all: release go-ethereum v1.13.7

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/CODEOWNERS

@@ -10,7 +10,7 @@ core/                           @karalabe @holiman @rjl493456442
 eth/                            @karalabe @holiman @rjl493456442
 eth/catalyst/                   @gballet
 eth/tracers/                    @s1na
-graphql/                        @gballet @s1na
+graphql/                        @s1na
 les/                            @zsfelfoldi @rjl493456442
 light/                          @zsfelfoldi @rjl493456442
 node/                           @fjl

.github/CONTRIBUTING.md

@@ -35,6 +35,6 @@ and help.
 
 ## Configuration, dependencies, and tests
 
-Please see the [Developers' Guide](https://geth.ethereum.org/docs/developers/devguide)
+Please see the [Developers' Guide](https://geth.ethereum.org/docs/developers/geth-developer/dev-guide)
 for more details on configuring your environment, managing project dependencies
 and testing procedures.

.github/workflows/go.yml

@@ -0,0 +1,23 @@
+name: i386 linux tests
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: self-hosted
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.21.4
+      - name: Run tests
+        run: go test ./...
+        env:
+          GOOS: linux
+          GOARCH: 386

.gitignore

@@ -47,3 +47,6 @@ profile.cov
 /dashboard/assets/package-lock.json
 
 **/yarn-error.log
+logs/
+
+tests/spec-tests/

.travis.yml

@@ -5,25 +5,10 @@ jobs:
   allow_failures:
     - stage: build
       os: osx
-      go: 1.17.x
       env:
         - azure-osx
-        - azure-ios
-        - cocoapods-ios
 
   include:
-    # This builder only tests code linters on latest version of Go
-    - stage: lint
-      os: linux
-      dist: bionic
-      go: 1.19.x
-      env:
-        - lint
-      git:
-        submodules: false # avoid cloning ethereum/tests
-      script:
-        - go run build/ci.go lint
-
     # These builders create the Docker sub-images for multi-arch push and each
     # will attempt to push the multi-arch image if they are the last builder
     - stage: build
@@ -31,7 +16,7 @@ jobs:
       os: linux
       arch: amd64
       dist: bionic
-      go: 1.19.x
+      go: 1.21.x
       env:
         - docker
       services:
@@ -48,7 +33,7 @@ jobs:
       os: linux
       arch: arm64
       dist: bionic
-      go: 1.19.x
+      go: 1.21.x
       env:
         - docker
       services:
@@ -60,40 +45,15 @@ jobs:
       script:
         - go run build/ci.go docker -image -manifest amd64,arm64 -upload ethereum/client-go
 
-    # This builder does the Ubuntu PPA upload
-    - stage: build
-      if: type = push
-      os: linux
-      dist: bionic
-      go: 1.19.x
-      env:
-        - ubuntu-ppa
-        - GO111MODULE=on
-      git:
-        submodules: false # avoid cloning ethereum/tests
-      addons:
-        apt:
-          packages:
-            - devscripts
-            - debhelper
-            - dput
-            - fakeroot
-            - python-bzrlib
-            - python-paramiko
-      script:
-        - echo '|1|7SiYPr9xl3uctzovOTj4gMwAC1M=|t6ReES75Bo/PxlOPJ6/GsGbTrM0= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0aKz5UTUndYgIGG7dQBV+HaeuEZJ2xPHo2DS2iSKvUL4xNMSAY4UguNW+pX56nAQmZKIZZ8MaEvSj6zMEDiq6HFfn5JcTlM80UwlnyKe8B8p7Nk06PPQLrnmQt5fh0HmEcZx+JU9TZsfCHPnX7MNz4ELfZE6cFsclClrKim3BHUIGq//t93DllB+h4O9LHjEUsQ1Sr63irDLSutkLJD6RXchjROXkNirlcNVHH/jwLWR5RcYilNX7S5bIkK8NlWPjsn/8Ua5O7I9/YoE97PpO6i73DTGLh5H9JN/SITwCKBkgSDWUt61uPK3Y11Gty7o2lWsBjhBUm2Y38CBsoGmBw==' >> ~/.ssh/known_hosts
-        - go run build/ci.go debsrc -upload ethereum/ethereum -sftp-user geth-ci -signer "Go Ethereum Linux Builder <geth-ci@ethereum.org>"
-
     # This builder does the Linux Azure uploads
     - stage: build
       if: type = push
       os: linux
       dist: bionic
       sudo: required
-      go: 1.19.x
+      go: 1.21.x
       env:
         - azure-linux
-        - GO111MODULE=on
       git:
         submodules: false # avoid cloning ethereum/tests
       addons:
@@ -120,46 +80,78 @@ jobs:
         - go run build/ci.go install -dlgo -arch arm64 -cc aarch64-linux-gnu-gcc
         - go run build/ci.go archive -arch arm64 -type tar -signer LINUX_SIGNING_KEY -signify SIGNIFY_KEY -upload gethstore/builds
 
+    # This builder does the OSX Azure uploads
+    - stage: build
+      if: type = push
+      os: osx
+      osx_image: xcode14.2
+      go: 1.21.x
+      env:
+        - azure-osx
+      git:
+        submodules: false # avoid cloning ethereum/tests
+      script:
+        - go run build/ci.go install -dlgo
+        - go run build/ci.go archive -type tar -signer OSX_SIGNING_KEY -signify SIGNIFY_KEY -upload gethstore/builds
+        - go run build/ci.go install -dlgo -arch arm64
+        - go run build/ci.go archive -arch arm64 -type tar -signer OSX_SIGNING_KEY -signify SIGNIFY_KEY -upload gethstore/builds
+
     # These builders run the tests
     - stage: build
       os: linux
       arch: amd64
       dist: bionic
-      go: 1.19.x
-      env:
-        - GO111MODULE=on
+      go: 1.21.x
       script:
-        - go run build/ci.go test -coverage $TEST_PACKAGES
+        - travis_wait 30 go run build/ci.go test $TEST_PACKAGES
 
     - stage: build
       if: type = pull_request
       os: linux
       arch: arm64
       dist: bionic
-      go: 1.18.x
-      env:
-        - GO111MODULE=on
+      go: 1.20.x
       script:
-        - go run build/ci.go test -coverage $TEST_PACKAGES
+        - travis_wait 30 go run build/ci.go test $TEST_PACKAGES
 
     - stage: build
       os: linux
       dist: bionic
-      go: 1.18.x
-      env:
-        - GO111MODULE=on
+      go: 1.20.x
       script:
-        - go run build/ci.go test -coverage $TEST_PACKAGES
+        - travis_wait 30 go run build/ci.go test $TEST_PACKAGES
+
+    # This builder does the Ubuntu PPA nightly uploads
+    - stage: build
+      if: type = cron || (type = push && tag ~= /^v[0-9]/)
+      os: linux
+      dist: bionic
+      go: 1.21.x
+      env:
+        - ubuntu-ppa
+      git:
+        submodules: false # avoid cloning ethereum/tests
+      addons:
+        apt:
+          packages:
+            - devscripts
+            - debhelper
+            - dput
+            - fakeroot
+            - python-bzrlib
+            - python-paramiko
+      script:
+        - echo '|1|7SiYPr9xl3uctzovOTj4gMwAC1M=|t6ReES75Bo/PxlOPJ6/GsGbTrM0= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0aKz5UTUndYgIGG7dQBV+HaeuEZJ2xPHo2DS2iSKvUL4xNMSAY4UguNW+pX56nAQmZKIZZ8MaEvSj6zMEDiq6HFfn5JcTlM80UwlnyKe8B8p7Nk06PPQLrnmQt5fh0HmEcZx+JU9TZsfCHPnX7MNz4ELfZE6cFsclClrKim3BHUIGq//t93DllB+h4O9LHjEUsQ1Sr63irDLSutkLJD6RXchjROXkNirlcNVHH/jwLWR5RcYilNX7S5bIkK8NlWPjsn/8Ua5O7I9/YoE97PpO6i73DTGLh5H9JN/SITwCKBkgSDWUt61uPK3Y11Gty7o2lWsBjhBUm2Y38CBsoGmBw==' >> ~/.ssh/known_hosts
+        - go run build/ci.go debsrc -upload ethereum/ethereum -sftp-user geth-ci -signer "Go Ethereum Linux Builder <geth-ci@ethereum.org>"
 
     # This builder does the Azure archive purges to avoid accumulating junk
     - stage: build
       if: type = cron
       os: linux
       dist: bionic
-      go: 1.19.x
+      go: 1.21.x
       env:
         - azure-purge
-        - GO111MODULE=on
       git:
         submodules: false # avoid cloning ethereum/tests
       script:
@@ -170,9 +162,7 @@ jobs:
       if: type = cron
       os: linux
       dist: bionic
-      go: 1.19.x
-      env:
-        - GO111MODULE=on
+      go: 1.21.x
       script:
-        - go run build/ci.go test  -race -coverage $TEST_PACKAGES
+        - travis_wait 30 go run build/ci.go test  -race $TEST_PACKAGES
 

Dockerfile

@@ -4,7 +4,7 @@ ARG VERSION=""
 ARG BUILDNUM=""
 
 # Build Geth in a stock Go builder container
-FROM golang:1.19-alpine as builder
+FROM golang:1.21-alpine as builder
 
 RUN apk add --no-cache gcc musl-dev linux-headers git
 

Dockerfile.alltools

@@ -4,7 +4,7 @@ ARG VERSION=""
 ARG BUILDNUM=""
 
 # Build Geth in a stock Go builder container
-FROM golang:1.19-alpine as builder
+FROM golang:1.21-alpine as builder
 
 RUN apk add --no-cache gcc musl-dev linux-headers git
 

Makefile

@@ -6,7 +6,7 @@
 
 GOBIN = ./build/bin
 GO ?= latest
-GORUN = env GO111MODULE=on go run
+GORUN = go run
 
 geth:
 	$(GORUN) build/ci.go install ./cmd/geth
@@ -23,7 +23,7 @@ lint: ## Run linters.
 	$(GORUN) build/ci.go lint
 
 clean:
-	env GO111MODULE=on go clean -cache
+	go clean -cache
 	rm -fr build/_workspace/pkg/ $(GOBIN)/*
 
 # The devtools target installs tools required for 'go generate'.

README.md

@@ -16,7 +16,7 @@ archives are published at https://geth.ethereum.org/downloads/.
 
 For prerequisites and detailed build instructions please read the [Installation Instructions](https://geth.ethereum.org/docs/getting-started/installing-geth).
 
