diff --git a/include/mcl/mapto_wb19.hpp b/include/mcl/mapto_wb19.hpp
index 814baaa..216a421 100644
--- a/include/mcl/mapto_wb19.hpp
+++ b/include/mcl/mapto_wb19.hpp
@@ -562,7 +562,7 @@ struct MapTo_WB19 {
 
 	void msgToG1(G1& out, const void *msg, size_t msgSize) const
 	{
-		const char *dst = "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_";
+		const char *dst = "BLS_SIG_BLS12381G1_XMD:SHA-256_SSWU_RO_POP_";
 		const size_t dstSize = strlen(dst);
 		msgToG1(out, msg, msgSize, dst, dstSize);
 	}
diff --git a/readme.md b/readme.md
index 94be844..b8fa264 100644
--- a/readme.md
+++ b/readme.md
@@ -10,6 +10,7 @@ mcl is a library for pairing-based cryptography,
 which supports the optimal Ate pairing over BN curves and BLS12-381 curves.
 
 # News
+- dst for mapToG1 has changed to `BLS_SIG_BLS12381G1_XMD:SHA-256_SSWU_RO_POP_`.
 - `mclBn_eth*` functions are removed.
 - `mcl::bn::mapToG1(G1& out, const Fp& v)` supports `BLS12_MAP_FP_TO_G1` in [EIP 2537](https://eips.ethereum.org/EIPS/eip-2537).
 - `mcl::bn::hashAndMapToG1(G1& out, const void *msg, size_t msgSize)` supports ([hash-to-curve-09 BLS12381G1_XMD:SHA-256_SSWU_RO_](https://www.ietf.org/id/draft-irtf-cfrg-hash-to-curve-09.html#name-bls12381g1_xmdsha-256_sswu_))
diff --git a/test/mapto_wb19_test.cpp b/test/mapto_wb19_test.cpp
index e7bee9e..db4586b 100644
--- a/test/mapto_wb19_test.cpp
+++ b/test/mapto_wb19_test.cpp
@@ -502,10 +502,11 @@ void testMsgToG1(const T& mapto)
 		const char *y;
 	} tbl[] = {
 		{
+			// generated by draft-irtf-cfrg-hash-to-curve/poc/suite_bls12381g1.sage
 			"asdf",
-			"BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_",
-			"bc73d15443009a8ff2ddce864136d892274dd8365c60d0d2d44cc543387348e366a8f1e1401427e37743c29ed2c939a",
-			"101e26428a1b78c05458cb1cc37d2d87876ad3437096d2827f376702d4451667fe1fa82e82795495d33d466133ed1862",
+			"BLS_SIG_BLS12381G1_XMD:SHA-256_SSWU_RO_POP_",
+			"a72df17570d0eb81260042edbea415ad49bdb94a1bc1ce9d1bf147d0d48268170764bb513a3b994d662e1faba137106",
+			"122b77eca1ed58795b7cd456576362f4f7bd7a572a29334b4817898a42414d31e9c0267f2dc481a4daf8bcf4a460322",
 		},
 		// https://www.ietf.org/id/draft-irtf-cfrg-hash-to-curve-09.txt
 		// H.9.1.  BLS12381G1_XMD:SHA-256_SSWU_RO_