diff --git a/barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh b/barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh
index 2de213e032b0..8d1048469c24 100755
--- a/barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh
+++ b/barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh
@@ -16,7 +16,7 @@ script_path="$root/barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_cha
 # - Generate a hash for versioning: sha256sum bb-chonk-inputs.tar.gz
 # - Upload the compressed results: aws s3 cp bb-chonk-inputs.tar.gz s3://aztec-ci-artifacts/protocol/bb-chonk-inputs-[hash(0:8)].tar.gz
 # Note: In case of the "Test suite failed to run ... Unexpected token 'with' " error, need to run: docker pull aztecprotocol/build:3.0
-pinned_short_hash="831712f6"
+pinned_short_hash="a7fe72e1"
 pinned_chonk_inputs_url="https://aztec-ci-artifacts.s3.us-east-2.amazonaws.com/protocol/bb-chonk-inputs-${pinned_short_hash}.tar.gz"
 
 function update_pinned_hash_in_script {
diff --git a/barretenberg/cpp/src/barretenberg/api/api_ultra_honk.cpp b/barretenberg/cpp/src/barretenberg/api/api_ultra_honk.cpp
index 0e51705b34ee..345b65b02fe1 100644
--- a/barretenberg/cpp/src/barretenberg/api/api_ultra_honk.cpp
+++ b/barretenberg/cpp/src/barretenberg/api/api_ultra_honk.cpp
@@ -121,14 +121,14 @@ bool UltraHonkAPI::verify(const Flags& flags,
     if (auto json = try_parse_json(public_inputs_content)) {
         public_inputs = PublicInputsJson::parse(*json);
     } else {
-        public_inputs = many_from_buffer<uint256_t>(public_inputs_content);
+        public_inputs = many_from_buffer_exact<uint256_t>(public_inputs_content, "UltraHonk public inputs file");
     }
 
     auto proof_content = read_file(proof_path);
     if (auto json = try_parse_json(proof_content)) {
         proof = ProofJson::parse(*json);
     } else {
-        proof = many_from_buffer<uint256_t>(proof_content);
+        proof = many_from_buffer_exact<uint256_t>(proof_content, "UltraHonk proof file");
     }
 
     auto vk_content = read_file(vk_path);
diff --git a/barretenberg/cpp/src/barretenberg/api/file_io.hpp b/barretenberg/cpp/src/barretenberg/api/file_io.hpp
index 42cbaf6ab05f..894e7f537ffa 100644
--- a/barretenberg/cpp/src/barretenberg/api/file_io.hpp
+++ b/barretenberg/cpp/src/barretenberg/api/file_io.hpp
@@ -1,5 +1,6 @@
 #pragma once
 #include "barretenberg/common/log.hpp"
+#include "barretenberg/common/serialize.hpp"
 #include "barretenberg/common/try_catch_shim.hpp"
 #include "barretenberg/ecc/curves/bn254/fr.hpp"
 #include <cstdint>
@@ -9,6 +10,7 @@
 #include <fstream>
 #include <ios>
 #include <sstream>
+#include <string_view>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <vector>
@@ -153,6 +155,16 @@ inline std::vector<uint8_t> read_vk_file(const std::filesystem::path& vk_path)
     }
 }
 
+template <typename T>
+inline std::vector<T> many_from_buffer_exact(const std::vector<uint8_t>& buffer, std::string_view object_name)
+{
+    if (buffer.size() % sizeof(T) != 0) {
+        THROW std::runtime_error(std::string(object_name) + " size must be a multiple of " + std::to_string(sizeof(T)) +
+                                 " bytes, got " + std::to_string(buffer.size()));
+    }
+    return ::many_from_buffer<T>(buffer);
+}
+
 // On Windows, std::filesystem::path uses wide strings (wchar_t) and doesn't implicitly convert
 // to std::string. On Linux/macOS (libstdc++), the conversion is implicit so these aren't needed.
 #ifdef _WIN32
diff --git a/barretenberg/cpp/src/barretenberg/api/file_io.test.cpp b/barretenberg/cpp/src/barretenberg/api/file_io.test.cpp
new file mode 100644
index 000000000000..7769de2ea5b2
--- /dev/null
+++ b/barretenberg/cpp/src/barretenberg/api/file_io.test.cpp
@@ -0,0 +1,25 @@
+#include "barretenberg/api/file_io.hpp"
+#include "barretenberg/common/assert.hpp"
+#include "barretenberg/common/serialize.hpp"
+#include "barretenberg/numeric/uint256/uint256.hpp"
+#include <gtest/gtest.h>
+
+using namespace bb;
+
+TEST(APIFileIO, ManyFromBufferExactRejectsTrailingBytes)
+{
+    std::vector<uint8_t> bytes(sizeof(uint256_t) + 1, 0);
+
+    EXPECT_THROW_WITH_MESSAGE((many_from_buffer_exact<uint256_t>(bytes, "UltraHonk proof file")),
+                              "UltraHonk proof file size must be a multiple of 32 bytes, got 33");
+}
+
+TEST(APIFileIO, ManyFromBufferExactAcceptsAlignedBuffers)
+{
+    std::vector<uint256_t> expected{ uint256_t(1), uint256_t(2) };
+    auto bytes = to_buffer(expected);
+
+    auto parsed = many_from_buffer_exact<uint256_t>(bytes, "UltraHonk proof file");
+
+    EXPECT_EQ(parsed, expected);
+}
diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/gate_count_constants.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/gate_count_constants.hpp
index 00d5914e18e4..2f82f493acc9 100644
--- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/gate_count_constants.hpp
+++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/gate_count_constants.hpp
@@ -34,9 +34,9 @@ template <typename Builder> inline constexpr size_t AES128_ENCRYPTION = 1559 + Z
 // overlap with the values added for ECCVM. secp256k1 uses table of size 16 whose indices contain all the 4 values
 // set for ECCVM (hence the same value for Ultra and Mega builders). secp256r1 uses ROM tables of size 4, which
 // contain only 2 of the values set for ECCVM (hence the difference of two gates between Ultra and Mega builders).
-template <typename Builder> inline constexpr size_t ECDSA_SECP256K1 = 42839 + ZERO_GATE;
+template <typename Builder> inline constexpr size_t ECDSA_SECP256K1 = 42837 + ZERO_GATE;
 template <typename Builder>
-inline constexpr size_t ECDSA_SECP256R1 = 72614 + ZERO_GATE + (IsMegaBuilder<Builder> ? 2 : 0);
+inline constexpr size_t ECDSA_SECP256R1 = 72612 + ZERO_GATE + (IsMegaBuilder<Builder> ? 2 : 0);
 