-Building `geth` requires both a Go (version 1.18 or later) and a C compiler. You can install
+Building `geth` requires both a Go (version 1.19 or later) and a C compiler. You can install
 them using your favourite package manager. Once the dependencies are installed, run
 
 ```shell
@@ -36,10 +36,10 @@ directory.
 
 |  Command   | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
 | :--------: | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **`geth`** | Our main Ethereum CLI client. It is the entry point into the Ethereum network (main-, test- or private net), capable of running as a full node (default), archive node (retaining all historical state) or a light node (retrieving data live). It can be used by other processes as a gateway into the Ethereum network via JSON RPC endpoints exposed on top of HTTP, WebSocket and/or IPC transports. `geth --help` and the [CLI page](https://geth.ethereum.org/docs/interface/command-line-options) for command line options. |
+| **`geth`** | Our main Ethereum CLI client. It is the entry point into the Ethereum network (main-, test- or private net), capable of running as a full node (default), archive node (retaining all historical state) or a light node (retrieving data live). It can be used by other processes as a gateway into the Ethereum network via JSON RPC endpoints exposed on top of HTTP, WebSocket and/or IPC transports. `geth --help` and the [CLI page](https://geth.ethereum.org/docs/fundamentals/command-line-options) for command line options. |
 |   `clef`   | Stand-alone signing tool, which can be used as a backend signer for `geth`.                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
 |  `devp2p`  | Utilities to interact with nodes on the networking layer, without running a full blockchain.                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-|  `abigen`  | Source code generator to convert Ethereum contract definitions into easy-to-use, compile-time type-safe Go packages. It operates on plain [Ethereum contract ABIs](https://docs.soliditylang.org/en/develop/abi-spec.html) with expanded functionality if the contract bytecode is also available. However, it also accepts Solidity source files, making development much more streamlined. Please see our [Native DApps](https://geth.ethereum.org/docs/dapp/native-bindings) page for details.                                  |
+|  `abigen`  | Source code generator to convert Ethereum contract definitions into easy-to-use, compile-time type-safe Go packages. It operates on plain [Ethereum contract ABIs](https://docs.soliditylang.org/en/develop/abi-spec.html) with expanded functionality if the contract bytecode is also available. However, it also accepts Solidity source files, making development much more streamlined. Please see our [Native DApps](https://geth.ethereum.org/docs/developers/dapp-developer/native-bindings) page for details.                                  |
 | `bootnode` | Stripped down version of our Ethereum client implementation that only takes part in the network node discovery protocol, but does not run any of the higher level application protocols. It can be used as a lightweight bootstrap node to aid in finding peers in private networks.                                                                                                                                                                                                                                               |
 |   `evm`    | Developer utility version of the EVM (Ethereum Virtual Machine) that is capable of running bytecode snippets within a configurable environment and execution mode. Its purpose is to allow isolated, fine-grained debugging of EVM opcodes (e.g. `evm --code 60ff60ff --debug run`).                                                                                                                                                                                                                                               |
 | `rlpdump`  | Developer utility tool to convert binary RLP ([Recursive Length Prefix](https://ethereum.org/en/developers/docs/data-structures-and-encoding/rlp)) dumps (data encoding used by the Ethereum protocol both network as well as consensus wise) to user-friendlier hierarchical representation (e.g. `rlpdump --hex CE0183FFFFFFC4C304050583616263`).                                                                                                                                                                                |
@@ -47,7 +47,7 @@ directory.
 ## Running `geth`
 
 Going through all the possible command line flags is out of scope here (please consult our
-[CLI Wiki page](https://geth.ethereum.org/docs/interface/command-line-options)),
+[CLI Wiki page](https://geth.ethereum.org/docs/fundamentals/command-line-options)),
 but we've enumerated a few common parameter combos to get you up to speed quickly
 on how you can run your own `geth` instance.
 
@@ -82,10 +82,10 @@ This command will:
  * Start `geth` in snap sync mode (default, can be changed with the `--syncmode` flag),
    causing it to download more data in exchange for avoiding processing the entire history
    of the Ethereum network, which is very CPU intensive.
- * Start the built-in interactive [JavaScript console](https://geth.ethereum.org/docs/interface/javascript-console),
+ * Start the built-in interactive [JavaScript console](https://geth.ethereum.org/docs/interacting-with-geth/javascript-console),
    (via the trailing `console` subcommand) through which you can interact using [`web3` methods](https://github.com/ChainSafe/web3.js/blob/0.20.7/DOCUMENTATION.md) 
    (note: the `web3` version bundled within `geth` is very old, and not up to date with official docs),
-   as well as `geth`'s own [management APIs](https://geth.ethereum.org/docs/rpc/server).
+   as well as `geth`'s own [management APIs](https://geth.ethereum.org/docs/interacting-with-geth/rpc).
    This tool is optional and if you leave it out you can always attach it to an already running
    `geth` instance with `geth attach`.
 
@@ -123,15 +123,6 @@ use separate accounts for play and real money. Unless you manually move
 accounts, `geth` will by default correctly separate the two networks and will not make any
 accounts available between them.*
 
-### Full node on the Rinkeby test network
-
-Go Ethereum also supports connecting to the older proof-of-authority based test network
-called [*Rinkeby*](https://www.rinkeby.io) which is operated by members of the community.
-
-```shell
-$ geth --rinkeby console
-```
-
 ### Configuration
 
 As an alternative to passing the numerous flags to the `geth` binary, you can also pass a
@@ -175,7 +166,7 @@ accessible from the outside.
 As a developer, sooner rather than later you'll want to start interacting with `geth` and the
 Ethereum network via your own programs and not manually through the console. To aid
 this, `geth` has built-in support for a JSON-RPC based APIs ([standard APIs](https://ethereum.github.io/execution-apis/api-documentation/)
-and [`geth` specific APIs](https://geth.ethereum.org/docs/rpc/server)).
+and [`geth` specific APIs](https://geth.ethereum.org/docs/interacting-with-geth/rpc)).
 These can be exposed via HTTP, WebSockets and IPC (UNIX sockets on UNIX based
 platforms, and named pipes on Windows).
 

accounts/abi/abi.go

@@ -22,6 +22,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"math/big"
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/crypto"
@@ -222,6 +223,17 @@ func (abi *ABI) EventByID(topic common.Hash) (*Event, error) {
 	return nil, fmt.Errorf("no event with id: %#x", topic.Hex())
 }
 
+// ErrorByID looks up an error by the 4-byte id,
+// returns nil if none found.
+func (abi *ABI) ErrorByID(sigdata [4]byte) (*Error, error) {
+	for _, errABI := range abi.Errors {
+		if bytes.Equal(errABI.ID[:4], sigdata[:]) {
+			return &errABI, nil
+		}
+	}
+	return nil, fmt.Errorf("no error with id: %#x", sigdata[:])
+}
+
 // HasFallback returns an indicator whether a fallback function is included.
 func (abi *ABI) HasFallback() bool {
 	return abi.Fallback.Type == Fallback
@@ -235,21 +247,65 @@ func (abi *ABI) HasReceive() bool {
 // revertSelector is a special function selector for revert reason unpacking.
 var revertSelector = crypto.Keccak256([]byte("Error(string)"))[:4]
 
+// panicSelector is a special function selector for panic reason unpacking.
+var panicSelector = crypto.Keccak256([]byte("Panic(uint256)"))[:4]
+
+// panicReasons map is for readable panic codes
+// see this linkage for the details
+// https://docs.soliditylang.org/en/v0.8.21/control-structures.html#panic-via-assert-and-error-via-require
+// the reason string list is copied from ether.js
+// https://github.com/ethers-io/ethers.js/blob/fa3a883ff7c88611ce766f58bdd4b8ac90814470/src.ts/abi/interface.ts#L207-L218
+var panicReasons = map[uint64]string{
+	0x00: "generic panic",
+	0x01: "assert(false)",
+	0x11: "arithmetic underflow or overflow",
+	0x12: "division or modulo by zero",
+	0x21: "enum overflow",
+	0x22: "invalid encoded storage byte array accessed",
+	0x31: "out-of-bounds array access; popping on an empty array",
+	0x32: "out-of-bounds access of an array or bytesN",
+	0x41: "out of memory",
+	0x51: "uninitialized function",
+}
+
 // UnpackRevert resolves the abi-encoded revert reason. According to the solidity
 // spec https://solidity.readthedocs.io/en/latest/control-structures.html#revert,
-// the provided revert reason is abi-encoded as if it were a call to a function
-// `Error(string)`. So it's a special tool for it.
+// the provided revert reason is abi-encoded as if it were a call to function
+// `Error(string)` or `Panic(uint256)`. So it's a special tool for it.
 func UnpackRevert(data []byte) (string, error) {
 	if len(data) < 4 {
 		return "", errors.New("invalid data for unpacking")
 	}
-	if !bytes.Equal(data[:4], revertSelector) {
+	switch {
+	case bytes.Equal(data[:4], revertSelector):
+		typ, err := NewType("string", "", nil)
+		if err != nil {
+			return "", err
+		}
+		unpacked, err := (Arguments{{Type: typ}}).Unpack(data[4:])
+		if err != nil {
+			return "", err
+		}
+		return unpacked[0].(string), nil
+	case bytes.Equal(data[:4], panicSelector):
+		typ, err := NewType("uint256", "", nil)
+		if err != nil {
+			return "", err
+		}
+		unpacked, err := (Arguments{{Type: typ}}).Unpack(data[4:])
+		if err != nil {
+			return "", err
+		}
+		pCode := unpacked[0].(*big.Int)
+		// uint64 safety check for future
+		// but the code is not bigger than MAX(uint64) now
+		if pCode.IsUint64() {
+			if reason, ok := panicReasons[pCode.Uint64()]; ok {
+				return reason, nil
+			}
+		}
+		return fmt.Sprintf("unknown panic code: %#x", pCode), nil
+	default:
 		return "", errors.New("invalid data for unpacking")
 	}
-	typ, _ := NewType("string", "", nil)
-	unpacked, err := (Arguments{{Type: typ}}).Unpack(data[4:])
-	if err != nil {
-		return "", err
-	}
-	return unpacked[0].(string), nil
 }

accounts/abi/abi_test.go

@@ -120,6 +120,7 @@ var methods = map[string]Method{
 }
 
 func TestReader(t *testing.T) {
+	t.Parallel()
 	abi := ABI{
 		Methods: methods,
 	}
@@ -151,6 +152,7 @@ func TestReader(t *testing.T) {
 }
 
 func TestInvalidABI(t *testing.T) {
+	t.Parallel()
 	json := `[{ "type" : "function", "name" : "", "constant" : fals }]`
 	_, err := JSON(strings.NewReader(json))
 	if err == nil {
@@ -170,6 +172,7 @@ func TestInvalidABI(t *testing.T) {
 //		constructor(uint256 a, uint256 b) public{}
 //	}
 func TestConstructor(t *testing.T) {
+	t.Parallel()
 	json := `[{	"inputs": [{"internalType": "uint256","name": "a","type": "uint256"	},{	"internalType": "uint256","name": "b","type": "uint256"}],"stateMutability": "nonpayable","type": "constructor"}]`
 	method := NewMethod("", "", Constructor, "nonpayable", false, false, []Argument{{"a", Uint256, false}, {"b", Uint256, false}}, nil)
 	// Test from JSON
@@ -199,6 +202,7 @@ func TestConstructor(t *testing.T) {
 }
 
 func TestTestNumbers(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(jsondata))
 	if err != nil {
 		t.Fatal(err)
@@ -236,6 +240,7 @@ func TestTestNumbers(t *testing.T) {
 }
 
 func TestMethodSignature(t *testing.T) {
+	t.Parallel()
 	m := NewMethod("foo", "foo", Function, "", false, false, []Argument{{"bar", String, false}, {"baz", String, false}}, nil)
 	exp := "foo(string,string)"
 	if m.Sig != exp {
@@ -274,6 +279,7 @@ func TestMethodSignature(t *testing.T) {
 }
 
 func TestOverloadedMethodSignature(t *testing.T) {
+	t.Parallel()
 	json := `[{"constant":true,"inputs":[{"name":"i","type":"uint256"},{"name":"j","type":"uint256"}],"name":"foo","outputs":[],"payable":false,"stateMutability":"pure","type":"function"},{"constant":true,"inputs":[{"name":"i","type":"uint256"}],"name":"foo","outputs":[],"payable":false,"stateMutability":"pure","type":"function"},{"anonymous":false,"inputs":[{"indexed":false,"name":"i","type":"uint256"}],"name":"bar","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"i","type":"uint256"},{"indexed":false,"name":"j","type":"uint256"}],"name":"bar","type":"event"}]`
 	abi, err := JSON(strings.NewReader(json))
 	if err != nil {
@@ -297,6 +303,7 @@ func TestOverloadedMethodSignature(t *testing.T) {
