diff --git a/CHANGELOG.md b/CHANGELOG.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog for tahoe-ssk
 
+## 0.3.0.0 (Unreleased)
+
+* Updated the tahoe-chk dependency to 0.2.0.0.
+
 ## 0.2.1.0
 
 * Add Ord instances for StorageIndex, Verifier, Reader, and Writer.
diff --git a/README.md b/README.md
--- a/README.md
+++ b/README.md
@@ -13,7 +13,12 @@
 
 * SDMF write, read, and verify capabilities can be parsed and serialized.
 * SDMF shares can be deserialized, decoded, and decrypted.
-  * The cryptographic integrity and authenticity is not verified.
+  * The cryptographic integrity is not verified:
+    * a share's block hashes are not checked against the share's block hash tree
+    * the root of the computed share hash tree is not checked against share's pre-computed share hash tree root
+  * The cryptographic authenticity is not verified:
+    * signatures on the data are not checked
+
 * Plaintext can be encrypted, encoded into shares, and the shares serialized to bytes.
   * Not all fields of the shares contain correctly initialized values.
   * Enough fields are correctly populated to recover the original plaintext.
@@ -65,7 +70,7 @@
   * is well-maintained
     * developers are responsive to security reports
     * has a channel for security-related disclosures
-	* has sound documentation for proper, safe usage
+    * has sound documentation for proper, safe usage
 
 And,
 of course,
diff --git a/src/Tahoe/SDMF/Internal/Capability.hs b/src/Tahoe/SDMF/Internal/Capability.hs
--- a/src/Tahoe/SDMF/Internal/Capability.hs
+++ b/src/Tahoe/SDMF/Internal/Capability.hs
@@ -5,7 +5,7 @@
 
 import Control.Applicative ((<|>))
 import Control.Monad (void)
-import Crypto.Hash (Digest, SHA256, digestFromByteString)
+import Crypto.Hash (digestFromByteString)
 import Data.Binary (decode)
 import qualified Data.ByteArray as ByteArray
 import qualified Data.ByteString as B
@@ -16,6 +16,7 @@
 import qualified Data.Text.Encoding as T
 import Data.Void (Void)
 import Data.Word (Word16)
+import Tahoe.CHK.SHA256d (Digest' (Digest'), SHA256d)
 import Tahoe.Capability (ConfidentialShowable (..))
 import Tahoe.SDMF.Internal.Keys (
     Read (readKeyBytes),
@@ -49,7 +50,7 @@
 -- | A verify capability for an SDMF object.
 data Verifier = Verifier
     { verifierStorageIndex :: StorageIndex
-    , verifierVerificationKeyHash :: Digest SHA256
+    , verifierVerificationKeyHash :: Digest' SHA256d
     }
     deriving (Eq, Show)
 
@@ -86,14 +87,14 @@
     confidentiallyShow = dangerRealShow . SDMFWriter
 
 -- | Diminish a write key to a read key and wrap it in a reader capability.
-deriveReader :: Write -> Digest SHA256 -> Maybe Reader
+deriveReader :: Write -> Digest' SHA256d -> Maybe Reader
 deriveReader w fingerprint = Reader <$> readKey <*> verifier
   where
     readKey = deriveReadKey w
     verifier = flip deriveVerifier fingerprint <$> readKey
 
 -- | Diminish a read key to a verify key and wrap it in a verifier capability.
-deriveVerifier :: Read -> Digest SHA256 -> Verifier
+deriveVerifier :: Read -> Digest' SHA256d -> Verifier
 deriveVerifier readKey = Verifier storageIndex
   where
     storageIndex = deriveStorageIndex readKey
@@ -133,7 +134,7 @@
     -- | A function to convert the first bytestring to a result value.
     (B.ByteString -> a) ->
     -- | A parser for the two pieces of the SDMF capability.
-    Parser (a, Digest SHA256)
+    Parser (a, Digest' SHA256d)
 pPieces prefix convertSecret = do
     void $ string prefix
     secret <- convertSecret <$> pBase32 rfc3548Alphabet 128
@@ -142,7 +143,7 @@
     case digestFromByteString digestBytes of
         Nothing -> failure Nothing mempty
         Just verificationKeyHash ->
-            pure (secret, verificationKeyHash)
+            pure (secret, Digest' verificationKeyHash)
 
 {- | A parser combinator for an arbitrary byte string of a fixed length,
  encoded using base32.
diff --git a/src/Tahoe/SDMF/Internal/Encoding.hs b/src/Tahoe/SDMF/Internal/Encoding.hs
--- a/src/Tahoe/SDMF/Internal/Encoding.hs
+++ b/src/Tahoe/SDMF/Internal/Encoding.hs
@@ -5,8 +5,8 @@
 -}
 module Tahoe.SDMF.Internal.Encoding where
 
