldo Gunsing](https://eprint.iacr.org/2022/283) shows that an attacker who knows
 both the message and the key can easily determine the offset of an extended output. For
 comparison, AES-CTR has a similar property: if you know the key, you can decrypt a block from
-- 
cgit v1.2.3