diff --git a/sapling_jubjub.py b/sapling_jubjub.py
index 6bfc31a..b8d012b 100644
--- a/sapling_jubjub.py
+++ b/sapling_jubjub.py
@@ -142,6 +142,14 @@ JUBJUB_D = Fq(-10240) / Fq(10241)
 JUBJUB_COFACTOR = Fr(8)
 
 class Point(object):
+    @staticmethod
+    def rand(rand):
+        while True:
+            data = rand.b(32)
+            p = Point.from_bytes(data)
+            if p:
+                return p
+
     @staticmethod
     def from_bytes(buf):
         assert len(buf) == 32
diff --git a/transaction.py b/transaction.py
index c81acef..39ab9b4 100644
--- a/transaction.py
+++ b/transaction.py
@@ -2,7 +2,7 @@
 import struct
 
 from sapling_generators import find_group_hash, SPENDING_KEY_BASE
-from sapling_jubjub import Fq
+from sapling_jubjub import Fq, Point
 from sapling_utils import leos2ip
 from zc_utils import write_compact_size
 
@@ -80,7 +80,7 @@ class SpendDescription(object):
         self.cv = find_group_hash(b'TVRandPt', rand.b(32))
         self.anchor = Fq(leos2ip(rand.b(32)))
         self.nullifier = rand.b(32)
-        self.rk = rand.b(32)
+        self.rk = Point.rand(rand)
         self.proof = GrothProof(rand)
         self.spendAuthSig = rand.b(64) # Invalid
 
@@ -89,7 +89,7 @@ class SpendDescription(object):
             bytes(self.cv) +
             bytes(self.anchor) +
             self.nullifier +
-            self.rk +
+            bytes(self.rk) +
             bytes(self.proof) +
             self.spendAuthSig
         )
diff --git a/zip_0243.py b/zip_0243.py
index 9ec1a31..bd558b6 100644
--- a/zip_0243.py
+++ b/zip_0243.py
@@ -31,7 +31,7 @@ def getHashShieldedSpends(tx):
         digest.update(bytes(desc.cv))
         digest.update(bytes(desc.anchor))
         digest.update(desc.nullifier)
-        digest.update(desc.rk)
+        digest.update(bytes(desc.rk))
         digest.update(bytes(desc.proof))
     return digest.digest()