diff --git a/core/src/core/block.rs b/core/src/core/block.rs
index ba9f05ae6..818b74bad 100644
--- a/core/src/core/block.rs
+++ b/core/src/core/block.rs
@@ -209,7 +209,7 @@ impl Committed for Block {
 		&self.outputs
 	}
 	fn overage(&self) -> i64 {
-		(REWARD as i64) - (self.total_fees() as i64)
+		(self.total_fees() as i64) - (REWARD as i64)
 	}
 }
 
@@ -449,7 +449,7 @@ impl Block {
 
 		let over_commit = try!(secp.commit_value(REWARD as u64));
 		let out_commit = output.commitment();
-		let excess = try!(secp.commit_sum(vec![over_commit], vec![out_commit]));
+		let excess = try!(secp.commit_sum(vec![out_commit], vec![over_commit]));
 
 		let proof = TxKernel {
 			features: COINBASE_KERNEL,
diff --git a/core/src/core/build.rs b/core/src/core/build.rs
index 2f8430a02..fe2cae8ee 100644
--- a/core/src/core/build.rs
+++ b/core/src/core/build.rs
@@ -31,6 +31,7 @@ use secp::key::SecretKey;
 use rand::os::OsRng;
 
 use core::{Transaction, Input, Output, DEFAULT_OUTPUT};
+use core::Committed;
 
 /// Context information available to transaction combinators.
 pub struct Context {
@@ -90,7 +91,7 @@ type Append = for<'a> Fn(&'a mut Context, (Transaction, BlindSum)) -> (Transacti
 pub fn input(value: u64, blinding: SecretKey) -> Box<Append> {
 	Box::new(move |build, (tx, sum)| -> (Transaction, BlindSum) {
 		let commit = build.secp.commit(value, blinding).unwrap();
-		(tx.with_input(Input(commit)), sum.add(blinding))
+		(tx.with_input(Input(commit)), sum.sub(blinding))
 	})
 }
 
@@ -101,7 +102,7 @@ pub fn input_rand(value: u64) -> Box<Append> {
 	Box::new(move |build, (tx, sum)| -> (Transaction, BlindSum) {
 		let blinding = SecretKey::new(&build.secp, &mut build.rng);
 		let commit = build.secp.commit(value, blinding).unwrap();
-		(tx.with_input(Input(commit)), sum.add(blinding))
+		(tx.with_input(Input(commit)), sum.sub(blinding))
 	})
 }
 
@@ -116,7 +117,7 @@ pub fn output(value: u64, blinding: SecretKey) -> Box<Append> {
 			commit: commit,
 			proof: rproof,
 		}),
-		 sum.sub(blinding))
+		 sum.add(blinding))
 	})
 }
 
@@ -133,7 +134,7 @@ pub fn output_rand(value: u64) -> Box<Append> {
 			commit: commit,
 			proof: rproof,
 		}),
-		 sum.sub(blinding))
+		 sum.add(blinding))
 	})
 }
 
@@ -173,8 +174,9 @@ pub fn transaction(elems: Vec<Box<Append>>) -> Result<(Transaction, SecretKey),
 	                                      |acc, elem| elem(&mut ctx, acc));
 
 	let blind_sum = sum.sum(&ctx.secp)?;
-	let msg = try!(secp::Message::from_slice(&u64_to_32bytes(tx.fee)));
-	let sig = try!(ctx.secp.sign(&msg, &blind_sum));
+	let pubkey = secp::key::PublicKey::from_secret_key(&ctx.secp, &blind_sum)?;
+	let msg = secp::Message::from_slice(&u64_to_32bytes(tx.fee))?;
+	let sig = ctx.secp.sign(&msg, &blind_sum)?;
 	tx.excess_sig = sig.serialize_der(&ctx.secp);
 
 	Ok((tx, blind_sum))
diff --git a/core/src/core/mod.rs b/core/src/core/mod.rs
index 73517b9c6..277180b45 100644
--- a/core/src/core/mod.rs
+++ b/core/src/core/mod.rs
@@ -50,12 +50,12 @@ pub trait Committed {
 		let mut input_commits = map_vec!(self.inputs_committed(), |inp| inp.commitment());
 		let mut output_commits = map_vec!(self.outputs_committed(), |out| out.commitment());
 
-		// add the overage as input commitment if positive, as an output commitment if
+		// add the overage as output commitment if positive, as an input commitment if
 		// negative
 		let overage = self.overage();
 		if overage != 0 {
 			let over_commit = secp.commit_value(overage.abs() as u64).unwrap();
-			if overage > 0 {
+			if overage < 0 {
 				input_commits.push(over_commit);
 			} else {
 				output_commits.push(over_commit);
@@ -63,7 +63,7 @@ pub trait Committed {
 		}
 
 		// sum all that stuff
-		secp.commit_sum(input_commits, output_commits)
+		secp.commit_sum(output_commits, input_commits)
 	}
 
 	/// Vector of committed inputs to verify
diff --git a/core/src/core/transaction.rs b/core/src/core/transaction.rs
index 847a91437..21816d522 100644
--- a/core/src/core/transaction.rs
+++ b/core/src/core/transaction.rs
@@ -149,7 +149,7 @@ impl Committed for Transaction {
 		&self.outputs
 	}
 	fn overage(&self) -> i64 {
-		-(self.fee as i64)
+		(self.fee as i64)
 	}
 }
 
@@ -209,14 +209,14 @@ impl Transaction {
 	/// of the sum of r.G should be left. And r.G is the definition of a
 	/// public key generated using r as a private key.
 	pub fn verify_sig(&self, secp: &Secp256k1) -> Result<TxKernel, secp::Error> {
-		let rsum = try!(self.sum_commitments(secp));
+		let rsum = self.sum_commitments(secp)?;
 
 		// pretend the sum is a public key (which it is, being of the form r.G) and
 		// verify the transaction sig with it
-		let pubk = try!(rsum.to_pubkey(secp));
-		let msg = try!(Message::from_slice(&u64_to_32bytes(self.fee)));
-		let sig = try!(Signature::from_der(secp, &self.excess_sig));
-		try!(secp.verify(&msg, &sig, &pubk));
+		let pubk = rsum.to_pubkey(secp)?;
+		let msg = Message::from_slice(&u64_to_32bytes(self.fee))?;
+		let sig = Signature::from_der(secp, &self.excess_sig)?;
+		secp.verify(&msg, &sig, &pubk)?;
 
 		Ok(TxKernel {
 			features: DEFAULT_KERNEL,