-import Control.Monad.Fail (MonadFail)
 import Control.Monad (when)
+import Control.Monad.Fail (MonadFail)
 import Control.Monad.IO.Class (MonadIO (liftIO))
 import Crypto.Hash (digestFromByteString)
 import Crypto.Random (MonadRandom)
@@ -18,6 +18,7 @@
 import Data.Word (Word16, Word64, Word8)
 import Tahoe.CHK (padCiphertext, zfec, zunfec)
 import Tahoe.CHK.Merkle (MerkleTree (MerkleLeaf))
+import Tahoe.CHK.SHA256d (Digest' (Digest'), zero)
 import Tahoe.SDMF.Internal.Capability (Reader (..), Writer (..), deriveReader)
 import Tahoe.SDMF.Internal.Converting (from, tryInto)
 import qualified Tahoe.SDMF.Internal.Keys as Keys
@@ -91,7 +92,7 @@
     shareRootHash = B.replicate 32 0
     shareSignature = B.replicate 32 0 -- XXX Actually compute sig, and is it 32 bytes?
     shareHashChain = HashChain []
-    shareBlockHashTree = MerkleLeaf (B.replicate 32 0) -- XXX Real hash here, plus length check
+    shareBlockHashTree = MerkleLeaf zero -- XXX Real hash here, plus length check
 
 {- | Decode some SDMF shares to recover the original ciphertext.
 
@@ -124,7 +125,7 @@
     Writer <$> writerWriteKey <*> maybeToEither' "Failed to derive read capability" writerReader
   where
     writerWriteKey = maybeToEither "Failed to derive write key" . Keys.deriveWriteKey . Keys.toSignatureKey $ keypair
-    verificationKeyHash = digestFromByteString . Keys.deriveVerificationHash . Keys.toVerificationKey $ keypair
+    verificationKeyHash = fmap Digest' . digestFromByteString . Keys.deriveVerificationHash . Keys.toVerificationKey $ keypair
     writerReader = deriveReader <$> writerWriteKey <*> maybeToEither "Failed to interpret verification hash" verificationKeyHash
 
 maybeToEither :: a -> Maybe b -> Either a b
diff --git a/src/Tahoe/SDMF/Internal/Share.hs b/src/Tahoe/SDMF/Internal/Share.hs
--- a/src/Tahoe/SDMF/Internal/Share.hs
+++ b/src/Tahoe/SDMF/Internal/Share.hs
@@ -17,6 +17,7 @@
 import Data.Word (Word16, Word32, Word64, Word8)
 import Data.X509 (PrivKey (PrivKeyRSA), PubKey (PubKeyRSA))
 import Tahoe.CHK.Merkle (MerkleTree, leafHashes)
+import Tahoe.CHK.SHA256d (Digest' (Digest'), SHA256d, toBytes)
 import Tahoe.SDMF.Internal.Converting (From (from), into, tryInto)
 import qualified Tahoe.SDMF.Internal.Keys as Keys
 
@@ -81,7 +82,7 @@
       -- ... something about verification I dunno. XXX
       shareHashChain :: HashChain
     , -- | A merkle tree where leaves are the hashes of the blocks in this share.
-      shareBlockHashTree :: MerkleTree
+      shareBlockHashTree :: MerkleTree B.ByteString SHA256d
     , -- | The share data (erasure encoded ciphertext).
       shareData :: LB.ByteString
     , -- | The encrypted 2048 bit "signature" RSA key.
@@ -113,7 +114,7 @@
         putByteString shareEncryptedPrivateKey
       where
         verificationKeyBytes = Keys.verificationKeyToBytes shareVerificationKey
-        blockHashTreeBytes = B.concat . leafHashes $ shareBlockHashTree
+        blockHashTreeBytes = B.concat . fmap toBytes . leafHashes $ shareBlockHashTree
 
         -- Some conversions could fail because we can't be completely sure of
         -- the size of the data we're working with.  Put has no good failure
diff --git a/tahoe-ssk.cabal b/tahoe-ssk.cabal
--- a/tahoe-ssk.cabal
+++ b/tahoe-ssk.cabal
@@ -21,7 +21,7 @@
 -- PVP summary:     +-+------- breaking API changes
 --                  | | +----- non-breaking API additions
 --                  | | | +--- code changes with no API change
-version:            0.2.1.0
+version:            0.3.0.0
 
