diff --git a/xx.md b/xx.md
index 6a776118..80ca3268 100644
--- a/xx.md
+++ b/xx.md
@@ -9,7 +9,7 @@ Nostr specific keys from Ethereum wallet signatures
 This NIP ?is optional specification for Nostr clients to generate private key from deterministic Ethereum wallet signatures.
 
 
-A) Username : 
+## A) Username : 
 ```
 let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" || "sub.domain.eth.limo"
 ```
@@ -21,28 +21,44 @@ let username = "mypetname" || "mynip05@domain.eth.limo" || "domain.eth.limo" ||
 
 ~~Implementing clients should verify if generated public keys match NIP05 and NIP02 records.~~ 
 
-B) Message : 
+## B) Password : 
+Password is optional value used in HKDF salt:
+```js
+let username = "name@domain.eth.limo"
+let password = "horse staple battery"
+let signature = wallet.signMessage(message)
+let salt = sha256(`nostr:${username}:${password}:${signature.slice(68)}`);
+if(!password || password == ""){
+   salt = sha256(`nostr:${username}:${signature.slice(68)}`)
+}
 ```
+
+
+## C) Message : 
+
+```js
 let message = `Login to Nostr as ${username}\n\nWARNING : DO NOT SIGN THIS REQUEST FROM UNTRUSTED NOSTR CLIENTS.\n${checksum(wallet.address)}`
 ```
+## D) Signature :
+Signature is 
 
-C) Private Key : 
-
+## C) HKDF : 
+We use HKDF with SHA256
 ```js
 import { hkdf } from '@noble/hashes/hkdf';
 import { sha256 } from '@noble/hashes/sha256';
 import * as secp256k1 from '@noble/secp256k1';
 
-let username = 'name@domain.eth.limo';
-let optPassword = "horse staple battery"; 
+//let username = 'name@domain.eth.limo';
+//let optPassword = "horse staple battery"; 
 // optional pin/password
 
-let address = wallet.getAddress(); 
+//let address = wallet.getAddress(); 
 // get checksum'd address from eth wallet
-let signature = wallet.signMessage(message); 
-// request signature from eth wallet
-// 0x + bytes1 + bytes32 + bytes32 
-//  2 + (2     +   64    +     64) = 132 length  
+//let signature = wallet.signMessage(message); 
+// request signature from eth wallet (v,r,s)
+// 0x + bytes1(v) + bytes32(r) + bytes32(s)
+//  2 + (2 + 64 + 64) = 132 String length  
 
 let inputKey = sha256(signature);
 let salt = sha256(`nostr:${username}:${optPassword}:${signature.slice(68)}`); //68~132
@@ -58,4 +74,14 @@ let privKey = nobleSecp256k1.hashToPrivateKey(hashKey);
 //FIPS 186 B.4.1 @noble/secp256k1
 
 let pubKey = nobleSecp256k1.getPublicKey(privKey)
-```
\ No newline at end of file
+```
+
+## Reference :
+
+1) ERC-191: Signed Data Standard - https://eips.ethereum.org/EIPS/eip-191
+
+2) RFC6979: Deterministic Usage of the DSA and ECDSA - https://datatracker.ietf.org/doc/html/rfc6979
+
+3) RFC5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) - https://datatracker.ietf.org/doc/html/rfc5869
+
+4) FIPS 186 B.4.1 - https://csrc.nist.gov/publications/detail/fips/186/4/final
\ No newline at end of file