diff --git a/CHANGELOG.md b/CHANGELOG.md
index dfc144e09..26792b0cd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,12 +6,11 @@ and this project adheres to Rust's notion of
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-### added
-- Added [Visibility crate](https://crates.io/crates/visibility) to modify
-visibility of methods and struct for the `unstable-frost` feature.
-- Added `SpendValidatingKey` serialization and deserialization from bytes
-visibility under the `unstable-frost` feature
-  - `orchard::keys::SpendValidatingKey`
+### Added
+- `orchard::keys::SpendValidatingKey::{from_bytes, to_bytes}` behind the
+  `unstable-frost` feature flag. These are temporary APIs exposed for development
+  purposes, and will be replaced by type-safe FROST APIs once ZIP 312 key
+  generation is specified (https://github.com/zcash/zips/pull/883).
 
 ## [0.8.0] - 2024-03-25
 
diff --git a/src/keys.rs b/src/keys.rs
index 4becf1150..f66928eeb 100644
--- a/src/keys.rs
+++ b/src/keys.rs
@@ -190,12 +190,14 @@ impl SpendValidatingKey {
     pub(crate) fn to_bytes(&self) -> [u8; 32] {
         // This is correct because the wrapped point must have ỹ = 0, and
         // so the point repr is the same as I2LEOSP of its x-coordinate.
-        <[u8; 32]>::from(&self.0)
+        let b = <[u8; 32]>::from(&self.0);
+        assert!(b[31] & 0x80 == 0);
+        b
     }
 
-    /// Attempts to convert these bytes into a spend validating key
-    /// from its serialized form, I2LEOSP_256(ak). Returns None if
-    /// it can't be created.
+    /// Attempts to parse a byte slice as a spend validating key, `I2LEOSP_256(ak)`.
+    ///
+    /// Returns `None` if the given slice does not contain a valid spend validating key.
     #[cfg_attr(feature = "unstable-frost", visibility::make(pub))]
     pub(crate) fn from_bytes(bytes: &[u8]) -> Option<Self> {
         <[u8; 32]>::try_from(bytes)