diff --git a/src/libsodium/crypto_sign/ed25519/ref10/keypair.c b/src/libsodium/crypto_sign/ed25519/ref10/keypair.c
index bdc6b017..cad4b974 100644
--- a/src/libsodium/crypto_sign/ed25519/ref10/keypair.c
+++ b/src/libsodium/crypto_sign/ed25519/ref10/keypair.c
@@ -15,7 +15,11 @@ crypto_sign_ed25519_seed_keypair(unsigned char *pk, unsigned char *sk,
 {
     ge_p3 A;
 
-    crypto_hash_sha512(sk, seed, 32);
+#ifdef ED25519_NONDETERMINISTIC
+    memcpy(sk, seed, crypto_sign_ed25519_SECRETKEYBYTES);
+#else
+    crypto_hash_sha512(sk, seed, crypto_sign_ed25519_SECRETKEYBYTES);
+#endif
     sk[0] &= 248;
     sk[31] &= 63;
     sk[31] |= 64;
@@ -23,8 +27,8 @@ crypto_sign_ed25519_seed_keypair(unsigned char *pk, unsigned char *sk,
     ge_scalarmult_base(&A, sk);
     ge_p3_tobytes(pk, &A);
 
-    memmove(sk, seed, 32);
-    memmove(sk + 32, pk, 32);
+    memmove(sk, seed, crypto_sign_ed25519_SECRETKEYBYTES);
+    memmove(sk + 32, pk, crypto_sign_ed25519_PUBLICKEYBYTES);
 
     return 0;
 }
@@ -76,9 +80,13 @@ crypto_sign_ed25519_sk_to_curve25519(unsigned char *curve25519_sk,
 {
     unsigned char h[crypto_hash_sha512_BYTES];
 
+#ifdef ED25519_NONDETERMINISTIC
+    memcpy(h, ed25519_sk, crypto_sign_ed25519_SECRETKEYBYTES);
+#else
     crypto_hash_sha512(h, ed25519_sk,
                        crypto_sign_ed25519_SECRETKEYBYTES -
                        crypto_sign_ed25519_PUBLICKEYBYTES);
+#endif
     h[0] &= 248;
     h[31] &= 127;
     h[31] |= 64;
diff --git a/src/libsodium/crypto_sign/ed25519/ref10/sign.c b/src/libsodium/crypto_sign/ed25519/ref10/sign.c
index 7aeb07f2..e97ca1bd 100644
--- a/src/libsodium/crypto_sign/ed25519/ref10/sign.c
+++ b/src/libsodium/crypto_sign/ed25519/ref10/sign.c
@@ -36,9 +36,8 @@ _crypto_sign_ed25519_clamp(unsigned char k[32])
 /* r = hash(B || empty_labelset || Z || pad1 || k || pad2 || empty_labelset || K || extra || M) (mod q) */
 static void
 _crypto_sign_ed25519_synthetic_r_hv(crypto_hash_sha512_state *hs,
-                                    unsigned char nonce[64],
-                                    unsigned char sk_copy[64],
-                                    const unsigned char sk[64])
+                                    unsigned char Z[32],
+                                    const unsigned char sk[32])
 {
     static const unsigned char B[32] = {
         0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
@@ -49,14 +48,12 @@ _crypto_sign_ed25519_synthetic_r_hv(crypto_hash_sha512_state *hs,
     static const unsigned char zeros[16] = { 0x00 };
     static const unsigned char empty_labelset[3] = { 0x02, 0x00, 0x00 };
 
-    memcpy(sk_copy, sk, 32);
-    _crypto_sign_ed25519_clamp(sk_copy);
     crypto_hash_sha512_update(hs, B, 32);
     crypto_hash_sha512_update(hs, empty_labelset, 3);
-    randombytes_buf(nonce, 32);
-    crypto_hash_sha512_update(hs, nonce, 32);
+    randombytes_buf(Z, 32);
+    crypto_hash_sha512_update(hs, Z, 32);
     crypto_hash_sha512_update(hs, zeros, 16 - (32 + 3 + 32) % 16);
-    crypto_hash_sha512_update(hs, sk_copy, 32);
+    crypto_hash_sha512_update(hs, sk, 32);
     /* empty pad2 */
     crypto_hash_sha512_update(hs, empty_labelset, 3);
     crypto_hash_sha512_update(hs, sk + 32, 32);
@@ -75,15 +72,16 @@ _crypto_sign_ed25519_detached(unsigned char *sig, unsigned long long *siglen_p,
     unsigned char            hram[64];
     ge_p3                    R;
 
-#ifdef ED25519_NONDETERMINISTIC
     _crypto_sign_ed25519_ref10_hinit(&hs, prehashed);
-    _crypto_sign_ed25519_synthetic_r_hv(&hs, nonce, az, sk);
+
+#ifdef ED25519_NONDETERMINISTIC
+    memcpy(az, sk, 32);
+    _crypto_sign_ed25519_synthetic_r_hv(&hs, nonce, az);
 #else
     crypto_hash_sha512(az, sk, 32);
-    _crypto_sign_ed25519_clamp(az);
-    _crypto_sign_ed25519_ref10_hinit(&hs, prehashed);
     crypto_hash_sha512_update(&hs, az + 32, 32);
 #endif
+
     crypto_hash_sha512_update(&hs, m, mlen);
     crypto_hash_sha512_final(&hs, nonce);
 
@@ -99,6 +97,7 @@ _crypto_sign_ed25519_detached(unsigned char *sig, unsigned long long *siglen_p,
     crypto_hash_sha512_final(&hs, hram);
 
     sc_reduce(hram);
+    _crypto_sign_ed25519_clamp(az);
     sc_muladd(sig + 32, hram, az, nonce);
 
     sodium_memzero(az, sizeof az);
diff --git a/test/default/ed25519_convert.c b/test/default/ed25519_convert.c
index 04b3a691..a384c31e 100644
--- a/test/default/ed25519_convert.c
+++ b/test/default/ed25519_convert.c
@@ -18,9 +18,17 @@ main(void)
     unsigned char curve25519_sk[crypto_scalarmult_curve25519_BYTES];
     char          curve25519_pk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1];
     char          curve25519_sk_hex[crypto_scalarmult_curve25519_BYTES * 2 + 1];
+    unsigned char hseed[crypto_hash_sha512_BYTES];
     unsigned int  i;
 
-    crypto_sign_ed25519_seed_keypair(ed25519_pk, ed25519_skpk, keypair_seed);
+    assert(crypto_sign_ed25519_SEEDBYTES <= crypto_hash_sha512_BYTES);
+#ifdef ED25519_NONDETERMINISTIC
+    crypto_hash_sha512(hseed, keypair_seed, crypto_sign_ed25519_SEEDBYTES);
+#else
+    memcpy(hseed, keypair_seed, crypto_sign_ed25519_SEEDBYTES);
+#endif
+    crypto_sign_ed25519_seed_keypair(ed25519_pk, ed25519_skpk, hseed);
+
     if (crypto_sign_ed25519_pk_to_curve25519(curve25519_pk, ed25519_pk) != 0) {
         printf("conversion failed\n");
     }