diff --git a/crypto/XMASSpirit/README.md b/crypto/XMASSpirit/README.md
index 57be399..1f84192 100644
--- a/crypto/XMASSpirit/README.md
+++ b/crypto/XMASSpirit/README.md
@@ -15,13 +15,14 @@ HTB{4ff1n3_c1ph3r_15_51mpl3_m47h5}
 
 ## How to solve
 
-- It's a known plaintext attack.
+- The vulnerability is a known plaintext attack.
 - The encryption works by applying `(a*byte+b)%n` for each byte of the pdf.
 - Where `a` and `b` remain static during  the entire encryption process.
 - The PDFv5 Header is known (`00000000: 2550 4446 2d31 2e35 0a25 e2e3 cfd3 0a37	%PDF-1.5.%.....7`)
+- From the encryption algorithm the followin constraints can be derived:
 - Constraint 1: Factor `a` has to be a number between 1..256 while not sharing a common divisor with 256
-- Constraitn 2: Factor `b` has to be a number between 1..256
-- So it's possible to attack the encryption by iterating and trying to create a	pair (a, b) that matches the entire encrypted pdf header.
+- Constraint 2: Factor `b` has to be a number between 1..256
+- So it's possible to attack the ciphertext by iterating and trying to create a	pair (a, b) that encrypts the pdf5 header bites in such a way that it matches the ciphertext.
 
 ```python
 def get_factors(ct:bytes, n:int=256) -> (int, int):