diff --git a/node/Identity.hpp b/node/Identity.hpp
index 1a3ced62b..51d6fe32e 100644
--- a/node/Identity.hpp
+++ b/node/Identity.hpp
@@ -58,6 +58,11 @@ public:
 		P384 = ZT_CRYPTO_ALG_P384      // Type 1 -- NIST P-384 with linked Curve25519/Ed25519 secondaries (2.x+)
 	};
 
+	/**
+	 * 384-bit full hash of identity's public key(s)
+	 */
+	typedef Hash<384> Fingerprint;
+
 	/**
 	 * A nil/empty identity instance
 	 */
@@ -113,7 +118,7 @@ public:
 	ZT_ALWAYS_INLINE bool hasPrivate() const noexcept { return _hasPrivate; }
 
 	/**
-	 * Get hash of this identity's public key(s)
+	 * Get a 384-bit hash of this identity's public key(s)
 	 *
 	 * The hash returned by this function differs by identity type. For C25519 (type 0)
 	 * identities this returns a simple SHA384 of the public key, which is NOT the same
@@ -122,13 +127,9 @@ public:
 	 * and address computation. This difference is because the v0 hash is expensive while
 	 * the v1 hash is fast.
 	 *
-	 * While addresses can technically collide (though this is rare and hard to create),
-	 * the full hash of an identity's keys is unique to within cryptographic strength
-	 * bounds of the keys themselves.
-	 *
-	 * @return 384-bit/48-byte hash
+	 * @return Hash of public key(s)
 	 */
-	ZT_ALWAYS_INLINE const Hash<384> &fingerprint() const noexcept { return _hash; }
+	ZT_ALWAYS_INLINE const Fingerprint &fingerprint() const noexcept { return _hash; }
 
 	/**
 	 * Compute a hash of this identity's public and private keys.
@@ -218,6 +219,7 @@ public:
 		}
 		return false;
 	}
+	ZT_ALWAYS_INLINE bool operator!=(const Identity &id) const noexcept { return !(*this == id); }
 	ZT_ALWAYS_INLINE bool operator<(const Identity &id) const noexcept
 	{
 		if (_address < id._address)
@@ -235,7 +237,6 @@ public:
 		}
 		return false;
 	}
-	ZT_ALWAYS_INLINE bool operator!=(const Identity &id) const noexcept { return !(*this == id); }
 	ZT_ALWAYS_INLINE bool operator>(const Identity &id) const noexcept { return (id < *this); }
 	ZT_ALWAYS_INLINE bool operator<=(const Identity &id) const noexcept { return !(id < *this); }
 	ZT_ALWAYS_INLINE bool operator>=(const Identity &id) const noexcept { return !(*this < id); }
diff --git a/node/MAC.hpp b/node/MAC.hpp
index 1b7b6ba9f..06af8962d 100644
--- a/node/MAC.hpp
+++ b/node/MAC.hpp
@@ -33,7 +33,7 @@ class MAC : public TriviallyCopyable
 public:
 	ZT_ALWAYS_INLINE MAC() noexcept : _m(0ULL) {}
 	ZT_ALWAYS_INLINE MAC(const uint8_t a,const uint8_t b,const uint8_t c,const uint8_t d,const uint8_t e,const uint8_t f) noexcept : _m( (((uint64_t)a) << 40U) | (((uint64_t)b) << 32U) | (((uint64_t)c) << 24U) | (((uint64_t)d) << 16U) | (((uint64_t)e) << 8U) | ((uint64_t)f) ) {}
-	explicit ZT_ALWAYS_INLINE MAC(const uint64_t m) noexcept : _m(m & 0xffffffffffffULL) {}
+	explicit ZT_ALWAYS_INLINE MAC(const uint64_t m) noexcept : _m(m) {}
 	explicit ZT_ALWAYS_INLINE MAC(const uint8_t b[6]) noexcept { setTo(b); }
 	ZT_ALWAYS_INLINE MAC(const Address &ztaddr,uint64_t nwid) noexcept { fromAddress(ztaddr,nwid); }
 
@@ -78,7 +78,7 @@ public:
 	/**
 	 * @return True if this is broadcast (all 0xff)
 	 */
-	ZT_ALWAYS_INLINE bool isBroadcast() const noexcept { return (_m == 0xffffffffffffULL); }
+	ZT_ALWAYS_INLINE bool isBroadcast() const noexcept { return _m; }
 
 	/**
 	 * @return True if this is a multicast MAC
@@ -167,11 +167,7 @@ public:
 		return buf;
 	}
 
-	ZT_ALWAYS_INLINE MAC &operator=(const uint64_t m) noexcept
-	{
-		_m = m & 0xffffffffffffULL;
-		return *this;
-	}
+	ZT_ALWAYS_INLINE MAC &operator=(const uint64_t m) noexcept { _m = m; return *this; }
 
 	ZT_ALWAYS_INLINE bool operator==(const MAC &m) const noexcept { return (_m == m._m); }
 	ZT_ALWAYS_INLINE bool operator!=(const MAC &m) const noexcept { return (_m != m._m); }