diff --git a/buds/01.md b/buds/01.md
index 86110d8..146717f 100644
--- a/buds/01.md
+++ b/buds/01.md
@@ -99,7 +99,7 @@ The server may optionally require authorization when retrieving blobs from the `
 In this case the server MUST perform additional checks on the authorization event
 
 1. A `t` tag MUST be present and set to `get`
-2. The event MUST contain either a `server` tag containing the full URL to the server or MUST contain at least one `x` tag matching sha256 hash of the blob being retrieved
+2. The event MUST contain either a `server` tag containing the full URL to the server or MUST contain at least one `x` tag matching the sha256 hash of the blob being retrieved
 
 If the client did not send an `Authorization` header the server must respond with the appropriate HTTP status code `401` (Unauthorized)
 
diff --git a/buds/04.md b/buds/04.md
index 6c4de31..b3952d2 100644
--- a/buds/04.md
+++ b/buds/04.md
@@ -21,7 +21,7 @@ Clients MUST pass the URL of the remote blob as a stringified JSON object in the
 
 Clients MUST set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required)
 
-The `/mirror` endpoint MUST download the blob from the specified URL and verify the sha256 hash matches the `x` tag in the upload authorization event
+The `/mirror` endpoint MUST download the blob from the specified URL and verify that there is at least one `x` tag in the authorization event matching the sha256 hash of the download blob
 
 The endpoint MUST return a [Blob Descriptor](#blob-descriptor) if the mirroring was successful or an error object if it was not