 -- A short (one-line) description of the package.
 synopsis:
@@ -132,7 +132,7 @@
 
   -- This dependency isn't ideal.  Move common bits out to
   -- another library.
-  build-depends:   tahoe-chk >=0.1 && <0.2
+  build-depends:   tahoe-chk >=0.2 && <0.3
 
 test-suite tahoe-ssk-test
   import:
@@ -167,7 +167,7 @@
     , megaparsec          >=8.0      && <9.3
     , memory              >=0.15     && <0.17
     , tahoe-capabilities  >=0.1      && <0.2
-    , tahoe-chk           >=0.1      && <0.2
+    , tahoe-chk           >=0.2      && <0.3
     , tahoe-ssk
     , tasty               >=1.2.3    && <1.5
     , tasty-hedgehog      >=1.0.0.2  && <1.2
diff --git a/test/Generators.hs b/test/Generators.hs
--- a/test/Generators.hs
+++ b/test/Generators.hs
@@ -1,3 +1,5 @@
+{-# LANGUAGE ScopedTypeVariables #-}
+
 module Generators where
 
 import Crypto.Cipher.Types (makeIV)
@@ -10,7 +12,7 @@
 import qualified Data.Binary as Binary
 import qualified Data.ByteString as B
 import qualified Data.ByteString.Lazy as LB
-import Data.Maybe (fromJust)
+import Data.Maybe (fromJust, fromMaybe)
 import Data.Word (Word16)
 import Data.X509 (PrivKey (PrivKeyRSA))
 import GHC.IO.Unsafe (unsafePerformIO)
@@ -18,6 +20,7 @@
 import qualified Hedgehog.Gen as Gen
 import qualified Hedgehog.Range as Range
 import Tahoe.CHK.Merkle (MerkleTree (..), makeTreePartial)
+import Tahoe.CHK.SHA256d (Digest' (Digest'), SHA256d)
 import Tahoe.SDMF (Reader (..), SDMF (..), Share (..), Verifier (..), Writer (..))
 import Tahoe.SDMF.Internal.Capability (deriveReader)
 import Tahoe.SDMF.Internal.Keys (keyLength)
@@ -87,12 +90,16 @@
                 _ -> error "Expected RSA Private Key"
     kp
 
-merkleTrees :: MonadGen m => Range.Range Int -> m MerkleTree
-merkleTrees r = makeTreePartial <$> Gen.list r genHash
+merkleTrees :: MonadGen m => Range.Range Int -> m (MerkleTree B.ByteString SHA256d)
+merkleTrees r = makeTreePartial <$> Gen.list r digests
 
--- | Generate ByteStrings which could be sha256d digests.
-genHash :: MonadGen m => m B.ByteString
-genHash = Gen.bytes . Range.singleton . hashDigestSize $ SHA256
+-- | Generate Digest' values for some hash algorithm.  Shrinks toward "aaa..."
+digests :: forall m hash. (MonadGen m, HashAlgorithm hash) => m (Digest' hash)
+digests =
+    Digest'
+        . fromMaybe (error "Failed to interpret bytes as digest")
+        . digestFromByteString
+        <$> Gen.bytes (Range.singleton (hashDigestSize (undefined :: hash)))
 
 -- | Generate lists of two-tuples of share identifier and share root hash.
 shareHashChains :: MonadGen m => m HashChain
@@ -142,7 +149,3 @@
 -- | Build SDMF storage indexes.
 storageIndexes :: MonadGen m => m Keys.StorageIndex
 storageIndexes = Keys.StorageIndex <$> Gen.bytes (Range.singleton keyLength)
-
--- | Build SHA256 digests.
-digests :: MonadGen m => m (Digest SHA256)
-digests = fromJust . digestFromByteString <$> Gen.bytes (Range.singleton 32)
diff --git a/test/Spec.hs b/test/Spec.hs
--- a/test/Spec.hs
+++ b/test/Spec.hs
@@ -27,6 +27,7 @@
 import qualified Hedgehog.Gen as Gen
 import qualified Hedgehog.Range as Range
 import System.IO (hSetEncoding, stderr, stdout, utf8)
+import Tahoe.CHK.SHA256d (Digest' (Digest'))
 import Tahoe.Capability (confidentiallyShow)
 import qualified Tahoe.SDMF
 import Tahoe.SDMF.Internal.Capability (deriveVerifier)
@@ -206,7 +207,7 @@
 
             let (Right writeKey) = Binary.decode . LB.fromStrict <$> decodeBase32Unpadded "vdv6pcqkblsguvkagrblr3gopu"
                 (Just readerReadKey) = Keys.deriveReadKey writeKey
-                (Just readerVerifier) = deriveVerifier readerReadKey <$> digestFromByteString ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" :: B.ByteString)
+                (Just readerVerifier) = deriveVerifier readerReadKey . Digest' <$> digestFromByteString ("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" :: B.ByteString)
                 reader = Tahoe.SDMF.Reader{..}
             ciphertext <- Tahoe.SDMF.decode reader [(0, s0), (6, s6), (9, s9)]
             let (Right expectedCiphertext) = LB.fromStrict <$> decodeBase32Unpadded "6gutkha6qd4g3lxahth2dw2wjekadwoxvmazrnfq5u5j6a7quu5qy6nz3dvosx2gisdjshdtd5xphqvqjco5pq73qi"
