diff --git a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift
index b004203a0..92aaa1fcd 100644
--- a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift	
+++ b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift	
@@ -300,7 +300,7 @@ public enum OnionRequestAPI {
                 let destinationSymmetricKey = intermediate.destinationSymmetricKey
                 HTTP.execute(.post, url, parameters: parameters).done2 { rawResponse in
                     guard let json = rawResponse as? JSON, let base64EncodedIVAndCiphertext = json["result"] as? String,
-                        let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext) else { return seal.reject(HTTP.Error.invalidJSON) }
+                        let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext), ivAndCiphertext.count > ivSize else { return seal.reject(HTTP.Error.invalidJSON) }
                     let iv = ivAndCiphertext[0..<Int(ivSize)]
                     let ciphertext = ivAndCiphertext[Int(ivSize)...]
                     do {