diff --git a/zcash_client_backend/src/keys.rs b/zcash_client_backend/src/keys.rs
index 4d4cd6f1a..bae7f5faf 100644
--- a/zcash_client_backend/src/keys.rs
+++ b/zcash_client_backend/src/keys.rs
@@ -5,6 +5,10 @@ use zcash_primitives::zip32::{ChildIndex, ExtendedSpendingKey};
 /// Derives the ZIP 32 [`ExtendedSpendingKey`] for a given coin type and account from the
 /// given seed.
 ///
+/// # Panics
+///
+/// Panics if `seed` is shorter than 32 bytes.
+///
 /// # Examples
 ///
 /// ```
@@ -13,6 +17,10 @@ use zcash_primitives::zip32::{ChildIndex, ExtendedSpendingKey};
 /// let extsk = spending_key(&[0; 32][..], COIN_TYPE, 0);
 /// ```
 pub fn spending_key(seed: &[u8], coin_type: u32, account: u32) -> ExtendedSpendingKey {
+    if seed.len() < 32 {
+        panic!("ZIP 32 seeds MUST be at least 32 bytes");
+    }
+
     ExtendedSpendingKey::from_path(
         &ExtendedSpendingKey::master(&seed),
         &[