diff --git a/artifacts/program_methods/amm.bin b/artifacts/program_methods/amm.bin
index 52067453..685e01bb 100644
Binary files a/artifacts/program_methods/amm.bin and b/artifacts/program_methods/amm.bin differ
diff --git a/artifacts/program_methods/associated_token_account.bin b/artifacts/program_methods/associated_token_account.bin
index 339f634c..d67cd89d 100644
Binary files a/artifacts/program_methods/associated_token_account.bin and b/artifacts/program_methods/associated_token_account.bin differ
diff --git a/artifacts/program_methods/authenticated_transfer.bin b/artifacts/program_methods/authenticated_transfer.bin
index ae1dc1aa..8a335adf 100644
Binary files a/artifacts/program_methods/authenticated_transfer.bin and b/artifacts/program_methods/authenticated_transfer.bin differ
diff --git a/artifacts/program_methods/clock.bin b/artifacts/program_methods/clock.bin
index aaca2737..f24484ee 100644
Binary files a/artifacts/program_methods/clock.bin and b/artifacts/program_methods/clock.bin differ
diff --git a/artifacts/program_methods/faucet.bin b/artifacts/program_methods/faucet.bin
index 8b3bda76..8f091358 100644
Binary files a/artifacts/program_methods/faucet.bin and b/artifacts/program_methods/faucet.bin differ
diff --git a/artifacts/program_methods/pinata.bin b/artifacts/program_methods/pinata.bin
index fad19f0b..2a2ec7b5 100644
Binary files a/artifacts/program_methods/pinata.bin and b/artifacts/program_methods/pinata.bin differ
diff --git a/artifacts/program_methods/pinata_token.bin b/artifacts/program_methods/pinata_token.bin
index bd38db1a..94f2598d 100644
Binary files a/artifacts/program_methods/pinata_token.bin and b/artifacts/program_methods/pinata_token.bin differ
diff --git a/artifacts/program_methods/privacy_preserving_circuit.bin b/artifacts/program_methods/privacy_preserving_circuit.bin
index f8df6383..5b52b624 100644
Binary files a/artifacts/program_methods/privacy_preserving_circuit.bin and b/artifacts/program_methods/privacy_preserving_circuit.bin differ
diff --git a/artifacts/program_methods/token.bin b/artifacts/program_methods/token.bin
index ba54f9f3..6a904824 100644
Binary files a/artifacts/program_methods/token.bin and b/artifacts/program_methods/token.bin differ
diff --git a/artifacts/program_methods/vault.bin b/artifacts/program_methods/vault.bin
index 1d853c3c..4c5d875b 100644
Binary files a/artifacts/program_methods/vault.bin and b/artifacts/program_methods/vault.bin differ
diff --git a/artifacts/test_program_methods/auth_asserting_noop.bin b/artifacts/test_program_methods/auth_asserting_noop.bin
index 720f8ea6..d0b8b80d 100644
Binary files a/artifacts/test_program_methods/auth_asserting_noop.bin and b/artifacts/test_program_methods/auth_asserting_noop.bin differ
diff --git a/artifacts/test_program_methods/auth_transfer_proxy.bin b/artifacts/test_program_methods/auth_transfer_proxy.bin
index f79510cf..7d728367 100644
Binary files a/artifacts/test_program_methods/auth_transfer_proxy.bin and b/artifacts/test_program_methods/auth_transfer_proxy.bin differ
diff --git a/artifacts/test_program_methods/burner.bin b/artifacts/test_program_methods/burner.bin
index d5c2611b..9228fdc6 100644
Binary files a/artifacts/test_program_methods/burner.bin and b/artifacts/test_program_methods/burner.bin differ
diff --git a/artifacts/test_program_methods/chain_caller.bin b/artifacts/test_program_methods/chain_caller.bin
index edc15959..1546eb58 100644
Binary files a/artifacts/test_program_methods/chain_caller.bin and b/artifacts/test_program_methods/chain_caller.bin differ
diff --git a/artifacts/test_program_methods/changer_claimer.bin b/artifacts/test_program_methods/changer_claimer.bin
index 8871ce27..a98fa099 100644
Binary files a/artifacts/test_program_methods/changer_claimer.bin and b/artifacts/test_program_methods/changer_claimer.bin differ
diff --git a/artifacts/test_program_methods/claimer.bin b/artifacts/test_program_methods/claimer.bin
index 2ca68617..42a8ccff 100644
