We have:
For me the guarantees from an API-consumer point of view are pretty well expressed (i.e., if someone somehow gets a Pin<impl Deref<Target = T>>, they can then rely on T's address never changing) ; the documentation problem is "for the other side of the API", i.e. for the person that goes unsafe and attempts to construct such a Pin object (e.g. the wrong but dangerously intuitive Pin<&'a mut T> : From<&'a mut T>).
That is "the worst kind" of guarantees, i.e. one that will "inevitably" lead to unsoundness (take, for instance, the damage caused by an "innocent-looking" function such as ::std::mem::zeroed<T : Sized> () -> T)