 template <typename Builder> inline constexpr size_t BLAKE2S = 2952 + ZERO_GATE + MEGA_OFFSET<Builder>;
 template <typename Builder> inline constexpr size_t BLAKE3 = 2158 + ZERO_GATE + MEGA_OFFSET<Builder>;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp
index 2dd257a7d749..991a13e2945a 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp
@@ -2617,6 +2617,11 @@ TYPED_TEST(stdlib_bigfield, less_than_works)
 
     // c_ct > modulus fails comparison but doesn't make the circuit fail
     std::vector<uint8_t> c_bytes(32, 0xff);
+    if constexpr (std::is_same_v<TypeParam, typename bb::stdlib::bn254<UltraCircuitBuilder>::BaseField>) {
+        // For bn254, NUM_LAST_LIMB_BITS = 50, so we need to set the first byte to something bigger than 0x30 (the first
+        // byte of the modulus) that still fits in 50 bits
+        c_bytes[0] = 0x31;
+    }
     byte_array_ct c_byte_array = byte_array_ct(&builder, c_bytes);
     fq_ct reconstructed_from_bytes(c_byte_array);
     auto is_not_ok_larger_than_modulus = reconstructed_from_bytes.is_less_than(fq_ct::modulus);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield_impl.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield_impl.hpp
index 14395471c625..e6d51638dd8b 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield_impl.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield_impl.hpp
@@ -1880,16 +1880,17 @@ bool_t<Builder> bigfield<Builder, T>::is_less_than(const uint256_t& upper_limit,
     ctx->range_constrain_two_limbs(binary_basis_limbs[2].element.get_witness_index(),
                                    binary_basis_limbs[3].element.get_witness_index(),
                                    static_cast<size_t>(NUM_LIMB_BITS),
-                                   static_cast<size_t>(NUM_LIMB_BITS),
+                                   static_cast<size_t>(NUM_LAST_LIMB_BITS),
                                    is_default_msg ? "bigfield::is_less_than: limb 2 or 3 too large" : msg);
 
     const uint256_t upper_limit_value_0 = upper_limit.slice(0, NUM_LIMB_BITS);
     const uint256_t upper_limit_value_1 = upper_limit.slice(NUM_LIMB_BITS, NUM_LIMB_BITS * 2);
     const uint256_t upper_limit_value_2 = upper_limit.slice(NUM_LIMB_BITS * 2, NUM_LIMB_BITS * 3);
-    const uint256_t upper_limit_value_3 = upper_limit.slice(NUM_LIMB_BITS * 3, NUM_LIMB_BITS * 4);
+    const uint256_t upper_limit_value_3 =
+        upper_limit.slice(NUM_LIMB_BITS * 3, (NUM_LIMB_BITS * 3) + NUM_LAST_LIMB_BITS);
 
-    bool_t<Builder> third_limb_is_smaller =
-        binary_basis_limbs[3].element.template ranged_less_than<NUM_LIMB_BITS>(field_t<Builder>(upper_limit_value_3));
+    bool_t<Builder> third_limb_is_smaller = binary_basis_limbs[3].element.template ranged_less_than<NUM_LAST_LIMB_BITS>(
+        field_t<Builder>(upper_limit_value_3));
     bool_t<Builder> third_limb_is_equal = binary_basis_limbs[3].element == field_t<Builder>(upper_limit_value_3);
 
     bool_t<Builder> second_limb_is_smaller =
diff --git a/barretenberg/ts/scripts/copy_cross.sh b/barretenberg/ts/scripts/copy_cross.sh
index ef38cf2e55bd..d69cfdbd103b 100755
--- a/barretenberg/ts/scripts/copy_cross.sh
+++ b/barretenberg/ts/scripts/copy_cross.sh
@@ -21,6 +21,13 @@ elif semver check "${REF_NAME:-}" && [[ "$(arch)" == "amd64" ]]; then
   done
 
   llvm-strip-20 ./build/*/*
+
+  # Re-sign macOS Mach-O binaries after stripping (stripping invalidates the ad-hoc code signature).
+  for arch in amd64-macos arm64-macos; do
+    for f in ./build/$arch/*; do
+      ldid -S "$f"
+    done
+  done
 else
   echo "This task is expected to be run in an x86 release context."
   # TODO bring back. was being called by release.