diff --git a/algorand/token_bridge.py b/algorand/token_bridge.py
index dbdf88e65..a7736be1c 100644
--- a/algorand/token_bridge.py
+++ b/algorand/token_bridge.py
@@ -984,14 +984,14 @@ def approve_token_bridge(seed_amt: int, tmpl_sig: TmplSig, devMode: bool):
             # Check that we're paying it
             algo_seed.type_enum() == TxnType.Payment,
             algo_seed.amount() == Int(seed_amt),
+            algo_seed.receiver() == optin.sender(),
+
             # Check that its an opt in to us
             optin.type_enum() == TxnType.ApplicationCall,
             optin.on_completion() == OnComplete.OptIn,
-
             optin.application_id() == Global.current_application_id(),
-
-            algo_seed.receiver() == optin.sender(),
-            optin.rekey_to() == Global.current_application_address()
+            optin.rekey_to() == Global.current_application_address(),
+            optin.application_args.length() == Int(0)
         )
 
         return Seq(
diff --git a/algorand/wormhole_core.py b/algorand/wormhole_core.py
index e7a9b380b..92d069654 100644
--- a/algorand/wormhole_core.py
+++ b/algorand/wormhole_core.py
@@ -127,14 +127,14 @@ def getCoreContracts(   genTeal, approve_name, clear_name,
                 # Check that we're paying it
                 algo_seed.type_enum() == TxnType.Payment,
                 algo_seed.amount() == Int(seed_amt),
+                algo_seed.receiver() == optin.sender(),
                 # Check that its an opt in to us
                 optin.type_enum() == TxnType.ApplicationCall,
                 optin.on_completion() == OnComplete.OptIn,
                 # Not strictly necessary since we wouldn't be seeing this unless it was us, but...
                 optin.application_id() == Global.current_application_id(),
-
-                algo_seed.receiver() == optin.sender(),
-                optin.rekey_to() == Global.current_application_address()
+                optin.rekey_to() == Global.current_application_address(),
+                optin.application_args.length() == Int(0)
             )
     
             return Seq(
@@ -460,6 +460,9 @@ def getCoreContracts(   genTeal, approve_name, clear_name,
                                     # What signatures did this verifySigs check?
                                     s.store(Gtxn[i.load()].application_args[1]),
 
+                                    # Make sure we bail earlier on incorrect arguments...
+                                    MagicAssert(Len(s.load()) > Int(0)),
+
                                     # Look at the vaa and confirm those were the expected signatures we should have been checking
                                     # at this point in the process
                                     MagicAssert(Extract(Txn.application_args[1], off.load(), Len(s.load())) == s.load()),