diff --git a/encryption-demo/tests/bad_guest.rs b/encryption-demo/tests/bad_guest.rs
new file mode 100644
index 0000000..264c226
--- /dev/null
+++ b/encryption-demo/tests/bad_guest.rs
@@ -0,0 +1,30 @@
+#[cfg(not(rust_analyzer))]
+include!(concat!(env!("OUT_DIR"), "/methods.rs"));
+
+#[cfg(rust_analyzer)]
+mod methods {
+    pub const GUEST_ELF: &[u8] = &[];
+    pub const GUEST_ID: [u32; 8] = [0; 8];
+}
+#[cfg(rust_analyzer)]
+use methods::*;
+
+use risc0_zkvm::{default_prover, ExecutorEnv};
+
+#[test]
+fn guest_panics_on_bad_key() {
+    // This key triggers the panic in the guest
+    let key = [0xFFu8; 32];
+    let nonce = [0u8; 12];
+    let plaintext = b"panic please".to_vec();
+
+    let env = ExecutorEnv::builder()
+        .write(&key).unwrap()
+        .write(&nonce).unwrap()
+        .write(&plaintext).unwrap()
+        .build().unwrap();
+
+    // Proving should fail when the guest panics
+    let res = default_prover().prove(env, GUEST_ELF);
+    assert!(res.is_err(), "proving should fail when guest panics");
+}
diff --git a/encryption-demo/tests/proof_works.rs b/encryption-demo/tests/proof_works.rs
new file mode 100644
index 0000000..74722c6
--- /dev/null
+++ b/encryption-demo/tests/proof_works.rs
@@ -0,0 +1,49 @@
+#[cfg(not(rust_analyzer))]
+include!{concat!(env!("OUT_DIR"), "/methods.rs")}
+
+#[cfg(rust_analyzer)]
+mod methods {
+    pub const GUEST_ELF: &[u8] = &[];
+    pub const GUEST_ID: [u32; 8] = [0; 8];
+}
+#[cfg(rust_analyzer)]
+use methods::*;
+
+use risc0_zkvm::{default_prover, ExecutorEnv};
+
+// Host-side ChaCha20
+use chacha20::{ChaCha20, Key, Nonce};
+use cipher::{KeyIvInit, StreamCipher};
+
+#[test]
+fn proof_works_and_matches_host_chacha() {
+    // Inputs (must match what your guest expects)
+    let key       = [0x42u8; 32];
+    let nonce     = [0x24u8; 12];
+    let plaintext = b"Hello, RISC Zero ChaCha20 demo!";
+
+    // Prove with the R0 guest
+    let env = ExecutorEnv::builder()
+        .write(&key).unwrap()
+        .write(&nonce).unwrap()
+        .write(&plaintext.to_vec()).unwrap()
+        .build().unwrap();
+
+    let prove_info = default_prover().prove(env, GUEST_ELF).expect("prove failed");
+    prove_info.receipt.verify(GUEST_ID).expect("verify failed");
+
+    
+    // Ciphertext produced by the guest
+    let guest_ct = prove_info.receipt.journal.bytes.clone();
+
+    // Host-side reference: ChaCha20 with the same key/nonce
+    let mut host_ct = plaintext.to_vec();
+    let key = Key::from_slice(&key);
+    let nonce = Nonce::from_slice(&nonce);
+    let mut cipher = ChaCha20::new(key, nonce);
+    cipher.apply_keystream(&mut host_ct);
+
+    // Compare
+    assert_eq!(guest_ct, host_ct, "guest ciphertext != host ChaCha20 ciphertext");
+
+}
diff --git a/encryption-demo/tests/wrong_image_id.rs b/encryption-demo/tests/wrong_image_id.rs
new file mode 100644
index 0000000..8097c62
--- /dev/null
+++ b/encryption-demo/tests/wrong_image_id.rs
@@ -0,0 +1,22 @@
+use anyhow::Result;
+use risc0_zkvm::{default_prover, ExecutorEnv, Digest};
+
+#[cfg(not(rust_analyzer))]
+include!(concat!(env!("OUT_DIR"), "/methods.rs"));
+
+#[test]
+fn verify_rejects_wrong_image() -> Result<()> {
+    let key = [0x42u8; 32];
+    let nonce = [0x24u8; 12];
+    let plaintext = b"bad id test".to_vec();
+
+    let env = ExecutorEnv::builder()
+        .write(&key)?.write(&nonce)?.write(&plaintext)?.build()?;
+
+    let info = default_prover().prove(env, GUEST_ELF)?;
+
+    // Intentionally bogus image id
+    let bogus = Digest::from([0u32; 8]);
+    assert!(info.receipt.verify(bogus).is_err(), "verification should fail");
+    Ok(())
+}