 }
 
 func TestCustomErrors(t *testing.T) {
+	t.Parallel()
 	json := `[{ "inputs": [	{ "internalType": "uint256", "name": "", "type": "uint256" } ],"name": "MyError", "type": "error"} ]`
 	abi, err := JSON(strings.NewReader(json))
 	if err != nil {
@@ -311,6 +318,7 @@ func TestCustomErrors(t *testing.T) {
 }
 
 func TestMultiPack(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(jsondata))
 	if err != nil {
 		t.Fatal(err)
@@ -348,6 +356,7 @@ func ExampleJSON() {
 }
 
 func TestInputVariableInputLength(t *testing.T) {
+	t.Parallel()
 	const definition = `[
 	{ "type" : "function", "name" : "strOne", "constant" : true, "inputs" : [ { "name" : "str", "type" : "string" } ] },
 	{ "type" : "function", "name" : "bytesOne", "constant" : true, "inputs" : [ { "name" : "str", "type" : "bytes" } ] },
@@ -476,6 +485,7 @@ func TestInputVariableInputLength(t *testing.T) {
 }
 
 func TestInputFixedArrayAndVariableInputLength(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(jsondata))
 	if err != nil {
 		t.Error(err)
@@ -650,6 +660,7 @@ func TestInputFixedArrayAndVariableInputLength(t *testing.T) {
 }
 
 func TestDefaultFunctionParsing(t *testing.T) {
+	t.Parallel()
 	const definition = `[{ "name" : "balance", "type" : "function" }]`
 
 	abi, err := JSON(strings.NewReader(definition))
@@ -663,6 +674,7 @@ func TestDefaultFunctionParsing(t *testing.T) {
 }
 
 func TestBareEvents(t *testing.T) {
+	t.Parallel()
 	const definition = `[
 	{ "type" : "event", "name" : "balance" },
 	{ "type" : "event", "name" : "anon", "anonymous" : true},
@@ -739,6 +751,7 @@ func TestBareEvents(t *testing.T) {
 //
 //	receipt{status=1 cgas=23949 bloom=00000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000040200000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 logs=[log: b6818c8064f645cd82d99b59a1a267d6d61117ef [75fd880d39c1daf53b6547ab6cb59451fc6452d27caa90e5b6649dd8293b9eed] 000000000000000000000000376c47978271565f56deb45495afa69e59c16ab200000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000158 9ae378b6d4409eada347a5dc0c180f186cb62dc68fcc0f043425eb917335aa28 0 95d429d309bb9d753954195fe2d69bd140b4ae731b9b5b605c34323de162cf00 0]}
 func TestUnpackEvent(t *testing.T) {
+	t.Parallel()
 	const abiJSON = `[{"constant":false,"inputs":[{"name":"memo","type":"bytes"}],"name":"receive","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"anonymous":false,"inputs":[{"indexed":false,"name":"sender","type":"address"},{"indexed":false,"name":"amount","type":"uint256"},{"indexed":false,"name":"memo","type":"bytes"}],"name":"received","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"sender","type":"address"}],"name":"receivedAddr","type":"event"}]`
 	abi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -777,6 +790,7 @@ func TestUnpackEvent(t *testing.T) {
 }
 
 func TestUnpackEventIntoMap(t *testing.T) {
+	t.Parallel()
 	const abiJSON = `[{"constant":false,"inputs":[{"name":"memo","type":"bytes"}],"name":"receive","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"anonymous":false,"inputs":[{"indexed":false,"name":"sender","type":"address"},{"indexed":false,"name":"amount","type":"uint256"},{"indexed":false,"name":"memo","type":"bytes"}],"name":"received","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"name":"sender","type":"address"}],"name":"receivedAddr","type":"event"}]`
 	abi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -827,6 +841,7 @@ func TestUnpackEventIntoMap(t *testing.T) {
 }
 
 func TestUnpackMethodIntoMap(t *testing.T) {
+	t.Parallel()
 	const abiJSON = `[{"constant":false,"inputs":[{"name":"memo","type":"bytes"}],"name":"receive","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"constant":false,"inputs":[],"name":"send","outputs":[{"name":"amount","type":"uint256"}],"payable":true,"stateMutability":"payable","type":"function"},{"constant":false,"inputs":[{"name":"addr","type":"address"}],"name":"get","outputs":[{"name":"hash","type":"bytes"}],"payable":true,"stateMutability":"payable","type":"function"}]`
 	abi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -877,6 +892,7 @@ func TestUnpackMethodIntoMap(t *testing.T) {
 }
 
 func TestUnpackIntoMapNamingConflict(t *testing.T) {
+	t.Parallel()
 	// Two methods have the same name
 	var abiJSON = `[{"constant":false,"inputs":[{"name":"memo","type":"bytes"}],"name":"get","outputs":[],"payable":true,"stateMutability":"payable","type":"function"},{"constant":false,"inputs":[],"name":"send","outputs":[{"name":"amount","type":"uint256"}],"payable":true,"stateMutability":"payable","type":"function"},{"constant":false,"inputs":[{"name":"addr","type":"address"}],"name":"get","outputs":[{"name":"hash","type":"bytes"}],"payable":true,"stateMutability":"payable","type":"function"}]`
 	abi, err := JSON(strings.NewReader(abiJSON))
@@ -960,6 +976,7 @@ func TestUnpackIntoMapNamingConflict(t *testing.T) {
 }
 
 func TestABI_MethodById(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(jsondata))
 	if err != nil {
 		t.Fatal(err)
@@ -992,6 +1009,7 @@ func TestABI_MethodById(t *testing.T) {
 }
 
 func TestABI_EventById(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		name  string
 		json  string
@@ -1057,9 +1075,39 @@ func TestABI_EventById(t *testing.T) {
 	}
 }
 
+func TestABI_ErrorByID(t *testing.T) {
+	t.Parallel()
+	abi, err := JSON(strings.NewReader(`[
+		{"inputs":[{"internalType":"uint256","name":"x","type":"uint256"}],"name":"MyError1","type":"error"},
+		{"inputs":[{"components":[{"internalType":"uint256","name":"a","type":"uint256"},{"internalType":"string","name":"b","type":"string"},{"internalType":"address","name":"c","type":"address"}],"internalType":"struct MyError.MyStruct","name":"x","type":"tuple"},{"internalType":"address","name":"y","type":"address"},{"components":[{"internalType":"uint256","name":"a","type":"uint256"},{"internalType":"string","name":"b","type":"string"},{"internalType":"address","name":"c","type":"address"}],"internalType":"struct MyError.MyStruct","name":"z","type":"tuple"}],"name":"MyError2","type":"error"},
+		{"inputs":[{"internalType":"uint256[]","name":"x","type":"uint256[]"}],"name":"MyError3","type":"error"}
+	]`))
+	if err != nil {
+		t.Fatal(err)
+	}
+	for name, m := range abi.Errors {
+		a := fmt.Sprintf("%v", &m)
+		var id [4]byte
+		copy(id[:], m.ID[:4])
+		m2, err := abi.ErrorByID(id)
+		if err != nil {
+			t.Fatalf("Failed to look up ABI error: %v", err)
+		}
+		b := fmt.Sprintf("%v", m2)
+		if a != b {
+			t.Errorf("Error %v (id %x) not 'findable' by id in ABI", name, id)
+		}
+	}
+	// test unsuccessful lookups
+	if _, err = abi.ErrorByID([4]byte{}); err == nil {
+		t.Error("Expected error: no error with this id")
+	}
+}
+
 // TestDoubleDuplicateMethodNames checks that if transfer0 already exists, there won't be a name
 // conflict and that the second transfer method will be renamed transfer1.
 func TestDoubleDuplicateMethodNames(t *testing.T) {
+	t.Parallel()
 	abiJSON := `[{"constant":false,"inputs":[{"name":"to","type":"address"},{"name":"value","type":"uint256"}],"name":"transfer","outputs":[{"name":"ok","type":"bool"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"to","type":"address"},{"name":"value","type":"uint256"},{"name":"data","type":"bytes"}],"name":"transfer0","outputs":[{"name":"ok","type":"bool"}],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":false,"inputs":[{"name":"to","type":"address"},{"name":"value","type":"uint256"},{"name":"data","type":"bytes"},{"name":"customFallback","type":"string"}],"name":"transfer","outputs":[{"name":"ok","type":"bool"}],"payable":false,"stateMutability":"nonpayable","type":"function"}]`
 	contractAbi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -1089,6 +1137,7 @@ func TestDoubleDuplicateMethodNames(t *testing.T) {
 //		event send();
 //	}
 func TestDoubleDuplicateEventNames(t *testing.T) {
+	t.Parallel()
 	abiJSON := `[{"anonymous": false,"inputs": [{"indexed": false,"internalType": "uint256","name": "a","type": "uint256"}],"name": "send","type": "event"},{"anonymous": false,"inputs": [],"name": "send0","type": "event"},{	"anonymous": false,	"inputs": [],"name": "send","type": "event"}]`
 	contractAbi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -1116,6 +1165,7 @@ func TestDoubleDuplicateEventNames(t *testing.T) {
 //		event send(uint256, uint256);
 //	}
 func TestUnnamedEventParam(t *testing.T) {
+	t.Parallel()
 	abiJSON := `[{ "anonymous": false, "inputs": [{	"indexed": false,"internalType": "uint256",	"name": "","type": "uint256"},{"indexed": false,"internalType": "uint256","name": "","type": "uint256"}],"name": "send","type": "event"}]`
 	contractAbi, err := JSON(strings.NewReader(abiJSON))
 	if err != nil {
@@ -1145,9 +1195,13 @@ func TestUnpackRevert(t *testing.T) {
 		{"", "", errors.New("invalid data for unpacking")},
 		{"08c379a1", "", errors.New("invalid data for unpacking")},
 		{"08c379a00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000d72657665727420726561736f6e00000000000000000000000000000000000000", "revert reason", nil},
+		{"4e487b710000000000000000000000000000000000000000000000000000000000000000", "generic panic", nil},
+		{"4e487b7100000000000000000000000000000000000000000000000000000000000000ff", "unknown panic code: 0xff", nil},
 	}
 	for index, c := range cases {
+		index, c := index, c
 		t.Run(fmt.Sprintf("case %d", index), func(t *testing.T) {
+			t.Parallel()
 			got, err := UnpackRevert(common.Hex2Bytes(c.input))
 			if c.expectErr != nil {
 				if err == nil {

accounts/abi/abifuzzer_test.go

@@ -20,20 +20,34 @@ import (
 	"fmt"
 	"reflect"
 	"strings"
+	"testing"
 
-	"github.com/ethereum/go-ethereum/accounts/abi"
 	fuzz "github.com/google/gofuzz"
 )
 
+// TestReplicate can be used to replicate crashers from the fuzzing tests.
+// Just replace testString with the data in .quoted
+func TestReplicate(t *testing.T) {
+	t.Parallel()
+	//t.Skip("Test only useful for reproducing issues")
+	fuzzAbi([]byte("\x20\x20\x20\x20\x20\x20\x20\x20\x80\x00\x00\x00\x20\x20\x20\x20\x00"))
+	//fuzzAbi([]byte("asdfasdfkadsf;lasdf;lasd;lfk"))
+}
+
+// FuzzABI is the main entrypoint for fuzzing
+func FuzzABI(f *testing.F) {
+	f.Fuzz(func(t *testing.T, data []byte) {
+		fuzzAbi(data)
+	})
+}
+
 var (
-	names            = []string{"_name", "name", "NAME", "name_", "__", "_name_", "n"}
-	stateMut         = []string{"", "pure", "view", "payable"}
-	stateMutabilites = []*string{&stateMut[0], &stateMut[1], &stateMut[2], &stateMut[3]}
-	pays             = []string{"", "true", "false"}
-	payables         = []*string{&pays[0], &pays[1]}
-	vNames           = []string{"a", "b", "c", "d", "e", "f", "g"}
-	varNames         = append(vNames, names...)
-	varTypes         = []string{"bool", "address", "bytes", "string",
+	names    = []string{"_name", "name", "NAME", "name_", "__", "_name_", "n"}
+	stateMut = []string{"pure", "view", "payable"}
+	pays     = []string{"true", "false"}
+	vNames   = []string{"a", "b", "c", "d", "e", "f", "g"}
+	varNames = append(vNames, names...)
+	varTypes = []string{"bool", "address", "bytes", "string",
 		"uint8", "int8", "uint8", "int8", "uint16", "int16",
 		"uint24", "int24", "uint32", "int32", "uint40", "int40", "uint48", "int48", "uint56", "int56",
 		"uint64", "int64", "uint72", "int72", "uint80", "int80", "uint88", "int88", "uint96", "int96",
@@ -47,7 +61,7 @@ var (
 		"bytes32", "bytes"}
 )
 
-func unpackPack(abi abi.ABI, method string, input []byte) ([]interface{}, bool) {
+func unpackPack(abi ABI, method string, input []byte) ([]interface{}, bool) {
 	if out, err := abi.Unpack(method, input); err == nil {
 		_, err := abi.Pack(method, out...)
 		if err != nil {
@@ -63,7 +77,7 @@ func unpackPack(abi abi.ABI, method string, input []byte) ([]interface{}, bool)
 	return nil, false
 }
 
-func packUnpack(abi abi.ABI, method string, input *[]interface{}) bool {
+func packUnpack(abi ABI, method string, input *[]interface{}) bool {
 	if packed, err := abi.Pack(method, input); err == nil {
 		outptr := reflect.New(reflect.TypeOf(input))
 		err := abi.UnpackIntoInterface(outptr.Interface(), method, packed)
@@ -79,12 +93,12 @@ func packUnpack(abi abi.ABI, method string, input *[]interface{}) bool {
 	return false
 }
 
-type args struct {
+type arg struct {
 	name string
 	typ  string
 }
 
-func createABI(name string, stateMutability, payable *string, inputs []args) (abi.ABI, error) {
+func createABI(name string, stateMutability, payable *string, inputs []arg) (ABI, error) {
 	sig := fmt.Sprintf(`[{ "type" : "function", "name" : "%v" `, name)
 	if stateMutability != nil {
 		sig += fmt.Sprintf(`, "stateMutability": "%v" `, *stateMutability)
@@ -111,60 +125,55 @@ func createABI(name string, stateMutability, payable *string, inputs []args) (ab
 		sig += "} ]"
 	}
 	sig += `}]`
-
-	return abi.JSON(strings.NewReader(sig))
+	//fmt.Printf("sig: %s\n", sig)
+	return JSON(strings.NewReader(sig))
 }
 
-func runFuzzer(input []byte) int {
-	good := false
-	fuzzer := fuzz.NewFromGoFuzz(input)
-
-	name := names[getUInt(fuzzer)%len(names)]
-	stateM := stateMutabilites[getUInt(fuzzer)%len(stateMutabilites)]
-	payable := payables[getUInt(fuzzer)%len(payables)]
-	maxLen := 5
-	for k := 1; k < maxLen; k++ {
-		var arg []args
-		for i := k; i > 0; i-- {
-			argName := varNames[i]
