diff --git a/src/hash/rescue/rpo/mod.rs b/src/hash/rescue/rpo/mod.rs
index 5642f358..9288d707 100644
--- a/src/hash/rescue/rpo/mod.rs
+++ b/src/hash/rescue/rpo/mod.rs
@@ -53,16 +53,16 @@ mod tests;
 /// to deserialize them into field elements and then hash them using
 /// [hash_elements()](Rpo256::hash_elements) function rather then hashing the serialized bytes
 /// using [hash()](Rpo256::hash) function.
-/// 
+///
 /// ## Domain separation
-/// [merge_in_domain()](Rpo256::merge_in_domain) hashes two digests into one given some domain
+/// [merge_in_domain()](Rpo256::merge_in_domain) hashes two digests into one digest with some domain
 /// identifier and the current implementation sets the second capacity element to the value of
-/// the domain identifier. Using a similar argument as the one formulated for domain separation
+/// this domain identifier. Using a similar argument as the one formulated for domain separation
 /// of the RPX hash function in Appendix C of [specifications](https://eprint.iacr.org/2023/1045),
 /// one sees that doing so degrades only pre-image resistance, from its initial bound of c.log_2(p),
 /// by as much as the log_2 of the size of the domain identifier space. Since pre-image resistance
 /// becomes the bottleneck for the security bound of the sponge in overwrite-mode only when it is
-/// smaller than 2^128,  we see that the target 128-bit security level is maintained as long as
+/// lower than 2^128, we see that the target 128-bit security level is maintained as long as
 /// the size of the domain identifier space, including for padding, is less than 2^128.
 #[derive(Debug, Copy, Clone, Eq, PartialEq)]
 pub struct Rpo256();