Binary files a/artifacts/test_program_methods/claimer.bin and b/artifacts/test_program_methods/claimer.bin differ
diff --git a/artifacts/test_program_methods/clock_chain_caller.bin b/artifacts/test_program_methods/clock_chain_caller.bin
index b46141ce..0407dc83 100644
Binary files a/artifacts/test_program_methods/clock_chain_caller.bin and b/artifacts/test_program_methods/clock_chain_caller.bin differ
diff --git a/artifacts/test_program_methods/data_changer.bin b/artifacts/test_program_methods/data_changer.bin
index 4685608a..1b1e4478 100644
Binary files a/artifacts/test_program_methods/data_changer.bin and b/artifacts/test_program_methods/data_changer.bin differ
diff --git a/artifacts/test_program_methods/extra_output.bin b/artifacts/test_program_methods/extra_output.bin
index 3221ba35..12ca3db5 100644
Binary files a/artifacts/test_program_methods/extra_output.bin and b/artifacts/test_program_methods/extra_output.bin differ
diff --git a/artifacts/test_program_methods/faucet_chain_caller.bin b/artifacts/test_program_methods/faucet_chain_caller.bin
index 81aa21f6..6df3f51c 100644
Binary files a/artifacts/test_program_methods/faucet_chain_caller.bin and b/artifacts/test_program_methods/faucet_chain_caller.bin differ
diff --git a/artifacts/test_program_methods/flash_swap_callback.bin b/artifacts/test_program_methods/flash_swap_callback.bin
index 513e7856..24777072 100644
Binary files a/artifacts/test_program_methods/flash_swap_callback.bin and b/artifacts/test_program_methods/flash_swap_callback.bin differ
diff --git a/artifacts/test_program_methods/flash_swap_initiator.bin b/artifacts/test_program_methods/flash_swap_initiator.bin
index 3740635d..5c42b8ee 100644
Binary files a/artifacts/test_program_methods/flash_swap_initiator.bin and b/artifacts/test_program_methods/flash_swap_initiator.bin differ
diff --git a/artifacts/test_program_methods/malicious_authorization_changer.bin b/artifacts/test_program_methods/malicious_authorization_changer.bin
index b34e6398..35417608 100644
Binary files a/artifacts/test_program_methods/malicious_authorization_changer.bin and b/artifacts/test_program_methods/malicious_authorization_changer.bin differ
diff --git a/artifacts/test_program_methods/malicious_caller_program_id.bin b/artifacts/test_program_methods/malicious_caller_program_id.bin
index c1f65dce..c3be7ddb 100644
Binary files a/artifacts/test_program_methods/malicious_caller_program_id.bin and b/artifacts/test_program_methods/malicious_caller_program_id.bin differ
diff --git a/artifacts/test_program_methods/malicious_injector.bin b/artifacts/test_program_methods/malicious_injector.bin
index 8c2acf82..398c50e3 100644
Binary files a/artifacts/test_program_methods/malicious_injector.bin and b/artifacts/test_program_methods/malicious_injector.bin differ
diff --git a/artifacts/test_program_methods/malicious_launderer.bin b/artifacts/test_program_methods/malicious_launderer.bin
index 547a21a2..ed3260da 100644
Binary files a/artifacts/test_program_methods/malicious_launderer.bin and b/artifacts/test_program_methods/malicious_launderer.bin differ
diff --git a/artifacts/test_program_methods/malicious_self_program_id.bin b/artifacts/test_program_methods/malicious_self_program_id.bin
index 3a291460..68fb156c 100644
Binary files a/artifacts/test_program_methods/malicious_self_program_id.bin and b/artifacts/test_program_methods/malicious_self_program_id.bin differ
diff --git a/artifacts/test_program_methods/minter.bin b/artifacts/test_program_methods/minter.bin
index a27b7a4e..df99e3a8 100644
Binary files a/artifacts/test_program_methods/minter.bin and b/artifacts/test_program_methods/minter.bin differ
diff --git a/artifacts/test_program_methods/missing_output.bin b/artifacts/test_program_methods/missing_output.bin
index 505322a6..7bd623ab 100644
Binary files a/artifacts/test_program_methods/missing_output.bin and b/artifacts/test_program_methods/missing_output.bin differ