-			argTyp := varTypes[getUInt(fuzzer)%len(varTypes)]
-			if getUInt(fuzzer)%10 == 0 {
-				argTyp += "[]"
-			} else if getUInt(fuzzer)%10 == 0 {
-				arrayArgs := getUInt(fuzzer)%30 + 1
-				argTyp += fmt.Sprintf("[%d]", arrayArgs)
-			}
-			arg = append(arg, args{
-				name: argName,
-				typ:  argTyp,
-			})
+func fuzzAbi(input []byte) {
+	var (
+		fuzzer    = fuzz.NewFromGoFuzz(input)
+		name      = oneOf(fuzzer, names)
+		stateM    = oneOfOrNil(fuzzer, stateMut)
+		payable   = oneOfOrNil(fuzzer, pays)
+		arguments []arg
+	)
+	for i := 0; i < upTo(fuzzer, 10); i++ {
+		argName := oneOf(fuzzer, varNames)
+		argTyp := oneOf(fuzzer, varTypes)
+		switch upTo(fuzzer, 10) {
+		case 0: // 10% chance to make it a slice
+			argTyp += "[]"
+		case 1: // 10% chance to make it an array
+			argTyp += fmt.Sprintf("[%d]", 1+upTo(fuzzer, 30))
+		default:
 		}
-		abi, err := createABI(name, stateM, payable, arg)
-		if err != nil {
-			continue
-		}
-		structs, b := unpackPack(abi, name, input)
-		c := packUnpack(abi, name, &structs)
-		good = good || b || c
+		arguments = append(arguments, arg{name: argName, typ: argTyp})
 	}
-	if good {
-		return 1
+	abi, err := createABI(name, stateM, payable, arguments)
+	if err != nil {
+		//fmt.Printf("err: %v\n", err)
+		panic(err)
 	}
-	return 0
+	structs, _ := unpackPack(abi, name, input)
+	_ = packUnpack(abi, name, &structs)
 }
 
-func Fuzz(input []byte) int {
-	return runFuzzer(input)
-}
-
-func getUInt(fuzzer *fuzz.Fuzzer) int {
+func upTo(fuzzer *fuzz.Fuzzer, max int) int {
 	var i int
 	fuzzer.Fuzz(&i)
 	if i < 0 {
-		i = -i
-		if i < 0 {
-			return 0
-		}
+		return (-1 - i) % max
 	}
-	return i
+	return i % max
+}
+
+func oneOf(fuzzer *fuzz.Fuzzer, options []string) string {
+	return options[upTo(fuzzer, len(options))]
+}
+
+func oneOfOrNil(fuzzer *fuzz.Fuzzer, options []string) *string {
+	if i := upTo(fuzzer, len(options)+1); i < len(options) {
+		return &options[i]
+	}
+	return nil
 }

accounts/abi/argument.go

@@ -80,7 +80,7 @@ func (arguments Arguments) isTuple() bool {
 func (arguments Arguments) Unpack(data []byte) ([]interface{}, error) {
 	if len(data) == 0 {
 		if len(arguments.NonIndexed()) != 0 {
-			return nil, errors.New("abi: attempting to unmarshall an empty string while arguments are expected")
+			return nil, errors.New("abi: attempting to unmarshal an empty string while arguments are expected")
 		}
 		return make([]interface{}, 0), nil
 	}
@@ -95,7 +95,7 @@ func (arguments Arguments) UnpackIntoMap(v map[string]interface{}, data []byte)
 	}
 	if len(data) == 0 {
 		if len(arguments.NonIndexed()) != 0 {
-			return errors.New("abi: attempting to unmarshall an empty string while arguments are expected")
+			return errors.New("abi: attempting to unmarshal an empty string while arguments are expected")
 		}
 		return nil // Nothing to unmarshal, return
 	}

accounts/abi/bind/auth.go

@@ -56,7 +56,7 @@ func NewTransactor(keyin io.Reader, passphrase string) (*TransactOpts, error) {
 }
 
 // NewKeyStoreTransactor is a utility method to easily create a transaction signer from
-// an decrypted key from a keystore.
+// a decrypted key from a keystore.
 //
 // Deprecated: Use NewKeyStoreTransactorWithChainID instead.
 func NewKeyStoreTransactor(keystore *keystore.KeyStore, account accounts.Account) (*TransactOpts, error) {
@@ -117,7 +117,7 @@ func NewTransactorWithChainID(keyin io.Reader, passphrase string, chainID *big.I
 }
 
 // NewKeyStoreTransactorWithChainID is a utility method to easily create a transaction signer from
-// an decrypted key from a keystore.
+// a decrypted key from a keystore.
 func NewKeyStoreTransactorWithChainID(keystore *keystore.KeyStore, account accounts.Account, chainID *big.Int) (*TransactOpts, error) {
 	if chainID == nil {
 		return nil, ErrNoChainID

accounts/abi/bind/backend.go

@@ -29,13 +29,17 @@ import (
 var (
 	// ErrNoCode is returned by call and transact operations for which the requested
 	// recipient contract to operate on does not exist in the state db or does not
-	// have any code associated with it (i.e. suicided).
+	// have any code associated with it (i.e. self-destructed).
 	ErrNoCode = errors.New("no contract code at given address")
 
 	// ErrNoPendingState is raised when attempting to perform a pending state action
 	// on a backend that doesn't implement PendingContractCaller.
 	ErrNoPendingState = errors.New("backend does not support pending state")
 
+	// ErrNoBlockHashState is raised when attempting to perform a block hash action
+	// on a backend that doesn't implement BlockHashContractCaller.
+	ErrNoBlockHashState = errors.New("backend does not support block hash state")
+
 	// ErrNoCodeAfterDeploy is returned by WaitDeployed if contract creation leaves
 	// an empty contract behind.
 	ErrNoCodeAfterDeploy = errors.New("no contract code after deployment")
@@ -64,6 +68,17 @@ type PendingContractCaller interface {
 	PendingCallContract(ctx context.Context, call ethereum.CallMsg) ([]byte, error)
 }
 
+// BlockHashContractCaller defines methods to perform contract calls on a specific block hash.
+// Call will try to discover this interface when access to a block by hash is requested.
+// If the backend does not support the block hash state, Call returns ErrNoBlockHashState.
+type BlockHashContractCaller interface {
+	// CodeAtHash returns the code of the given account in the state at the specified block hash.
+	CodeAtHash(ctx context.Context, contract common.Address, blockHash common.Hash) ([]byte, error)
+
+	// CallContractAtHash executes an Ethereum contract call against the state at the specified block hash.
+	CallContractAtHash(ctx context.Context, call ethereum.CallMsg, blockHash common.Hash) ([]byte, error)
+}
+
 // ContractTransactor defines the methods needed to allow operating with a contract
 // on a write only basis. Besides the transacting method, the remainder are helpers
 // used when the user does not provide some needed values, but rather leaves it up

accounts/abi/bind/backends/simulated.go

@@ -50,6 +50,7 @@ var _ bind.ContractBackend = (*SimulatedBackend)(nil)
 
 var (
 	errBlockNumberUnsupported  = errors.New("simulatedBackend cannot access blocks other than the latest block")
+	errBlockHashUnsupported    = errors.New("simulatedBackend cannot access blocks by hash other than the latest block")
 	errBlockDoesNotExist       = errors.New("block does not exist in blockchain")
 	errTransactionDoesNotExist = errors.New("transaction does not exist")
 )
@@ -95,7 +96,10 @@ func NewSimulatedBackendWithDatabase(database ethdb.Database, alloc core.Genesis
 	backend.filterSystem = filters.NewFilterSystem(filterBackend, filters.Config{})
 	backend.events = filters.NewEventSystem(backend.filterSystem, false)
 
-	backend.rollback(blockchain.CurrentBlock())
+	header := backend.blockchain.CurrentBlock()
+	block := backend.blockchain.GetBlock(header.Hash(), header.Number.Uint64())
+
+	backend.rollback(block)
 	return backend
 }
 
@@ -135,7 +139,10 @@ func (b *SimulatedBackend) Rollback() {
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	b.rollback(b.blockchain.CurrentBlock())
+	header := b.blockchain.CurrentBlock()
+	block := b.blockchain.GetBlock(header.Hash(), header.Number.Uint64())
+
+	b.rollback(block)
 }
 
 func (b *SimulatedBackend) rollback(parent *types.Block) {
@@ -174,7 +181,7 @@ func (b *SimulatedBackend) Fork(ctx context.Context, parent common.Hash) error {
 
 // stateByBlockNumber retrieves a state by a given blocknumber.
 func (b *SimulatedBackend) stateByBlockNumber(ctx context.Context, blockNumber *big.Int) (*state.StateDB, error) {
-	if blockNumber == nil || blockNumber.Cmp(b.blockchain.CurrentBlock().Number()) == 0 {
+	if blockNumber == nil || blockNumber.Cmp(b.blockchain.CurrentBlock().Number) == 0 {
 		return b.blockchain.State()
 	}
 	block, err := b.blockByNumber(ctx, blockNumber)
@@ -193,6 +200,23 @@ func (b *SimulatedBackend) CodeAt(ctx context.Context, contract common.Address,
 	if err != nil {
 		return nil, err
 	}
+	return stateDB.GetCode(contract), nil
+}
+
+// CodeAtHash returns the code associated with a certain account in the blockchain.
+func (b *SimulatedBackend) CodeAtHash(ctx context.Context, contract common.Address, blockHash common.Hash) ([]byte, error) {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+
+	header, err := b.headerByHash(blockHash)
+	if err != nil {
+		return nil, err
+	}
+
+	stateDB, err := b.blockchain.StateAt(header.Root)
+	if err != nil {
+		return nil, err
+	}
 
 	return stateDB.GetCode(contract), nil
 }
@@ -206,7 +230,6 @@ func (b *SimulatedBackend) BalanceAt(ctx context.Context, contract common.Addres
 	if err != nil {
 		return nil, err
 	}
-
 	return stateDB.GetBalance(contract), nil
 }
 
@@ -219,7 +242,6 @@ func (b *SimulatedBackend) NonceAt(ctx context.Context, contract common.Address,
 	if err != nil {
 		return 0, err
 	}
-
 	return stateDB.GetNonce(contract), nil
 }
 
@@ -232,7 +254,6 @@ func (b *SimulatedBackend) StorageAt(ctx context.Context, contract common.Addres
 	if err != nil {
 		return nil, err
 	}
-
 	val := stateDB.GetState(contract, key)
 	return val[:], nil
 }
@@ -303,7 +324,7 @@ func (b *SimulatedBackend) BlockByNumber(ctx context.Context, number *big.Int) (
 // (associated with its hash) if found without Lock.
 func (b *SimulatedBackend) blockByNumber(ctx context.Context, number *big.Int) (*types.Block, error) {
 	if number == nil || number.Cmp(b.pendingBlock.Number()) == 0 {
-		return b.blockchain.CurrentBlock(), nil
+		return b.blockByHash(ctx, b.blockchain.CurrentBlock().Hash())
 	}
 
 	block := b.blockchain.GetBlockByNumber(uint64(number.Int64()))
@@ -318,7 +339,11 @@ func (b *SimulatedBackend) blockByNumber(ctx context.Context, number *big.Int) (
 func (b *SimulatedBackend) HeaderByHash(ctx context.Context, hash common.Hash) (*types.Header, error) {
 	b.mu.Lock()
 	defer b.mu.Unlock()
+	return b.headerByHash(hash)
+}
 
+// headerByHash retrieves a header from the database by hash without Lock.
+func (b *SimulatedBackend) headerByHash(hash common.Hash) (*types.Header, error) {
 	if hash == b.pendingBlock.Hash() {
 		return b.pendingBlock.Header(), nil
 	}
@@ -431,9 +456,25 @@ func (b *SimulatedBackend) CallContract(ctx context.Context, call ethereum.CallM
 	b.mu.Lock()
 	defer b.mu.Unlock()
 
-	if blockNumber != nil && blockNumber.Cmp(b.blockchain.CurrentBlock().Number()) != 0 {
+	if blockNumber != nil && blockNumber.Cmp(b.blockchain.CurrentBlock().Number) != 0 {
 		return nil, errBlockNumberUnsupported
 	}
+	return b.callContractAtHead(ctx, call)
+}
+
+// CallContractAtHash executes a contract call on a specific block hash.
+func (b *SimulatedBackend) CallContractAtHash(ctx context.Context, call ethereum.CallMsg, blockHash common.Hash) ([]byte, error) {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+
+	if blockHash != b.blockchain.CurrentBlock().Hash() {
+		return nil, errBlockHashUnsupported
+	}
+	return b.callContractAtHead(ctx, call)
+}
+
+// callContractAtHead executes a contract call against the latest block state.
+func (b *SimulatedBackend) callContractAtHead(ctx context.Context, call ethereum.CallMsg) ([]byte, error) {
 	stateDB, err := b.blockchain.State()
 	if err != nil {
 		return nil, err
@@ -455,7 +496,7 @@ func (b *SimulatedBackend) PendingCallContract(ctx context.Context, call ethereu
 	defer b.mu.Unlock()
 	defer b.pendingState.RevertToSnapshot(b.pendingState.Snapshot())
 
-	res, err := b.callContract(ctx, call, b.pendingBlock, b.pendingState)
+	res, err := b.callContract(ctx, call, b.pendingBlock.Header(), b.pendingState)
 	if err != nil {
 		return nil, err
 	}
@@ -549,7 +590,7 @@ func (b *SimulatedBackend) EstimateGas(ctx context.Context, call ethereum.CallMs
 		call.Gas = gas
 
 		snapshot := b.pendingState.Snapshot()
-		res, err := b.callContract(ctx, call, b.pendingBlock, b.pendingState)
+		res, err := b.callContract(ctx, call, b.pendingBlock.Header(), b.pendingState)
 		b.pendingState.RevertToSnapshot(snapshot)
 
 		if err != nil {
@@ -584,7 +625,7 @@ func (b *SimulatedBackend) EstimateGas(ctx context.Context, call ethereum.CallMs
 			return 0, err
 		}
 		if failed {
-			if result != nil && result.Err != vm.ErrOutOfGas {
+			if result != nil && !errors.Is(result.Err, vm.ErrOutOfGas) {
 				if len(result.Revert()) > 0 {
 					return 0, newRevertError(result)
 				}
@@ -599,13 +640,12 @@ func (b *SimulatedBackend) EstimateGas(ctx context.Context, call ethereum.CallMs
 
 // callContract implements common code between normal and pending contract calls.
 // state is modified during execution, make sure to copy it if necessary.
-func (b *SimulatedBackend) callContract(ctx context.Context, call ethereum.CallMsg, block *types.Block, stateDB *state.StateDB) (*core.ExecutionResult, error) {
+func (b *SimulatedBackend) callContract(ctx context.Context, call ethereum.CallMsg, header *types.Header, stateDB *state.StateDB) (*core.ExecutionResult, error) {
 	// Gas prices post 1559 need to be initialized
 	if call.GasPrice != nil && (call.GasFeeCap != nil || call.GasTipCap != nil) {
 		return nil, errors.New("both gasPrice and (maxFeePerGas or maxPriorityFeePerGas) specified")
 	}
-	head := b.blockchain.CurrentHeader()
-	if !b.blockchain.Config().IsLondon(head.Number) {
