diff --git a/Makefile b/Makefile
index 295d71a..a8b4f3f 100644
--- a/Makefile
+++ b/Makefile
@@ -54,9 +54,10 @@ ifeq (,$(findstring 64,$(ARCH))$(findstring gcc,$(CC)))
 XCFLAGS += -DGOLDI_FORCE_32_BIT=1
 endif
 
+ARCHFLAGS += $(XARCHFLAGS)
 CFLAGS  = $(LANGFLAGS) $(WARNFLAGS) $(INCFLAGS) $(OFLAGS) $(ARCHFLAGS) $(GENFLAGS) $(XCFLAGS)
 LDFLAGS = $(ARCHFLAGS) $(XLDFLAGS)
-ASFLAGS = $(ARCHFLAGS)
+ASFLAGS = $(ARCHFLAGS) $(XASFLAGS)
 
 .PHONY: clean all test bench todo doc lib bat
 .PRECIOUS: build/%.s
@@ -97,7 +98,7 @@ ifeq ($(UNAME),Darwin)
 	libtool -macosx_version_min 10.6 -dynamic -dead_strip -lc -x -o $@ \
 		  $(LIBCOMPONENTS)
 else
-	$(LD) -shared -Wl,-soname,goldilocks.so.1 -Wl,--gc-sections -o $@ $(LIBCOMPONENTS)
+	$(LD) $(LDFLAGS) -shared -Wl,-soname,goldilocks.so.1 -Wl,--gc-sections -o $@ $(LIBCOMPONENTS)
 	strip --discard-all $@
 	ln -sf `basename $@` build/goldilocks.so.1
 endif
diff --git a/include/decaf.h b/include/decaf.h
index 19b96b4..98f0ae8 100644
--- a/include/decaf.h
+++ b/include/decaf.h
@@ -33,24 +33,28 @@
 #define NONNULL2 __attribute__((nonnull(1,2)))
 #define NONNULL3 __attribute__((nonnull(1,2,3)))
 #define NONNULL5 __attribute__((nonnull(1,2,3,4,5)))
-/** @endcond */
 
-/** Types of internal words.  TODO: ARCH: make 32-bit clean */
+/* Internal word types */
+#if (defined(__ILP64__) || defined(__amd64__) || defined(__x86_64__) || (((__UINT_FAST32_MAX__)>>30)>>30)) \
+	&& !defined(DECAF_FORCE_32_BIT)
+#define DECAF_WORD_BITS 64
 typedef uint64_t decaf_word_t, decaf_bool_t;
+#else
+#define DECAF_WORD_BITS 32
+typedef uint32_t decaf_word_t, decaf_bool_t;
+#endif
+/** @endcond */
 
 /* TODO: prefix all these operations and factor to support multiple curves. */
-
-/* TODO: perfield, so when 25519 hits this will change */
-#define DECAF_FIELD_BITS 448
-#define DECAF_LIMBS 8
+#define DECAF_LIMBS (512/DECAF_WORD_BITS)
 #define DECAF_SCALAR_BITS 446
-#define DECAF_SCALAR_LIMBS (1 + (DECAF_SCALAR_BITS-1)/8/sizeof(decaf_word_t))
+#define DECAF_SCALAR_LIMBS (448/DECAF_WORD_BITS)
 
-/** Number of bytes in a serialized point.  One less bit than you'd think. */
-#define DECAF_SER_BYTES ((DECAF_FIELD_BITS+6)/8)
+/** Number of bytes in a serialized point. */
+#define DECAF_SER_BYTES 56
 
-/** Number of bytes in a serialized scalar.  Two less bits than you'd think. */
-#define DECAF_SCALAR_BYTES ((DECAF_FIELD_BITS+5)/8)
+/** Number of bytes in a serialized scalar. */
+#define DECAF_SCALAR_BYTES 56
 
 /** Twisted Edwards (-1,d-1) extended homogeneous coordinates */
 typedef struct decaf_point_s {
diff --git a/src/decaf.c b/src/decaf.c
index b52c95e..4c16420 100644
--- a/src/decaf.c
+++ b/src/decaf.c
@@ -10,8 +10,7 @@
 
 #include "decaf.h"
 
-/* TODO arch */
-#define WBITS 64
+#define WBITS DECAF_WORD_BITS
 
 #if WBITS == 64
 #define LBITS 56
@@ -36,7 +35,12 @@ typedef decaf_word_t gf[DECAF_LIMBS];
 static const gf ZERO = {0}, ONE = {1}, TWO = {2};
 