diff --git a/artifacts/test_program_methods/modified_transfer.bin b/artifacts/test_program_methods/modified_transfer.bin
index aaa5dcb0..9ff09816 100644
Binary files a/artifacts/test_program_methods/modified_transfer.bin and b/artifacts/test_program_methods/modified_transfer.bin differ
diff --git a/artifacts/test_program_methods/nonce_changer.bin b/artifacts/test_program_methods/nonce_changer.bin
index 8dc636da..a2e180f8 100644
Binary files a/artifacts/test_program_methods/nonce_changer.bin and b/artifacts/test_program_methods/nonce_changer.bin differ
diff --git a/artifacts/test_program_methods/noop.bin b/artifacts/test_program_methods/noop.bin
index 69e69635..62644e02 100644
Binary files a/artifacts/test_program_methods/noop.bin and b/artifacts/test_program_methods/noop.bin differ
diff --git a/artifacts/test_program_methods/pda_claimer.bin b/artifacts/test_program_methods/pda_claimer.bin
index f5603d58..405577be 100644
Binary files a/artifacts/test_program_methods/pda_claimer.bin and b/artifacts/test_program_methods/pda_claimer.bin differ
diff --git a/artifacts/test_program_methods/pda_spend_proxy.bin b/artifacts/test_program_methods/pda_spend_proxy.bin
index 9f0d0c3e..9b9c711d 100644
Binary files a/artifacts/test_program_methods/pda_spend_proxy.bin and b/artifacts/test_program_methods/pda_spend_proxy.bin differ
diff --git a/artifacts/test_program_methods/pinata_cooldown.bin b/artifacts/test_program_methods/pinata_cooldown.bin
index a2194ba1..11f1d9f5 100644
Binary files a/artifacts/test_program_methods/pinata_cooldown.bin and b/artifacts/test_program_methods/pinata_cooldown.bin differ
diff --git a/artifacts/test_program_methods/private_pda_delegator.bin b/artifacts/test_program_methods/private_pda_delegator.bin
index 9fcb05cf..ad5a11d9 100644
Binary files a/artifacts/test_program_methods/private_pda_delegator.bin and b/artifacts/test_program_methods/private_pda_delegator.bin differ
diff --git a/artifacts/test_program_methods/program_owner_changer.bin b/artifacts/test_program_methods/program_owner_changer.bin
index 92749650..d87c5a42 100644
Binary files a/artifacts/test_program_methods/program_owner_changer.bin and b/artifacts/test_program_methods/program_owner_changer.bin differ
diff --git a/artifacts/test_program_methods/simple_balance_transfer.bin b/artifacts/test_program_methods/simple_balance_transfer.bin
index 78a75df9..f64b060a 100644
Binary files a/artifacts/test_program_methods/simple_balance_transfer.bin and b/artifacts/test_program_methods/simple_balance_transfer.bin differ
diff --git a/artifacts/test_program_methods/time_locked_transfer.bin b/artifacts/test_program_methods/time_locked_transfer.bin
index 296863e9..87530acb 100644
Binary files a/artifacts/test_program_methods/time_locked_transfer.bin and b/artifacts/test_program_methods/time_locked_transfer.bin differ
diff --git a/artifacts/test_program_methods/two_pda_claimer.bin b/artifacts/test_program_methods/two_pda_claimer.bin
index 34c8f27c..e469bfc6 100644
Binary files a/artifacts/test_program_methods/two_pda_claimer.bin and b/artifacts/test_program_methods/two_pda_claimer.bin differ
diff --git a/artifacts/test_program_methods/validity_window.bin b/artifacts/test_program_methods/validity_window.bin
index ad2df7c1..53872234 100644
Binary files a/artifacts/test_program_methods/validity_window.bin and b/artifacts/test_program_methods/validity_window.bin differ
diff --git a/artifacts/test_program_methods/validity_window_chain_caller.bin b/artifacts/test_program_methods/validity_window_chain_caller.bin
index 4eef9a03..2264d04f 100644
Binary files a/artifacts/test_program_methods/validity_window_chain_caller.bin and b/artifacts/test_program_methods/validity_window_chain_caller.bin differ
diff --git a/nssa/core/src/commitment.rs b/nssa/core/src/commitment.rs
index 73ccd703..7c81c12c 100644
--- a/nssa/core/src/commitment.rs
+++ b/nssa/core/src/commitment.rs
@@ -7,8 +7,9 @@ use crate::account::{Account, AccountId};
 /// A commitment to all zero data.