+	if !b.blockchain.Config().IsLondon(header.Number) {
 		// If there's no basefee, then it must be a non-1559 execution
 		if call.GasPrice == nil {
 			call.GasPrice = new(big.Int)
@@ -627,31 +667,44 @@ func (b *SimulatedBackend) callContract(ctx context.Context, call ethereum.CallM
 			// Backfill the legacy gasPrice for EVM execution, unless we're all zeroes
 			call.GasPrice = new(big.Int)
 			if call.GasFeeCap.BitLen() > 0 || call.GasTipCap.BitLen() > 0 {
-				call.GasPrice = math.BigMin(new(big.Int).Add(call.GasTipCap, head.BaseFee), call.GasFeeCap)
+				call.GasPrice = math.BigMin(new(big.Int).Add(call.GasTipCap, header.BaseFee), call.GasFeeCap)
 			}
 		}
 	}
 	// Ensure message is initialized properly.
 	if call.Gas == 0 {
-		call.Gas = 50000000
+		call.Gas = 10 * header.GasLimit
 	}
 	if call.Value == nil {
 		call.Value = new(big.Int)
 	}
+
 	// Set infinite balance to the fake caller account.
 	from := stateDB.GetOrNewStateObject(call.From)
 	from.SetBalance(math.MaxBig256)
-	// Execute the call.
-	msg := callMsg{call}
 
-	txContext := core.NewEVMTxContext(msg)
-	evmContext := core.NewEVMBlockContext(block.Header(), b.blockchain, nil)
+	// Execute the call.
+	msg := &core.Message{
+		From:              call.From,
+		To:                call.To,
+		Value:             call.Value,
+		GasLimit:          call.Gas,
+		GasPrice:          call.GasPrice,
+		GasFeeCap:         call.GasFeeCap,
+		GasTipCap:         call.GasTipCap,
+		Data:              call.Data,
+		AccessList:        call.AccessList,
+		SkipAccountChecks: true,
+	}
+
 	// Create a new environment which holds all relevant information
 	// about the transaction and calling mechanisms.
+	txContext := core.NewEVMTxContext(msg)
+	evmContext := core.NewEVMBlockContext(header, b.blockchain, nil)
 	vmEnv := vm.NewEVM(evmContext, txContext, stateDB, b.config, vm.Config{NoBaseFee: true})
 	gasPool := new(core.GasPool).AddGas(math.MaxUint64)
 
-	return core.NewStateTransition(vmEnv, msg, gasPool).TransitionDb()
+	return core.ApplyMessage(vmEnv, msg, gasPool)
 }
 
 // SendTransaction updates the pending block to include the given transaction.
@@ -662,10 +715,10 @@ func (b *SimulatedBackend) SendTransaction(ctx context.Context, tx *types.Transa
 	// Get the last block
 	block, err := b.blockByHash(ctx, b.pendingBlock.ParentHash())
 	if err != nil {
-		return fmt.Errorf("could not fetch parent")
+		return errors.New("could not fetch parent")
 	}
 	// Check transaction validity
-	signer := types.MakeSigner(b.blockchain.Config(), block.Number())
+	signer := types.MakeSigner(b.blockchain.Config(), block.Number(), block.Time())
 	sender, err := types.Sender(signer, tx)
 	if err != nil {
 		return fmt.Errorf("invalid transaction: %v", err)
@@ -681,8 +734,10 @@ func (b *SimulatedBackend) SendTransaction(ctx context.Context, tx *types.Transa
 		}
 		block.AddTxWithChain(b.blockchain, tx)
 	})
-	stateDB, _ := b.blockchain.State()
-
+	stateDB, err := b.blockchain.State()
+	if err != nil {
+		return err
+	}
 	b.pendingBlock = blocks[0]
 	b.pendingState, _ = state.New(b.pendingBlock.Root(), stateDB.Database(), nil)
 	b.pendingReceipts = receipts[0]
@@ -791,22 +846,23 @@ func (b *SimulatedBackend) AdjustTime(adjustment time.Duration) error {
 	defer b.mu.Unlock()
 
 	if len(b.pendingBlock.Transactions()) != 0 {
-		return errors.New("Could not adjust time on non-empty block")
+		return errors.New("could not adjust time on non-empty block")
 	}
 	// Get the last block
 	block := b.blockchain.GetBlockByHash(b.pendingBlock.ParentHash())
 	if block == nil {
-		return fmt.Errorf("could not find parent")
+		return errors.New("could not find parent")
 	}
 
 	blocks, _ := core.GenerateChain(b.config, block, ethash.NewFaker(), b.database, 1, func(number int, block *core.BlockGen) {
 		block.OffsetTime(int64(adjustment.Seconds()))
 	})
-	stateDB, _ := b.blockchain.State()
-
+	stateDB, err := b.blockchain.State()
+	if err != nil {
+		return err
+	}
 	b.pendingBlock = blocks[0]
 	b.pendingState, _ = state.New(b.pendingBlock.Root(), stateDB.Database(), nil)
-
 	return nil
 }
 
@@ -815,23 +871,6 @@ func (b *SimulatedBackend) Blockchain() *core.BlockChain {
 	return b.blockchain
 }
 
-// callMsg implements core.Message to allow passing it as a transaction simulator.
-type callMsg struct {
-	ethereum.CallMsg
-}
-
-func (m callMsg) From() common.Address         { return m.CallMsg.From }
-func (m callMsg) Nonce() uint64                { return 0 }
-func (m callMsg) IsFake() bool                 { return true }
-func (m callMsg) To() *common.Address          { return m.CallMsg.To }
-func (m callMsg) GasPrice() *big.Int           { return m.CallMsg.GasPrice }
-func (m callMsg) GasFeeCap() *big.Int          { return m.CallMsg.GasFeeCap }
-func (m callMsg) GasTipCap() *big.Int          { return m.CallMsg.GasTipCap }
-func (m callMsg) Gas() uint64                  { return m.CallMsg.Gas }
-func (m callMsg) Value() *big.Int              { return m.CallMsg.Value }
-func (m callMsg) Data() []byte                 { return m.CallMsg.Data }
-func (m callMsg) AccessList() types.AccessList { return m.CallMsg.AccessList }
-
 // filterBackend implements filters.Backend to support filtering for logs without
 // taking bloom-bits acceleration structures into account.
 type filterBackend struct {
@@ -854,15 +893,9 @@ func (fb *filterBackend) HeaderByNumber(ctx context.Context, number rpc.BlockNum
 	case rpc.LatestBlockNumber:
 		return fb.bc.CurrentHeader(), nil
 	case rpc.FinalizedBlockNumber:
-		if block := fb.bc.CurrentFinalizedBlock(); block != nil {
-			return block.Header(), nil
-		}
-		return nil, errors.New("finalized block not found")
+		return fb.bc.CurrentFinalBlock(), nil
 	case rpc.SafeBlockNumber:
-		if block := fb.bc.CurrentSafeBlock(); block != nil {
-			return block.Header(), nil
-		}
-		return nil, errors.New("safe block not found")
+		return fb.bc.CurrentSafeBlock(), nil
 	default:
 		return fb.bc.GetHeaderByNumber(uint64(number.Int64())), nil
 	}
@@ -888,11 +921,15 @@ func (fb *filterBackend) GetReceipts(ctx context.Context, hash common.Hash) (typ
 	if number == nil {
 		return nil, nil
 	}
-	return rawdb.ReadReceipts(fb.db, hash, *number, fb.bc.Config()), nil
+	header := rawdb.ReadHeader(fb.db, hash, *number)
+	if header == nil {
+		return nil, nil
+	}
+	return rawdb.ReadReceipts(fb.db, hash, *number, header.Time, fb.bc.Config()), nil
 }
 
 func (fb *filterBackend) GetLogs(ctx context.Context, hash common.Hash, number uint64) ([][]*types.Log, error) {
-	logs := rawdb.ReadLogs(fb.db, hash, number, fb.bc.Config())
+	logs := rawdb.ReadLogs(fb.db, hash, number)
 	return logs, nil
 }
 

accounts/abi/bind/backends/simulated_test.go

@@ -38,6 +38,7 @@ import (
 )
 
 func TestSimulatedBackend(t *testing.T) {
+	t.Parallel()
 	var gasLimit uint64 = 8000029
 	key, _ := crypto.GenerateKey() // nolint: gosec
 	auth, _ := bind.NewKeyedTransactorWithChainID(key, big.NewInt(1337))
@@ -121,6 +122,7 @@ func simTestBackend(testAddr common.Address) *SimulatedBackend {
 }
 
 func TestNewSimulatedBackend(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	expectedBal := big.NewInt(10000000000000000)
 	sim := simTestBackend(testAddr)
@@ -142,6 +144,7 @@ func TestNewSimulatedBackend(t *testing.T) {
 }
 
 func TestAdjustTime(t *testing.T) {
+	t.Parallel()
 	sim := NewSimulatedBackend(
 		core.GenesisAlloc{}, 10000000,
 	)
@@ -159,8 +162,10 @@ func TestAdjustTime(t *testing.T) {
 }
 
 func TestNewAdjustTimeFail(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
+	defer sim.blockchain.Stop()
 
 	// Create tx and send
 	head, _ := sim.HeaderByNumber(context.Background(), nil) // Should be child's, good enough
@@ -201,6 +206,7 @@ func TestNewAdjustTimeFail(t *testing.T) {
 }
 
 func TestBalanceAt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	expectedBal := big.NewInt(10000000000000000)
 	sim := simTestBackend(testAddr)
@@ -218,6 +224,7 @@ func TestBalanceAt(t *testing.T) {
 }
 
 func TestBlockByHash(t *testing.T) {
+	t.Parallel()
 	sim := NewSimulatedBackend(
 		core.GenesisAlloc{}, 10000000,
 	)
@@ -239,6 +246,7 @@ func TestBlockByHash(t *testing.T) {
 }
 
 func TestBlockByNumber(t *testing.T) {
+	t.Parallel()
 	sim := NewSimulatedBackend(
 		core.GenesisAlloc{}, 10000000,
 	)
@@ -274,6 +282,7 @@ func TestBlockByNumber(t *testing.T) {
 }
 
 func TestNonceAt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -327,6 +336,7 @@ func TestNonceAt(t *testing.T) {
 }
 
 func TestSendTransaction(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -361,6 +371,7 @@ func TestSendTransaction(t *testing.T) {
 }
 
 func TestTransactionByHash(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := NewSimulatedBackend(
@@ -415,6 +426,7 @@ func TestTransactionByHash(t *testing.T) {
 }
 
 func TestEstimateGas(t *testing.T) {
+	t.Parallel()
 	/*
 		pragma solidity ^0.6.4;
 		contract GasEstimation {
@@ -534,6 +546,7 @@ func TestEstimateGas(t *testing.T) {
 }
 
 func TestEstimateGasWithPrice(t *testing.T) {
+	t.Parallel()
 	key, _ := crypto.GenerateKey()
 	addr := crypto.PubkeyToAddress(key.PublicKey)
 
@@ -624,6 +637,7 @@ func TestEstimateGasWithPrice(t *testing.T) {
 }
 
 func TestHeaderByHash(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -645,6 +659,7 @@ func TestHeaderByHash(t *testing.T) {
 }
 
 func TestHeaderByNumber(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -691,6 +706,7 @@ func TestHeaderByNumber(t *testing.T) {
 }
 
 func TestTransactionCount(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -743,6 +759,7 @@ func TestTransactionCount(t *testing.T) {
 }
 
 func TestTransactionInBlock(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -808,6 +825,7 @@ func TestTransactionInBlock(t *testing.T) {
 }
 
 func TestPendingNonceAt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -873,6 +891,7 @@ func TestPendingNonceAt(t *testing.T) {
 }
 
 func TestTransactionReceipt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 
 	sim := simTestBackend(testAddr)
@@ -907,6 +926,7 @@ func TestTransactionReceipt(t *testing.T) {
 }
 
 func TestSuggestGasPrice(t *testing.T) {
+	t.Parallel()
 	sim := NewSimulatedBackend(
 		core.GenesisAlloc{},
 		10000000,
@@ -923,6 +943,7 @@ func TestSuggestGasPrice(t *testing.T) {
 }
 
 func TestPendingCodeAt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -959,6 +980,7 @@ func TestPendingCodeAt(t *testing.T) {
 }
 
 func TestCodeAt(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -995,10 +1017,49 @@ func TestCodeAt(t *testing.T) {
 	}
 }
 
+func TestCodeAtHash(t *testing.T) {
+	t.Parallel()
+	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
+	sim := simTestBackend(testAddr)
+	defer sim.Close()
+	bgCtx := context.Background()
+	code, err := sim.CodeAtHash(bgCtx, testAddr, sim.Blockchain().CurrentHeader().Hash())
+	if err != nil {
+		t.Errorf("could not get code at test addr: %v", err)
+	}
+	if len(code) != 0 {
+		t.Errorf("got code for account that does not have contract code")
+	}
+
+	parsed, err := abi.JSON(strings.NewReader(abiJSON))
+	if err != nil {
+		t.Errorf("could not get code at test addr: %v", err)
+	}
+	auth, _ := bind.NewKeyedTransactorWithChainID(testKey, big.NewInt(1337))
+	contractAddr, tx, contract, err := bind.DeployContract(auth, parsed, common.FromHex(abiBin), sim)
+	if err != nil {
+		t.Errorf("could not deploy contract: %v tx: %v contract: %v", err, tx, contract)
+	}
+
+	blockHash := sim.Commit()
+	code, err = sim.CodeAtHash(bgCtx, contractAddr, blockHash)
+	if err != nil {
+		t.Errorf("could not get code at test addr: %v", err)
+	}
+	if len(code) == 0 {
+		t.Errorf("did not get code for account that has contract code")
+	}
+	// ensure code received equals code deployed
+	if !bytes.Equal(code, common.FromHex(deployedCode)) {
+		t.Errorf("code received did not match expected deployed code:\n expected %v\n actual %v", common.FromHex(deployedCode), code)
+	}
+}
+
 // When receive("X") is called with sender 0x00... and value 1, it produces this tx receipt:
 //
 //	receipt{status=1 cgas=23949 bloom=00000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000040200000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 logs=[log: b6818c8064f645cd82d99b59a1a267d6d61117ef [75fd880d39c1daf53b6547ab6cb59451fc6452d27caa90e5b6649dd8293b9eed] 000000000000000000000000376c47978271565f56deb45495afa69e59c16ab200000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000158 9ae378b6d4409eada347a5dc0c180f186cb62dc68fcc0f043425eb917335aa28 0 95d429d309bb9d753954195fe2d69bd140b4ae731b9b5b605c34323de162cf00 0]}
 func TestPendingAndCallContract(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -1037,7 +1098,7 @@ func TestPendingAndCallContract(t *testing.T) {
 		t.Errorf("response from calling contract was expected to be 'hello world' instead received %v", string(res))
 	}
 
-	sim.Commit()
+	blockHash := sim.Commit()
 
 	// make sure you can call the contract
 	res, err = sim.CallContract(bgCtx, ethereum.CallMsg{
@@ -1055,6 +1116,23 @@ func TestPendingAndCallContract(t *testing.T) {
 	if !bytes.Equal(res, expectedReturn) || !strings.Contains(string(res), "hello world") {
 		t.Errorf("response from calling contract was expected to be 'hello world' instead received %v", string(res))
 	}
+
+	// make sure you can call the contract by hash