 #define LMASK ((((decaf_word_t)1)<<LBITS)-1)
+#if WBITS == 64
 static const gf P = { LMASK, LMASK, LMASK, LMASK, LMASK-1, LMASK, LMASK, LMASK };
+#else
+static const gf P = { LMASK,   LMASK, LMASK, LMASK, LMASK, LMASK, LMASK, LMASK,
+		      LMASK-1, LMASK, LMASK, LMASK, LMASK, LMASK, LMASK, LMASK };
+#endif
 static const int EDWARDS_D = -39081;
 
 const decaf_scalar_t decaf_scalar_p = {{{
diff --git a/src/scalarmul.c b/src/scalarmul.c
index 8bd8dd0..07d35b8 100644
--- a/src/scalarmul.c
+++ b/src/scalarmul.c
@@ -231,9 +231,7 @@ scalarmul_ed (
     }
 
     i = nbits - WINDOW;
-    int bits = scalar2[i/WORD_BITS] >> (i%WORD_BITS) & WINDOW_MASK,
-        inv = (bits>>(WINDOW-1))-1;
-    bits ^= inv;
+    int bits, inv;
     
     set_identity_tw_extended(working);
 
diff --git a/test/test_pointops.c b/test/test_pointops.c
index 65b2eb6..257ff5b 100644
--- a/test/test_pointops.c
+++ b/test/test_pointops.c
@@ -282,24 +282,29 @@ single_twisting_test (
 
 int test_decaf_evil (void) {
     
-#if FIELD_BITS != 448 || WORD_BITS != 64
-    
+#if FIELD_BITS != 448
     printf(" [ UNIMP ] ");
     return 0;
 #else
-    
-    word_t evil_scalars[5][7] = {
+
+#if WORD_BITS==64
+#define SC_WORD(x) x##ull
+#elif WORD_BITS==32
+#define SC_WORD(x) (uint32_t)(x##ull), (x##ull)>>32
+#endif
+
+    word_t evil_scalars[5][448/WORD_BITS] = {
         {0},
-        {0x2378c292ab5844f3,0x216cc2728dc58f55,0xc44edb49aed63690,0xffffffff7cca23e9,
-         0xffffffffffffffff,0xffffffffffffffff,0x3fffffffffffffff}, /* q */
-        {0xdc873d6d54a7bb0d,0xde933d8d723a70aa,0x3bb124b65129c96f,
-         0x335dc16,0x0,0x0,0x4000000000000000}, /* qtwist */
-        {0x46f1852556b089e6,0x42d984e51b8b1eaa,0x889db6935dac6d20,0xfffffffef99447d3,
-         0xffffffffffffffff,0xffffffffffffffff,0x7fffffffffffffff}, /* 2q */
-        {0xb90e7adaa94f761a,0xbd267b1ae474e155,0x7762496ca25392df,0x66bb82c,
-             0x0,0x0,0x8000000000000000} /* 2*qtwist */
+        {SC_WORD(0x2378c292ab5844f3),SC_WORD(0x216cc2728dc58f55),SC_WORD(0xc44edb49aed63690),SC_WORD(0xffffffff7cca23e9),
+         SC_WORD(0xffffffffffffffff),SC_WORD(0xffffffffffffffff),SC_WORD(0x3fffffffffffffff)}, /* q */
+        {SC_WORD(0xdc873d6d54a7bb0d),SC_WORD(0xde933d8d723a70aa),SC_WORD(0x3bb124b65129c96f),
+         SC_WORD(0x335dc16),SC_WORD(0x0),SC_WORD(0x0),SC_WORD(0x4000000000000000)}, /* qtwist */
+        {SC_WORD(0x46f1852556b089e6),SC_WORD(0x42d984e51b8b1eaa),SC_WORD(0x889db6935dac6d20),SC_WORD(0xfffffffef99447d3),
+         SC_WORD(0xffffffffffffffff),SC_WORD(0xffffffffffffffff),SC_WORD(0x7fffffffffffffff)}, /* 2q */
+        {SC_WORD(0xb90e7adaa94f761a),SC_WORD(0xbd267b1ae474e155),SC_WORD(0x7762496ca25392df),SC_WORD(0x66bb82c),
+             SC_WORD(0x0),SC_WORD(0x0),SC_WORD(0x8000000000000000)} /* 2*qtwist */
     };
-    word_t random_scalar[7];
+    word_t random_scalar[448/WORD_BITS];
     
     unsigned char evil_inputs[3][56];
     memset(evil_inputs[0],0,56);