diff --git a/programs/message-transmitter/src/instructions/receive_message.rs b/programs/message-transmitter/src/instructions/receive_message.rs
index 3088ed41..d6631b1a 100644
--- a/programs/message-transmitter/src/instructions/receive_message.rs
+++ b/programs/message-transmitter/src/instructions/receive_message.rs
@@ -30,7 +30,7 @@ pub struct ReceiveMessageContext<'info> {
         seeds = [b"message_transmitter_authority", receiver.key().as_ref()],
         bump,
     )]
-    pub authority_pda: AccountInfo<'info>,
+    pub authority_pda: UncheckedAccount<'info>,
 
     #[account()]
     pub message_transmitter: Box<Account<'info, MessageTransmitter>>,
@@ -51,7 +51,8 @@ pub struct ReceiveMessageContext<'info> {
 
     ///CHECK: Receiver program address, e.g. TokenMessenger
     #[account(
-        constraint = receiver.executable
+        constraint = receiver.executable,
+        constraint = receiver.key() != crate::ID
     )]
     pub receiver: UncheckedAccount<'info>,
 
diff --git a/programs/token-messenger-minter/src/token_messenger/instructions/deposit_for_burn.rs b/programs/token-messenger-minter/src/token_messenger/instructions/deposit_for_burn.rs
index 7a465e38..6f180578 100644
--- a/programs/token-messenger-minter/src/token_messenger/instructions/deposit_for_burn.rs
+++ b/programs/token-messenger-minter/src/token_messenger/instructions/deposit_for_burn.rs
@@ -32,7 +32,7 @@ pub struct DepositForBurnContext<'info> {
         seeds = [b"sender_authority"],
         bump = token_messenger.authority_bump,
     )]
-    pub sender_authority_pda: AccountInfo<'info>,
+    pub sender_authority_pda: UncheckedAccount<'info>,
 
     #[account(
         mut,
diff --git a/programs/token-messenger-minter/src/token_messenger/instructions/handle_receive_message.rs b/programs/token-messenger-minter/src/token_messenger/instructions/handle_receive_message.rs
index 54032323..861afe28 100644
--- a/programs/token-messenger-minter/src/token_messenger/instructions/handle_receive_message.rs
+++ b/programs/token-messenger-minter/src/token_messenger/instructions/handle_receive_message.rs
@@ -14,6 +14,16 @@ use {
     anchor_spl::token::{Token, TokenAccount},
 };
 
+/////////////////////////////////////////////////////////////////////////////
+/// IMPORTANT!
+/// If you modify this instruction to allow further arbitrary CPI calls,
+/// make sure to forbid self-reentrancy. Otherwise, handle_receive_message
+/// can be called again with intact signatures and data that can lead to
+/// loss of funds. An example of a reentrancy check would be adding a
+/// constraint to the callee program account:
+/// constraint = callee.key() != crate::ID
+/// /////////////////////////////////////////////////////////////////////////
+
 // Instruction accounts
 #[derive(Accounts)]
 #[instruction(params: HandleReceiveMessageParams)]
diff --git a/programs/token-messenger-minter/src/token_messenger/instructions/initialize.rs b/programs/token-messenger-minter/src/token_messenger/instructions/initialize.rs
index 5070e787..03766d32 100644
--- a/programs/token-messenger-minter/src/token_messenger/instructions/initialize.rs
+++ b/programs/token-messenger-minter/src/token_messenger/instructions/initialize.rs
@@ -24,7 +24,7 @@ pub struct InitializeContext<'info> {
         seeds = [b"sender_authority"],
         bump
     )]
-    pub authority_pda: AccountInfo<'info>,
+    pub authority_pda: UncheckedAccount<'info>,
 
     // TokenMessenger state account
     #[account(
diff --git a/programs/token-messenger-minter/src/token_messenger/instructions/replace_deposit_for_burn.rs b/programs/token-messenger-minter/src/token_messenger/instructions/replace_deposit_for_burn.rs
index 6608360a..73ffd62a 100644
--- a/programs/token-messenger-minter/src/token_messenger/instructions/replace_deposit_for_burn.rs
+++ b/programs/token-messenger-minter/src/token_messenger/instructions/replace_deposit_for_burn.rs
@@ -26,7 +26,7 @@ pub struct ReplaceDepositForBurnContext<'info> {
         seeds = [b"sender_authority"],
         bump = token_messenger.authority_bump,
     )]
-    pub sender_authority_pda: AccountInfo<'info>,
+    pub sender_authority_pda: UncheckedAccount<'info>,
 
     #[account(mut)]
     pub message_transmitter: Box<Account<'info, MessageTransmitter>>,
diff --git a/programs/token-messenger-minter/src/token_minter/instructions/add_local_token.rs b/programs/token-messenger-minter/src/token_minter/instructions/add_local_token.rs
index c2184605..6e1bb606 100644
--- a/programs/token-messenger-minter/src/token_minter/instructions/add_local_token.rs
+++ b/programs/token-messenger-minter/src/token_minter/instructions/add_local_token.rs
@@ -67,11 +67,6 @@ pub fn add_local_token(
     ctx: Context<AddLocalTokenContext>,
     _params: &AddLocalTokenParams,
 ) -> Result<()> {
-    require!(
-        !ctx.accounts.token_minter.paused,
-        TokenMinterError::ProgramPaused
-    );
-
     let local_token = ctx.accounts.local_token.as_mut();
 
     local_token.custody = ctx.accounts.custody_token_account.key();
diff --git a/programs/token-messenger-minter/src/token_minter/state.rs b/programs/token-messenger-minter/src/token_minter/state.rs
index 5421d6d8..e2c14327 100644
--- a/programs/token-messenger-minter/src/token_minter/state.rs
+++ b/programs/token-messenger-minter/src/token_minter/state.rs
@@ -32,8 +32,8 @@ pub struct LocalToken {
     pub burn_limit_per_message: u64,
     pub messages_sent: u64,
     pub messages_received: u64,
-    pub amount_sent: u64,
-    pub amount_received: u64,
+    pub amount_sent: u128,
+    pub amount_received: u128,
     pub bump: u8,
     pub custody_bump: u8,
 }
@@ -59,8 +59,8 @@ impl TokenMinter {
             TokenMinterError::BurnAmountExceeded
         );
 
-        local_token.messages_sent = local_token.messages_sent.wrapping_add(1);
-        local_token.amount_sent = local_token.amount_sent.wrapping_add(amount);
+        local_token.messages_sent = local_token.messages_sent.saturating_add(1);
+        local_token.amount_sent = local_token.amount_sent.saturating_add(amount as u128);
 
         let context: CpiContext<'_, '_, '_, '_, Burn<'_>> = CpiContext::new(
             token_program,
@@ -85,8 +85,8 @@ impl TokenMinter {
     ) -> Result<()> {
         require!(!self.paused, TokenMinterError::ProgramPaused);
 
-        local_token.messages_received = local_token.messages_received.wrapping_add(1);
-        local_token.amount_received = local_token.amount_received.wrapping_add(amount);
+        local_token.messages_received = local_token.messages_received.saturating_add(1);
+        local_token.amount_received = local_token.amount_received.saturating_add(amount as u128);
 
         let authority_seeds: &[&[&[u8]]] = &[&[b"token_minter", &[self.bump]]];