 /// ```python
 /// from hashlib import sha256
+/// prefix = b"/LEE/v0.3/Commitment/\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
 /// hasher = sha256()
-/// hasher.update(bytes([0] * 32 + [0] * 32 + [0] * 16 + [0] * 16 + list(sha256().digest())))
+/// hasher.update(prefix + bytes([0] * 32 + [0] * 32 + [0] * 16 + [0] * 16 + list(sha256().digest())))
 /// DUMMY_COMMITMENT = hasher.digest()
 /// ```
 pub const DUMMY_COMMITMENT: Commitment = Commitment([
diff --git a/nssa/src/error.rs b/nssa/src/error.rs
index 65079d25..31f78461 100644
--- a/nssa/src/error.rs
+++ b/nssa/src/error.rs
@@ -96,6 +96,9 @@ pub enum InvalidProgramBehaviorError {
     #[error("Unauthorized account marked as authorized")]
     InvalidAccountAuthorization { account_id: AccountId },
 
+    #[error("Authorized account marked as not authorized")]
+    AuthorizedAccountMarkedAsNotAuthorized { account_id: AccountId },
+
     #[error("Program ID mismatch: expected {expected:?}, actual {actual:?}")]
     MismatchedProgramId {
         expected: ProgramId,
diff --git a/nssa/src/validated_state_diff.rs b/nssa/src/validated_state_diff.rs
index 87bde206..bdee3452 100644
--- a/nssa/src/validated_state_diff.rs
+++ b/nssa/src/validated_state_diff.rs
@@ -173,12 +173,18 @@ impl ValidatedStateDiff {
                 );
 
                 // Check that the program output pre_states marked as authorized are indeed
-                // authorized.
+                // authorized, and vice-versa.
                 let is_indeed_authorized = is_authorized(&account_id);
                 ensure!(
                     !pre.is_authorized || is_indeed_authorized,
                     InvalidProgramBehaviorError::InvalidAccountAuthorization { account_id }
                 );
+                ensure!(
+                    pre.is_authorized || !is_indeed_authorized,
+                    InvalidProgramBehaviorError::AuthorizedAccountMarkedAsNotAuthorized {
+                        account_id
+                    }
+                );
             }
 
             // Verify that the program output's self_program_id matches the expected program ID.
@@ -269,11 +275,20 @@ impl ValidatedStateDiff {
             // the loop above already gates program_output's `is_authorized` via the
             // `!pre.is_authorized || is_indeed_authorized` check, while `chained_call.
             // pre_states` is caller-controlled and can be forged (audit-issue 91).
-            let authorized_accounts: HashSet<_> = program_output
-                .pre_states
-                .iter()
-                .filter(|pre| pre.is_authorized)
-                .map(|pre| pre.account_id)
+            //
+            // Union with the caller's authorized set so that authorization is monotonically
+            // growing: once an account is authorized at any point in the chain it remains
+            // authorized for all subsequent calls.
+            let authorized_accounts: HashSet<_> = caller_data
+                .authorized_accounts
+                .into_iter()
+                .chain(
+                    program_output
+                        .pre_states
+                        .iter()
+                        .filter(|pre| pre.is_authorized)
+                        .map(|pre| pre.account_id),
+                )
                 .collect();
             for new_call in program_output.chained_calls.into_iter().rev() {
                 chained_calls.push_front((
@@ -341,7 +356,13 @@ impl ValidatedStateDiff {
 
         // Check there are no duplicate nullifiers in the new_nullifiers list
         ensure!(
-            n_unique(&message.new_nullifiers) == message.new_nullifiers.len(),
+            n_unique(
+                &message
+                    .new_nullifiers
+                    .iter()
+                    .map(|(n, _)| n)
+                    .collect::<Vec<_>>()
+            ) == message.new_nullifiers.len(),
             NssaError::InvalidInput("Duplicate nullifiers found in message".into())
         );
 
diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs b/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs
index 6e302401..eda9bacd 100644
--- a/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs
+++ b/program_methods/guest/src/bin/privacy_preserving_circuit/output.rs
@@ -62,7 +62,7 @@ pub fn compute_circuit_output(
                     Nullifier::for_account_initialization(&account_id),
                     DUMMY_COMMITMENT_HASH,
                 );
-                let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk);
+                let new_nonce = Nonce::private_account_nonce_init(&account_id);
 
                 emit_private_output(
                     &mut output,