diff --git a/TaggedHash.md b/TaggedHash.md
new file mode 100644
index 0000000..b7f6892
--- /dev/null
+++ b/TaggedHash.md
@@ -0,0 +1,8 @@
+Each place a hash function is used within Tahoe, the data to be hashed is first prepended with a distinct "tag", one per purpose.
+
+These tags are encoded as a [NetString](NetString), to insure that they cannot be confused with the data being hashed. For example, the [VerifierId](VerifierId) is computed as the SHA-256 hash of the following string:
+```
+    "23:allmydata_verifierid_v1," + DATA
+```
+
+This technique is especially important to distinguish the leaf nodes from the internal nodes in a [MerkleHashTree](MerkleHashTree), because otherwise an attacker can trivially construct leaf data that results in the same root hash as a previously constructed tree.