+	res, err = sim.CallContractAtHash(bgCtx, ethereum.CallMsg{
+		From: testAddr,
+		To:   &addr,
+		Data: input,
+	}, blockHash)
+	if err != nil {
+		t.Errorf("could not call receive method on contract: %v", err)
+	}
+	if len(res) == 0 {
+		t.Errorf("result of contract call was empty: %v", res)
+	}
+
+	if !bytes.Equal(res, expectedReturn) || !strings.Contains(string(res), "hello world") {
+		t.Errorf("response from calling contract was expected to be 'hello world' instead received %v", string(res))
+	}
 }
 
 // This test is based on the following contract:
@@ -1083,6 +1161,7 @@ contract Reverter {
 	}
 }*/
 func TestCallContractRevert(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -1178,6 +1257,7 @@ func TestCallContractRevert(t *testing.T) {
 //     Since Commit() was called 2n+1 times in total,
 //     having a chain length of just n+1 means that a reorg occurred.
 func TestFork(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -1189,7 +1269,7 @@ func TestFork(t *testing.T) {
 		sim.Commit()
 	}
 	// 3.
-	if sim.blockchain.CurrentBlock().NumberU64() != uint64(n) {
+	if sim.blockchain.CurrentBlock().Number.Uint64() != uint64(n) {
 		t.Error("wrong chain length")
 	}
 	// 4.
@@ -1199,7 +1279,7 @@ func TestFork(t *testing.T) {
 		sim.Commit()
 	}
 	// 6.
-	if sim.blockchain.CurrentBlock().NumberU64() != uint64(n+1) {
+	if sim.blockchain.CurrentBlock().Number.Uint64() != uint64(n+1) {
 		t.Error("wrong chain length")
 	}
 }
@@ -1231,6 +1311,7 @@ const callableBin = "6080604052348015600f57600080fd5b5060998061001e6000396000f3f
 //  9. Re-send the transaction and mine a block.
 //  10. Check that the event was reborn.
 func TestForkLogsReborn(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -1304,6 +1385,7 @@ func TestForkLogsReborn(t *testing.T) {
 //  5. Mine a block, Re-send the transaction and mine another one.
 //  6. Check that the TX is now included in block 2.
 func TestForkResendTx(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
@@ -1340,11 +1422,12 @@ func TestForkResendTx(t *testing.T) {
 }
 
 func TestCommitReturnValue(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()
 
-	startBlockHeight := sim.blockchain.CurrentBlock().NumberU64()
+	startBlockHeight := sim.blockchain.CurrentBlock().Number.Uint64()
 
 	// Test if Commit returns the correct block hash
 	h1 := sim.Commit()
@@ -1381,6 +1464,7 @@ func TestCommitReturnValue(t *testing.T) {
 // TestAdjustTimeAfterFork ensures that after a fork, AdjustTime uses the pending fork
 // block's parent rather than the canonical head's parent.
 func TestAdjustTimeAfterFork(t *testing.T) {
+	t.Parallel()
 	testAddr := crypto.PubkeyToAddress(testKey.PublicKey)
 	sim := simTestBackend(testAddr)
 	defer sim.Close()

accounts/abi/bind/base.go

@@ -34,6 +34,11 @@ import (
 
 const basefeeWiggleMultiplier = 2
 
+var (
+	errNoEventSignature       = errors.New("no event signature")
+	errEventSignatureMismatch = errors.New("event signature mismatch")
+)
+
 // SignerFn is a signer function callback when a contract requires a method to
 // sign the transaction before submission.
 type SignerFn func(common.Address, *types.Transaction) (*types.Transaction, error)
@@ -43,6 +48,7 @@ type CallOpts struct {
 	Pending     bool            // Whether to operate on the pending state or the last known one
 	From        common.Address  // Optional the sender address, otherwise the first account is used
 	BlockNumber *big.Int        // Optional the block number on which the call should be performed
+	BlockHash   common.Hash     // Optional the block hash on which the call should be performed
 	Context     context.Context // Network context to support cancellation and timeouts (nil = no timeout)
 }
 
@@ -184,6 +190,23 @@ func (c *BoundContract) Call(opts *CallOpts, results *[]interface{}, method stri
 				return ErrNoCode
 			}
 		}
+	} else if opts.BlockHash != (common.Hash{}) {
+		bh, ok := c.caller.(BlockHashContractCaller)
+		if !ok {
+			return ErrNoBlockHashState
+		}
+		output, err = bh.CallContractAtHash(ctx, msg, opts.BlockHash)
+		if err != nil {
+			return err
+		}
+		if len(output) == 0 {
+			// Make sure we have a contract to operate on, and bail out otherwise.
+			if code, err = bh.CodeAtHash(ctx, c.address, opts.BlockHash); err != nil {
+				return err
+			} else if len(code) == 0 {
+				return ErrNoCode
+			}
+		}
 	} else {
 		output, err = c.caller.CallContract(ctx, msg, opts.BlockNumber)
 		if err != nil {
@@ -215,7 +238,7 @@ func (c *BoundContract) Transact(opts *TransactOpts, method string, params ...in
 	if err != nil {
 		return nil, err
 	}
-	// todo(rjl493456442) check the method is payable or not,
+	// todo(rjl493456442) check whether the method is payable or not,
 	// reject invalid transaction at the first place
 	return c.transact(opts, &c.address, input)
 }
@@ -223,7 +246,7 @@ func (c *BoundContract) Transact(opts *TransactOpts, method string, params ...in
 // RawTransact initiates a transaction with the given raw calldata as the input.
 // It's usually used to initiate transactions for invoking **Fallback** function.
 func (c *BoundContract) RawTransact(opts *TransactOpts, calldata []byte) (*types.Transaction, error) {
-	// todo(rjl493456442) check the method is payable or not,
+	// todo(rjl493456442) check whether the method is payable or not,
 	// reject invalid transaction at the first place
 	return c.transact(opts, &c.address, calldata)
 }
@@ -488,8 +511,12 @@ func (c *BoundContract) WatchLogs(opts *WatchOpts, name string, query ...[]inter
 
 // UnpackLog unpacks a retrieved log into the provided output structure.
 func (c *BoundContract) UnpackLog(out interface{}, event string, log types.Log) error {
+	// Anonymous events are not supported.
+	if len(log.Topics) == 0 {
+		return errNoEventSignature
+	}
 	if log.Topics[0] != c.abi.Events[event].ID {
-		return fmt.Errorf("event signature mismatch")
+		return errEventSignatureMismatch
 	}
 	if len(log.Data) > 0 {
 		if err := c.abi.UnpackIntoInterface(out, event, log.Data); err != nil {
@@ -507,8 +534,12 @@ func (c *BoundContract) UnpackLog(out interface{}, event string, log types.Log)
 
 // UnpackLogIntoMap unpacks a retrieved log into the provided map.
 func (c *BoundContract) UnpackLogIntoMap(out map[string]interface{}, event string, log types.Log) error {
+	// Anonymous events are not supported.
+	if len(log.Topics) == 0 {
+		return errNoEventSignature
+	}
 	if log.Topics[0] != c.abi.Events[event].ID {
-		return fmt.Errorf("event signature mismatch")
+		return errEventSignatureMismatch
 	}
 	if len(log.Data) > 0 {
 		if err := c.abi.UnpackIntoMap(out, event, log.Data); err != nil {

accounts/abi/bind/base_test.go

@@ -114,7 +114,28 @@ func (mc *mockPendingCaller) PendingCallContract(ctx context.Context, call ether
 	return mc.pendingCallContractBytes, mc.pendingCallContractErr
 }
 
+type mockBlockHashCaller struct {
+	*mockCaller
+	codeAtHashBytes          []byte
+	codeAtHashErr            error
+	codeAtHashCalled         bool
+	callContractAtHashCalled bool
+	callContractAtHashBytes  []byte
+	callContractAtHashErr    error
+}
+
+func (mc *mockBlockHashCaller) CodeAtHash(ctx context.Context, contract common.Address, hash common.Hash) ([]byte, error) {
+	mc.codeAtHashCalled = true
+	return mc.codeAtHashBytes, mc.codeAtHashErr
+}
+
+func (mc *mockBlockHashCaller) CallContractAtHash(ctx context.Context, call ethereum.CallMsg, hash common.Hash) ([]byte, error) {
+	mc.callContractAtHashCalled = true
+	return mc.callContractAtHashBytes, mc.callContractAtHashErr
+}
+
 func TestPassingBlockNumber(t *testing.T) {
+	t.Parallel()
 	mc := &mockPendingCaller{
 		mockCaller: &mockCaller{
 			codeAtBytes: []byte{1, 2, 3},
@@ -166,6 +187,7 @@ func TestPassingBlockNumber(t *testing.T) {
 const hexData = "0x000000000000000000000000376c47978271565f56deb45495afa69e59c16ab200000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000158"
 
 func TestUnpackIndexedStringTyLogIntoMap(t *testing.T) {
+	t.Parallel()
 	hash := crypto.Keccak256Hash([]byte("testName"))
 	topics := []common.Hash{
 		crypto.Keccak256Hash([]byte("received(string,address,uint256,bytes)")),
@@ -186,7 +208,26 @@ func TestUnpackIndexedStringTyLogIntoMap(t *testing.T) {
 	unpackAndCheck(t, bc, expectedReceivedMap, mockLog)
 }
 
+func TestUnpackAnonymousLogIntoMap(t *testing.T) {
+	t.Parallel()
+	mockLog := newMockLog(nil, common.HexToHash("0x0"))
+
+	abiString := `[{"anonymous":false,"inputs":[{"indexed":false,"name":"amount","type":"uint256"}],"name":"received","type":"event"}]`
+	parsedAbi, _ := abi.JSON(strings.NewReader(abiString))
+	bc := bind.NewBoundContract(common.HexToAddress("0x0"), parsedAbi, nil, nil, nil)
+
+	var received map[string]interface{}
+	err := bc.UnpackLogIntoMap(received, "received", mockLog)
+	if err == nil {
+		t.Error("unpacking anonymous event is not supported")
+	}
+	if err.Error() != "no event signature" {
+		t.Errorf("expected error 'no event signature', got '%s'", err)
+	}
+}
+
 func TestUnpackIndexedSliceTyLogIntoMap(t *testing.T) {
+	t.Parallel()
 	sliceBytes, err := rlp.EncodeToBytes([]string{"name1", "name2", "name3", "name4"})
 	if err != nil {
 		t.Fatal(err)
@@ -212,6 +253,7 @@ func TestUnpackIndexedSliceTyLogIntoMap(t *testing.T) {
 }
 
 func TestUnpackIndexedArrayTyLogIntoMap(t *testing.T) {
+	t.Parallel()
 	arrBytes, err := rlp.EncodeToBytes([2]common.Address{common.HexToAddress("0x0"), common.HexToAddress("0x376c47978271565f56DEB45495afa69E59c16Ab2")})
 	if err != nil {
 		t.Fatal(err)
@@ -237,6 +279,7 @@ func TestUnpackIndexedArrayTyLogIntoMap(t *testing.T) {
 }
 
 func TestUnpackIndexedFuncTyLogIntoMap(t *testing.T) {
+	t.Parallel()
 	mockAddress := common.HexToAddress("0x376c47978271565f56DEB45495afa69E59c16Ab2")
 	addrBytes := mockAddress.Bytes()
 	hash := crypto.Keccak256Hash([]byte("mockFunction(address,uint)"))
@@ -263,6 +306,7 @@ func TestUnpackIndexedFuncTyLogIntoMap(t *testing.T) {
 }
 
 func TestUnpackIndexedBytesTyLogIntoMap(t *testing.T) {
+	t.Parallel()
 	bytes := []byte{1, 2, 3, 4, 5}
 	hash := crypto.Keccak256Hash(bytes)
 	topics := []common.Hash{
@@ -285,6 +329,7 @@ func TestUnpackIndexedBytesTyLogIntoMap(t *testing.T) {
 }
 
 func TestTransactGasFee(t *testing.T) {
+	t.Parallel()
 	assert := assert.New(t)
 
 	// GasTipCap and GasFeeCap
@@ -360,6 +405,7 @@ func newMockLog(topics []common.Hash, txHash common.Hash) types.Log {
 }
 
 func TestCall(t *testing.T) {
+	t.Parallel()
 	var method, methodWithArg = "something", "somethingArrrrg"
 	tests := []struct {
 		name, method string
@@ -383,6 +429,15 @@ func TestCall(t *testing.T) {
 			Pending: true,
 		},
 		method: method,
+	}, {
+		name: "ok hash",
+		mc: &mockBlockHashCaller{
+			codeAtHashBytes: []byte{0},
+		},
+		opts: &bind.CallOpts{
+			BlockHash: common.Hash{0xaa},
+		},
+		method: method,
 	}, {
 		name:    "pack error, no method",
 		mc:      new(mockCaller),
@@ -396,6 +451,14 @@ func TestCall(t *testing.T) {
 		},
 		method:       method,
 		wantErrExact: bind.ErrNoPendingState,
+	}, {
+		name: "interface error, blockHash but not a BlockHashContractCaller",
+		mc:   new(mockCaller),
+		opts: &bind.CallOpts{
+			BlockHash: common.Hash{0xaa},
+		},
+		method:       method,
+		wantErrExact: bind.ErrNoBlockHashState,
 	}, {
 		name: "pending call canceled",
 		mc: &mockPendingCaller{
@@ -443,6 +506,34 @@ func TestCall(t *testing.T) {
 		mc:           new(mockCaller),
 		method:       method,
 		wantErrExact: bind.ErrNoCode,
+	}, {
+		name: "call contract at hash error",
+		mc: &mockBlockHashCaller{
+			callContractAtHashErr: context.DeadlineExceeded,
+		},
+		opts: &bind.CallOpts{
+			BlockHash: common.Hash{0xaa},
+		},
+		method:       method,
+		wantErrExact: context.DeadlineExceeded,
+	}, {
+		name: "code at error",
+		mc: &mockBlockHashCaller{
+			codeAtHashErr: errors.New(""),
+		},
+		opts: &bind.CallOpts{
+			BlockHash: common.Hash{0xaa},
+		},
+		method:  method,
+		wantErr: true,
+	}, {
+		name: "no code at hash",
+		mc:   new(mockBlockHashCaller),
+		opts: &bind.CallOpts{
+			BlockHash: common.Hash{0xaa},
+		},
+		method:       method,
+		wantErrExact: bind.ErrNoCode,
 	}, {
 		name: "unpack error missing arg",
 		mc: &mockCaller{
@@ -490,6 +581,7 @@ func TestCall(t *testing.T) {
 
 // TestCrashers contains some strings which previously caused the abi codec to crash.
 func TestCrashers(t *testing.T) {
+	t.Parallel()
 	abi.JSON(strings.NewReader(`[{"inputs":[{"type":"tuple[]","components":[{"type":"bool","name":"_1"}]}]}]`))
 	abi.JSON(strings.NewReader(`[{"inputs":[{"type":"tuple[]","components":[{"type":"bool","name":"&"}]}]}]`))
 	abi.JSON(strings.NewReader(`[{"inputs":[{"type":"tuple[]","components":[{"type":"bool","name":"----"}]}]}]`))

accounts/abi/bind/bind.go

@@ -79,7 +79,7 @@ func isKeyWord(arg string) bool {
 
 // Bind generates a Go wrapper around a contract ABI. This wrapper isn't meant
 // to be used as is in client code, but rather as an intermediate struct which
-// enforces compile time type safety and naming convention opposed to having to
+// enforces compile time type safety and naming convention as opposed to having to
 // manually maintain hard coded strings that break on runtime.
 func Bind(types []string, abis []string, bytecodes []string, fsigs []map[string]string, pkg string, lang Lang, libs map[string]string, aliases map[string]string) (string, error) {
