diff --git a/README.md b/README.md
index 824977b..919809e 100644
--- a/README.md
+++ b/README.md
@@ -4,3 +4,45 @@ Inner Product Argument (IPA) version from Halo paper (https://eprint.iacr.org/20
 
 
 > Warning: do not use this code in production.
+
+### Example
+
+```rust
+let mut ipa = IPA::new(8);
+
+let a = vec![
+    F::from(1 as u32),
+    F::from(2 as u32),
+    F::from(3 as u32),
+    F::from(4 as u32),
+    F::from(5 as u32),
+    F::from(6 as u32),
+    F::from(7 as u32),
+    F::from(8 as u32),
+];
+
+
+let r = F::rand(&mut ipa.rng);
+
+// prover commits
+let P = ipa.commit(&a, r).unwrap();
+
+
+// verifier sets challenges
+let U = EdwardsProjective::rand(&mut ipa.rng);
+let k = (f64::from(ipa.d as u32).log2()) as usize;
+let mut u: Vec<F> = vec![F::zero(); k];
+for j in 0..k {
+    u[j] = F::rand(&mut ipa.rng);
+}
+let x = F::from(3 as u32);
+
+// prover opens at the challenges
+let b = powers_of(x, ipa.d);
+let v = inner_product_field(&a, &b).unwrap();
+let proof = ipa.prove(&a, &b, &u, &U).unwrap();
+
+// verifier
+let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
+assert!(verif);
+```
diff --git a/src/lib.rs b/src/lib.rs
index 71f8102..146b7bb 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -44,7 +44,7 @@ impl IPA {
         Ok(inner_product_point(a, &self.Gs)? + self.H.mul(r.into_repr()))
     }
 
-    pub fn ipa(
+    pub fn prove(
         &mut self,
         a: &[Fr],
         b: &[Fr],
@@ -118,13 +118,16 @@ impl IPA {
     pub fn verify(
         &self,
         x: &Fr,
+        v: &Fr,
         P: &EdwardsProjective,
         p: &Proof,
         r: &Fr,
         u: &[Fr],
         U: &EdwardsProjective,
     ) -> Result<bool, String> {
-        let mut q_0 = *P;
+        let P = *P + U.mul(v.into_repr());
+
+        let mut q_0 = P;
         let mut r = *r;
 
         // compute b & G from s
@@ -333,26 +336,27 @@ mod tests {
             Fr::from(8 as u32),
         ];
 
-        let x = Fr::from(3 as u32);
-        let b = powers_of(x, ipa.d);
-
         let r = Fr::rand(&mut ipa.rng);
 
-        let mut P = ipa.commit(&a, r).unwrap();
-        let v = inner_product_field(&a, &b).unwrap();
+        // prover commits
+        let P = ipa.commit(&a, r).unwrap();
 
+        // verifier sets challenges
         let U = EdwardsProjective::rand(&mut ipa.rng);
-
         let k = (f64::from(ipa.d as u32).log2()) as usize;
         let mut u: Vec<Fr> = vec![Fr::zero(); k];
         for j in 0..k {
             u[j] = Fr::rand(&mut ipa.rng);
         }
+        let x = Fr::from(3 as u32);
 
-        P = P + U.mul(v.into_repr());
+        // prover opens at the challenges
+        let b = powers_of(x, ipa.d);
+        let v = inner_product_field(&a, &b).unwrap();
+        let proof = ipa.prove(&a, &b, &u, &U).unwrap();
 
-        let proof = ipa.ipa(&a, &b, &u, &U).unwrap();
-        let verif = ipa.verify(&x, &P, &proof, &r, &u, &U).unwrap();
+        // verifier
+        let verif = ipa.verify(&x, &v, &P, &proof, &r, &u, &U).unwrap();
         assert!(verif);
     }
 }