 	var (
@@ -133,12 +133,19 @@ func Bind(types []string, abis []string, bytecodes []string, fsigs []map[string]
 			// Normalize the method for capital cases and non-anonymous inputs/outputs
 			normalized := original
 			normalizedName := methodNormalizer[lang](alias(aliases, original.Name))
-
 			// Ensure there is no duplicated identifier
 			var identifiers = callIdentifiers
 			if !original.IsConstant() {
 				identifiers = transactIdentifiers
 			}
+			// Name shouldn't start with a digit. It will make the generated code invalid.
+			if len(normalizedName) > 0 && unicode.IsDigit(rune(normalizedName[0])) {
+				normalizedName = fmt.Sprintf("M%s", normalizedName)
+				normalizedName = abi.ResolveNameConflict(normalizedName, func(name string) bool {
+					_, ok := identifiers[name]
+					return ok
+				})
+			}
 			if identifiers[normalizedName] {
 				return "", fmt.Errorf("duplicated identifier \"%s\"(normalized \"%s\"), use --alias for renaming", original.Name, normalizedName)
 			}
@@ -182,6 +189,14 @@ func Bind(types []string, abis []string, bytecodes []string, fsigs []map[string]
 
 			// Ensure there is no duplicated identifier
 			normalizedName := methodNormalizer[lang](alias(aliases, original.Name))
+			// Name shouldn't start with a digit. It will make the generated code invalid.
+			if len(normalizedName) > 0 && unicode.IsDigit(rune(normalizedName[0])) {
+				normalizedName = fmt.Sprintf("E%s", normalizedName)
+				normalizedName = abi.ResolveNameConflict(normalizedName, func(name string) bool {
+					_, ok := eventIdentifiers[name]
+					return ok
+				})
+			}
 			if eventIdentifiers[normalizedName] {
 				return "", fmt.Errorf("duplicated identifier \"%s\"(normalized \"%s\"), use --alias for renaming", original.Name, normalizedName)
 			}
@@ -348,7 +363,7 @@ func bindTopicTypeGo(kind abi.Type, structs map[string]*tmplStruct) string {
 	// parameters that are not value types i.e. arrays and structs are not
 	// stored directly but instead a keccak256-hash of an encoding is stored.
 	//
-	// We only convert stringS and bytes to hash, still need to deal with
+	// We only convert strings and bytes to hash, still need to deal with
 	// array(both fixed-size and dynamic-size) and struct.
 	if bound == "string" || bound == "[]byte" {
 		bound = "common.Hash"

accounts/abi/bind/bind_test.go

@@ -1677,7 +1677,7 @@ var bindTests = []struct {
 			}
 			sim.Commit()
 
-			// This test the existence of the free retreiver call for view and pure functions
+			// This test the existence of the free retriever call for view and pure functions
 			if num, err := pav.PureFunc(nil); err != nil {
 				t.Fatalf("Failed to call anonymous field retriever: %v", err)
 			} else if num.Cmp(big.NewInt(42)) != 0 {
@@ -2038,12 +2038,36 @@ var bindTests = []struct {
 				t.Errorf("error deploying the contract: %v", err)
 			}
 		`,
+	}, {
+		name: "NumericMethodName",
+		contract: `
+		// SPDX-License-Identifier: GPL-3.0
+		pragma solidity >=0.4.22 <0.9.0;
+
+		contract NumericMethodName {
+			event _1TestEvent(address _param);
+			function _1test() public pure {}
+			function __1test() public pure {}
+			function __2test() public pure {}
+		}
+		`,
+		bytecode: []string{"0x6080604052348015600f57600080fd5b5060958061001e6000396000f3fe6080604052348015600f57600080fd5b5060043610603c5760003560e01c80639d993132146041578063d02767c7146049578063ffa02795146051575b600080fd5b60476059565b005b604f605b565b005b6057605d565b005b565b565b56fea26469706673582212200382ca602dff96a7e2ba54657985e2b4ac423a56abe4a1f0667bc635c4d4371f64736f6c63430008110033"},
+		abi:      []string{`[{"anonymous":false,"inputs":[{"indexed":false,"internalType":"address","name":"_param","type":"address"}],"name":"_1TestEvent","type":"event"},{"inputs":[],"name":"_1test","outputs":[],"stateMutability":"pure","type":"function"},{"inputs":[],"name":"__1test","outputs":[],"stateMutability":"pure","type":"function"},{"inputs":[],"name":"__2test","outputs":[],"stateMutability":"pure","type":"function"}]`},
+		imports: `
+			"github.com/ethereum/go-ethereum/common"
+		`,
+		tester: `
+			if b, err := NewNumericMethodName(common.Address{}, nil); b == nil || err != nil {
+				t.Fatalf("combined binding (%v) nil or error (%v) not nil", b, nil)
+			}
+`,
 	},
 }
 
 // Tests that packages generated by the binder can be successfully compiled and
 // the requested tester run against it.
 func TestGolangBindings(t *testing.T) {
+	t.Parallel()
 	// Skip the test if no Go command can be found
 	gocmd := runtime.GOROOT() + "/bin/go"
 	if !common.FileExist(gocmd) {

accounts/abi/bind/template.go

@@ -325,7 +325,7 @@ var (
 			if err != nil {
 				return *outstruct, err
 			}
-			{{range $i, $t := .Normalized.Outputs}} 
+			{{range $i, $t := .Normalized.Outputs}}
 			outstruct.{{.Name}} = *abi.ConvertType(out[{{$i}}], new({{bindtype .Type $structs}})).(*{{bindtype .Type $structs}}){{end}}
 
 			return *outstruct, err
@@ -335,7 +335,7 @@ var (
 			}
 			{{range $i, $t := .Normalized.Outputs}}
 			out{{$i}} := *abi.ConvertType(out[{{$i}}], new({{bindtype .Type $structs}})).(*{{bindtype .Type $structs}}){{end}}
-			
+
 			return {{range $i, $t := .Normalized.Outputs}}out{{$i}}, {{end}} err
 			{{end}}
 		}
@@ -378,7 +378,7 @@ var (
 		}
 	{{end}}
 
-	{{if .Fallback}} 
+	{{if .Fallback}}
 		// Fallback is a paid mutator transaction binding the contract fallback function.
 		//
 		// Solidity: {{.Fallback.Original.String}}
@@ -392,16 +392,16 @@ var (
 		func (_{{$contract.Type}} *{{$contract.Type}}Session) Fallback(calldata []byte) (*types.Transaction, error) {
 		  return _{{$contract.Type}}.Contract.Fallback(&_{{$contract.Type}}.TransactOpts, calldata)
 		}
-	
+
 		// Fallback is a paid mutator transaction binding the contract fallback function.
-		// 
+		//
 		// Solidity: {{.Fallback.Original.String}}
 		func (_{{$contract.Type}} *{{$contract.Type}}TransactorSession) Fallback(calldata []byte) (*types.Transaction, error) {
 		  return _{{$contract.Type}}.Contract.Fallback(&_{{$contract.Type}}.TransactOpts, calldata)
 		}
 	{{end}}
 
-	{{if .Receive}} 
+	{{if .Receive}}
 		// Receive is a paid mutator transaction binding the contract receive function.
 		//
 		// Solidity: {{.Receive.Original.String}}
@@ -415,9 +415,9 @@ var (
 		func (_{{$contract.Type}} *{{$contract.Type}}Session) Receive() (*types.Transaction, error) {
 		  return _{{$contract.Type}}.Contract.Receive(&_{{$contract.Type}}.TransactOpts)
 		}
-	
+
 		// Receive is a paid mutator transaction binding the contract receive function.
-		// 
+		//
 		// Solidity: {{.Receive.Original.String}}
 		func (_{{$contract.Type}} *{{$contract.Type}}TransactorSession) Receive() (*types.Transaction, error) {
 		  return _{{$contract.Type}}.Contract.Receive(&_{{$contract.Type}}.TransactOpts)

accounts/abi/bind/util_test.go

@@ -53,6 +53,7 @@ var waitDeployedTests = map[string]struct {
 }
 
 func TestWaitDeployed(t *testing.T) {
+	t.Parallel()
 	for name, test := range waitDeployedTests {
 		backend := backends.NewSimulatedBackend(
 			core.GenesisAlloc{
@@ -100,6 +101,7 @@ func TestWaitDeployed(t *testing.T) {
 }
 
 func TestWaitDeployedCornerCases(t *testing.T) {
+	t.Parallel()
 	backend := backends.NewSimulatedBackend(
 		core.GenesisAlloc{
 			crypto.PubkeyToAddress(testKey.PublicKey): {Balance: big.NewInt(10000000000000000)},
@@ -119,9 +121,9 @@ func TestWaitDeployedCornerCases(t *testing.T) {
 	defer cancel()
 	backend.SendTransaction(ctx, tx)
 	backend.Commit()
-	notContentCreation := errors.New("tx is not contract creation")
-	if _, err := bind.WaitDeployed(ctx, backend, tx); err.Error() != notContentCreation.Error() {
-		t.Errorf("error missmatch: want %q, got %q, ", notContentCreation, err)
+	notContractCreation := errors.New("tx is not contract creation")
+	if _, err := bind.WaitDeployed(ctx, backend, tx); err.Error() != notContractCreation.Error() {
+		t.Errorf("error mismatch: want %q, got %q, ", notContractCreation, err)
 	}
 
 	// Create a transaction that is not mined.
@@ -131,7 +133,7 @@ func TestWaitDeployedCornerCases(t *testing.T) {
 	go func() {
 		contextCanceled := errors.New("context canceled")
 		if _, err := bind.WaitDeployed(ctx, backend, tx); err.Error() != contextCanceled.Error() {
-			t.Errorf("error missmatch: want %q, got %q, ", contextCanceled, err)
+			t.Errorf("error mismatch: want %q, got %q, ", contextCanceled, err)
 		}
 	}()
 

accounts/abi/error.go

@@ -18,7 +18,6 @@ package abi
 
 import (
 	"bytes"
-	"errors"
 	"fmt"
 	"strings"
 
@@ -32,7 +31,7 @@ type Error struct {
 	str    string
 
 	// Sig contains the string signature according to the ABI spec.
-	// e.g.	 error foo(uint32 a, int b) = "foo(uint32,int256)"
+	// e.g. error foo(uint32 a, int b) = "foo(uint32,int256)"
 	// Please note that "int" is substitute for its canonical representation "int256"
 	Sig string
 
@@ -78,16 +77,16 @@ func NewError(name string, inputs Arguments) Error {
 	}
 }
 
-func (e *Error) String() string {
+func (e Error) String() string {
 	return e.str
 }
 
 func (e *Error) Unpack(data []byte) (interface{}, error) {
 	if len(data) < 4 {
-		return "", errors.New("invalid data for unpacking")
+		return "", fmt.Errorf("insufficient data for unpacking: have %d, want at least 4", len(data))
 	}
 	if !bytes.Equal(data[:4], e.ID[:4]) {
-		return "", errors.New("invalid data for unpacking")
+		return "", fmt.Errorf("invalid identifier, have %#x want %#x", data[:4], e.ID[:4])
 	}
 	return e.Inputs.Unpack(data[4:])
 }

accounts/abi/event_test.go

@@ -81,6 +81,7 @@ var pledgeData1 = "00000000000000000000000000ce0d46d924cc8437c806721496599fc3ffa
 var mixedCaseData1 = "00000000000000000000000000000000000000000000000000000000000f42400000000000000000000000000000000000000000000000000000020489e8000000000000000000000000000000000000000000000000000000000000000f4241"
 
 func TestEventId(t *testing.T) {
+	t.Parallel()
 	var table = []struct {
 		definition   string
 		expectations map[string]common.Hash
@@ -112,6 +113,7 @@ func TestEventId(t *testing.T) {
 }
 
 func TestEventString(t *testing.T) {
+	t.Parallel()
 	var table = []struct {
 		definition   string
 		expectations map[string]string
@@ -146,6 +148,7 @@ func TestEventString(t *testing.T) {
 
 // TestEventMultiValueWithArrayUnpack verifies that array fields will be counted after parsing array.
 func TestEventMultiValueWithArrayUnpack(t *testing.T) {
+	t.Parallel()
 	definition := `[{"name": "test", "type": "event", "inputs": [{"indexed": false, "name":"value1", "type":"uint8[2]"},{"indexed": false, "name":"value2", "type":"uint8"}]}]`
 	abi, err := JSON(strings.NewReader(definition))
 	require.NoError(t, err)
@@ -161,6 +164,7 @@ func TestEventMultiValueWithArrayUnpack(t *testing.T) {
 }
 
 func TestEventTupleUnpack(t *testing.T) {
+	t.Parallel()
 	type EventTransfer struct {
 		Value *big.Int
 	}
@@ -351,6 +355,7 @@ func unpackTestEventData(dest interface{}, hexData string, jsonEvent []byte, ass
 
 // TestEventUnpackIndexed verifies that indexed field will be skipped by event decoder.
 func TestEventUnpackIndexed(t *testing.T) {
+	t.Parallel()
 	definition := `[{"name": "test", "type": "event", "inputs": [{"indexed": true, "name":"value1", "type":"uint8"},{"indexed": false, "name":"value2", "type":"uint8"}]}]`
 	type testStruct struct {
 		Value1 uint8 // indexed
@@ -368,6 +373,7 @@ func TestEventUnpackIndexed(t *testing.T) {
 
 // TestEventIndexedWithArrayUnpack verifies that decoder will not overflow when static array is indexed input.
 func TestEventIndexedWithArrayUnpack(t *testing.T) {
+	t.Parallel()
 	definition := `[{"name": "test", "type": "event", "inputs": [{"indexed": true, "name":"value1", "type":"uint8[2]"},{"indexed": false, "name":"value2", "type":"string"}]}]`
 	type testStruct struct {
 		Value1 [2]uint8 // indexed

accounts/abi/method.go

@@ -117,24 +117,23 @@ func NewMethod(name string, rawName string, funType FunctionType, mutability str
 		sig = fmt.Sprintf("%v(%v)", rawName, strings.Join(types, ","))
 		id = crypto.Keccak256([]byte(sig))[:4]
 	}
-	// Extract meaningful state mutability of solidity method.
-	// If it's default value, never print it.
-	state := mutability
-	if state == "nonpayable" {
-		state = ""
-	}
-	if state != "" {
-		state = state + " "
-	}
 	identity := fmt.Sprintf("function %v", rawName)
-	if funType == Fallback {
+	switch funType {
+	case Fallback:
 		identity = "fallback"
-	} else if funType == Receive {
+	case Receive:
 		identity = "receive"
-	} else if funType == Constructor {
+	case Constructor:
 		identity = "constructor"
 	}
-	str := fmt.Sprintf("%v(%v) %sreturns(%v)", identity, strings.Join(inputNames, ", "), state, strings.Join(outputNames, ", "))
+	var str string
+	// Extract meaningful state mutability of solidity method.
+	// If it's empty string or default value "nonpayable", never print it.
+	if mutability == "" || mutability == "nonpayable" {
+		str = fmt.Sprintf("%v(%v) returns(%v)", identity, strings.Join(inputNames, ", "), strings.Join(outputNames, ", "))
+	} else {
+		str = fmt.Sprintf("%v(%v) %s returns(%v)", identity, strings.Join(inputNames, ", "), mutability, strings.Join(outputNames, ", "))
+	}
 
 	return Method{
 		Name:            name,

accounts/abi/method_test.go

@@ -35,6 +35,7 @@ const methoddata = `
 ]`
 
 func TestMethodString(t *testing.T) {
+	t.Parallel()
 	var table = []struct {
 		method      string
 		expectation string
@@ -84,11 +85,12 @@ func TestMethodString(t *testing.T) {
 
 	for _, test := range table {
 		var got string
-		if test.method == "fallback" {
+		switch test.method {
+		case "fallback":
 			got = abi.Fallback.String()
-		} else if test.method == "receive" {
+		case "receive":
 			got = abi.Receive.String()
-		} else {
+		default:
 			got = abi.Methods[test.method].String()
 		}
 		if got != test.expectation {
@@ -98,6 +100,7 @@ func TestMethodString(t *testing.T) {
 }
 
 func TestMethodSig(t *testing.T) {
+	t.Parallel()
 	var cases = []struct {
 		method string
 		expect string

accounts/abi/pack.go

@@ -57,7 +57,7 @@ func packElement(t Type, reflectValue reflect.Value) ([]byte, error) {
 			reflectValue = mustArrayToByteSlice(reflectValue)
 		}
 		if reflectValue.Type() != reflect.TypeOf([]byte{}) {
-			return []byte{}, errors.New("Bytes type is neither slice nor array")
+			return []byte{}, errors.New("bytes type is neither slice nor array")
 		}
 		return packBytesSlice(reflectValue.Bytes(), reflectValue.Len()), nil
 	case FixedBytesTy, FunctionTy:
@@ -66,7 +66,7 @@ func packElement(t Type, reflectValue reflect.Value) ([]byte, error) {
 		}
 		return common.RightPadBytes(reflectValue.Bytes(), 32), nil
 	default:
-		return []byte{}, fmt.Errorf("Could not pack element, unknown type: %v", t.T)
+		return []byte{}, fmt.Errorf("could not pack element, unknown type: %v", t.T)
 	}
 }
 

accounts/abi/pack_test.go

@@ -32,8 +32,11 @@ import (
 
 // TestPack tests the general pack/unpack tests in packing_test.go
 func TestPack(t *testing.T) {
+	t.Parallel()
 	for i, test := range packUnpackTests {
+		i, test := i, test
 		t.Run(strconv.Itoa(i), func(t *testing.T) {
+			t.Parallel()
 			encb, err := hex.DecodeString(test.packed)
 			if err != nil {
 				t.Fatalf("invalid hex %s: %v", test.packed, err)
@@ -57,6 +60,7 @@ func TestPack(t *testing.T) {
 }
 
 func TestMethodPack(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(jsondata))
 	if err != nil {
 		t.Fatal(err)
@@ -177,6 +181,7 @@ func TestMethodPack(t *testing.T) {
 }
 
 func TestPackNumber(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		value  reflect.Value
 		packed []byte

accounts/abi/reflect.go

@@ -134,7 +134,7 @@ func setSlice(dst, src reflect.Value) error {
 		dst.Set(slice)
 		return nil
 	}
-	return errors.New("Cannot set slice, destination not settable")
+	return errors.New("cannot set slice, destination not settable")
 }
 
 func setArray(dst, src reflect.Value) error {
@@ -155,7 +155,7 @@ func setArray(dst, src reflect.Value) error {
 		dst.Set(array)
 		return nil
 	}
-	return errors.New("Cannot set array, destination not settable")
+	return errors.New("cannot set array, destination not settable")
 }
 
 func setStruct(dst, src reflect.Value) error {
@@ -163,7 +163,7 @@ func setStruct(dst, src reflect.Value) error {
 		srcField := src.Field(i)
 		dstField := dst.Field(i)
 		if !dstField.IsValid() || !srcField.IsValid() {
-			return fmt.Errorf("Could not find src field: %v value: %v in destination", srcField.Type().Name(), srcField)
+			return fmt.Errorf("could not find src field: %v value: %v in destination", srcField.Type().Name(), srcField)
 		}
 		if err := set(dstField, srcField); err != nil {
 			return err
@@ -228,7 +228,7 @@ func mapArgNamesToStructFields(argNames []string, value reflect.Value) (map[stri
 		structFieldName := ToCamelCase(argName)
 
 		if structFieldName == "" {
-			return nil, fmt.Errorf("abi: purely underscored output cannot unpack to struct")
+			return nil, errors.New("abi: purely underscored output cannot unpack to struct")
 		}
 
 		// this abi has already been paired, skip it... unless there exists another, yet unassigned

accounts/abi/reflect_test.go

@@ -170,8 +170,11 @@ var reflectTests = []reflectTest{
 }
 
 func TestReflectNameToStruct(t *testing.T) {
+	t.Parallel()
 	for _, test := range reflectTests {
+		test := test
 		t.Run(test.name, func(t *testing.T) {
+			t.Parallel()
 			m, err := mapArgNamesToStructFields(test.args, reflect.ValueOf(test.struc))
 			if len(test.err) > 0 {
 				if err == nil || err.Error() != test.err {
@@ -192,6 +195,7 @@ func TestReflectNameToStruct(t *testing.T) {
 }
 
 func TestConvertType(t *testing.T) {
+	t.Parallel()
 	// Test Basic Struct
 	type T struct {
 		X *big.Int

accounts/abi/selector_parser.go

@@ -17,6 +17,7 @@
 package abi
 
 import (
+	"errors"
 	"fmt"
 )
 
@@ -40,7 +41,7 @@ func isIdentifierSymbol(c byte) bool {
 
 func parseToken(unescapedSelector string, isIdent bool) (string, string, error) {
 	if len(unescapedSelector) == 0 {
-		return "", "", fmt.Errorf("empty token")
+		return "", "", errors.New("empty token")
 	}
 	firstChar := unescapedSelector[0]
 	position := 1
@@ -110,7 +111,7 @@ func parseCompositeType(unescapedSelector string) ([]interface{}, string, error)
 
 func parseType(unescapedSelector string) (interface{}, string, error) {
 	if len(unescapedSelector) == 0 {
-		return nil, "", fmt.Errorf("empty type")
+		return nil, "", errors.New("empty type")
 	}
 	if unescapedSelector[0] == '(' {
 		return parseCompositeType(unescapedSelector)

accounts/abi/selector_parser_test.go

@@ -24,6 +24,7 @@ import (
 )
 
 func TestParseSelector(t *testing.T) {
+	t.Parallel()
 	mkType := func(types ...interface{}) []ArgumentMarshaling {
 		var result []ArgumentMarshaling
 		for i, typeOrComponents := range types {

accounts/abi/topics.go

@@ -75,7 +75,7 @@ func MakeTopics(query ...[]interface{}) ([][]common.Hash, error) {
 				copy(topic[:], hash[:])
 
 			default:
-				// todo(rjl493456442) according solidity documentation, indexed event
+				// todo(rjl493456442) according to solidity documentation, indexed event
 				// parameters that are not value types i.e. arrays and structs are not
 				// stored directly but instead a keccak256-hash of an encoding is stored.
 				//

accounts/abi/topics_test.go

@@ -26,6 +26,7 @@ import (
 )
 
 func TestMakeTopics(t *testing.T) {
+	t.Parallel()
 	type args struct {
 		query [][]interface{}
 	}
@@ -117,7 +118,9 @@ func TestMakeTopics(t *testing.T) {
 		},
 	}
 	for _, tt := range tests {
+		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
 			got, err := MakeTopics(tt.args.query...)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("makeTopics() error = %v, wantErr %v", err, tt.wantErr)
@@ -347,10 +350,13 @@ func setupTopicsTests() []topicTest {
 }
 
 func TestParseTopics(t *testing.T) {
+	t.Parallel()
 	tests := setupTopicsTests()
 
 	for _, tt := range tests {
+		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
 			createObj := tt.args.createObj()
 			if err := ParseTopics(createObj, tt.args.fields, tt.args.topics); (err != nil) != tt.wantErr {
 				t.Errorf("parseTopics() error = %v, wantErr %v", err, tt.wantErr)
@@ -364,10 +370,13 @@ func TestParseTopics(t *testing.T) {
 }
 
 func TestParseTopicsIntoMap(t *testing.T) {
+	t.Parallel()
 	tests := setupTopicsTests()
 
 	for _, tt := range tests {
+		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
 			outMap := make(map[string]interface{})
 			if err := ParseTopicsIntoMap(outMap, tt.args.fields, tt.args.topics); (err != nil) != tt.wantErr {
 				t.Errorf("parseTopicsIntoMap() error = %v, wantErr %v", err, tt.wantErr)

accounts/abi/type.go

@@ -70,7 +70,7 @@ var (
 func NewType(t string, internalType string, components []ArgumentMarshaling) (typ Type, err error) {
 	// check that array brackets are equal if they exist
 	if strings.Count(t, "[") != strings.Count(t, "]") {
-		return Type{}, fmt.Errorf("invalid arg type in abi")
+		return Type{}, errors.New("invalid arg type in abi")
 	}
 	typ.stringKind = t
 
@@ -109,7 +109,7 @@ func NewType(t string, internalType string, components []ArgumentMarshaling) (ty
 			}
 			typ.stringKind = embeddedType.stringKind + sliced
 		} else {
-			return Type{}, fmt.Errorf("invalid formatting of array type")
+			return Type{}, errors.New("invalid formatting of array type")
 		}
 		return typ, err
 	}
@@ -348,7 +348,7 @@ func (t Type) pack(v reflect.Value) ([]byte, error) {
 	}
 }
 
-// requireLengthPrefix returns whether the type requires any sort of length
+// requiresLengthPrefix returns whether the type requires any sort of length
 // prefixing.
 func (t Type) requiresLengthPrefix() bool {
 	return t.T == StringTy || t.T == BytesTy || t.T == SliceTy

accounts/abi/type_test.go

@@ -31,6 +31,7 @@ type typeWithoutStringer Type
 
 // Tests that all allowed types get recognized by the type parser.
 func TestTypeRegexp(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		blob       string
 		components []ArgumentMarshaling
@@ -117,6 +118,7 @@ func TestTypeRegexp(t *testing.T) {
 }
 
 func TestTypeCheck(t *testing.T) {
+	t.Parallel()
 	for i, test := range []struct {
 		typ        string
 		components []ArgumentMarshaling
@@ -308,6 +310,7 @@ func TestTypeCheck(t *testing.T) {
 }
 
 func TestInternalType(t *testing.T) {
+	t.Parallel()
 	components := []ArgumentMarshaling{{Name: "a", Type: "int64"}}
 	internalType := "struct a.b[]"
 	kind := Type{
@@ -332,6 +335,7 @@ func TestInternalType(t *testing.T) {
 }
 
 func TestGetTypeSize(t *testing.T) {
+	t.Parallel()
 	var testCases = []struct {
 		typ        string
 		components []ArgumentMarshaling
@@ -368,6 +372,7 @@ func TestGetTypeSize(t *testing.T) {
 }
 
 func TestNewFixedBytesOver32(t *testing.T) {
+	t.Parallel()
 	_, err := NewType("bytes4096", "", nil)
 	if err == nil {
 		t.Errorf("fixed bytes with size over 32 is not spec'd")

accounts/abi/unpack.go

@@ -18,6 +18,7 @@ package abi
 
 import (
 	"encoding/binary"
+	"errors"
 	"fmt"
 	"math"
 	"math/big"
@@ -125,7 +126,7 @@ func readBool(word []byte) (bool, error) {
 // readFunctionType enforces that standard by always presenting it as a 24-array (address + sig = 24 bytes)
 func readFunctionType(t Type, word []byte) (funcTy [24]byte, err error) {
 	if t.T != FunctionTy {
-		return [24]byte{}, fmt.Errorf("abi: invalid type in call to make function type byte array")
+		return [24]byte{}, errors.New("abi: invalid type in call to make function type byte array")
 	}
 	if garbage := binary.BigEndian.Uint64(word[24:32]); garbage != 0 {
 		err = fmt.Errorf("abi: got improperly encoded function type, got %v", word)
@@ -138,7 +139,7 @@ func readFunctionType(t Type, word []byte) (funcTy [24]byte, err error) {
 // ReadFixedBytes uses reflection to create a fixed array to be read from.
 func ReadFixedBytes(t Type, word []byte) (interface{}, error) {
 	if t.T != FixedBytesTy {
-		return nil, fmt.Errorf("abi: invalid type in call to make fixed byte array")
+		return nil, errors.New("abi: invalid type in call to make fixed byte array")
 	}
 	// convert
 	array := reflect.New(t.GetType()).Elem()
@@ -159,14 +160,15 @@ func forEachUnpack(t Type, output []byte, start, size int) (interface{}, error)
 	// this value will become our slice or our array, depending on the type
 	var refSlice reflect.Value
 
-	if t.T == SliceTy {
+	switch t.T {
+	case SliceTy:
 		// declare our slice
 		refSlice = reflect.MakeSlice(t.GetType(), size, size)
-	} else if t.T == ArrayTy {
+	case ArrayTy:
 		// declare our array
 		refSlice = reflect.New(t.GetType()).Elem()
-	} else {
-		return nil, fmt.Errorf("abi: invalid type in array/slice unpacking stage")
+	default:
+		return nil, errors.New("abi: invalid type in array/slice unpacking stage")
 	}
 
 	// Arrays have packed elements, resulting in longer unpack steps.

accounts/abi/unpack_test.go

@@ -33,6 +33,7 @@ import (
 
 // TestUnpack tests the general pack/unpack tests in packing_test.go
 func TestUnpack(t *testing.T) {
+	t.Parallel()
 	for i, test := range packUnpackTests {
 		t.Run(strconv.Itoa(i)+" "+test.def, func(t *testing.T) {
 			//Unpack
@@ -206,13 +207,13 @@ var unpackTests = []unpackTest{
 		def:  `[{"type":"bool"}]`,
 		enc:  "",
 		want: false,
-		err:  "abi: attempting to unmarshall an empty string while arguments are expected",
+		err:  "abi: attempting to unmarshal an empty string while arguments are expected",
 	},
 	{
 		def:  `[{"type":"bytes32","indexed":true},{"type":"uint256","indexed":false}]`,
 		enc:  "",
 		want: false,
-		err:  "abi: attempting to unmarshall an empty string while arguments are expected",
+		err:  "abi: attempting to unmarshal an empty string while arguments are expected",
 	},
 	{
 		def:  `[{"type":"bool","indexed":true},{"type":"uint64","indexed":true}]`,
@@ -224,6 +225,7 @@ var unpackTests = []unpackTest{
 // TestLocalUnpackTests runs test specially designed only for unpacking.
 // All test cases that can be used to test packing and unpacking should move to packing_test.go
 func TestLocalUnpackTests(t *testing.T) {
+	t.Parallel()
 	for i, test := range unpackTests {
 		t.Run(strconv.Itoa(i), func(t *testing.T) {
 			//Unpack
@@ -251,6 +253,7 @@ func TestLocalUnpackTests(t *testing.T) {
 }
 
 func TestUnpackIntoInterfaceSetDynamicArrayOutput(t *testing.T) {
+	t.Parallel()
 	abi, err := JSON(strings.NewReader(`[{"constant":true,"inputs":[],"name":"testDynamicFixedBytes15","outputs":[{"name":"","type":"bytes15[]"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"testDynamicFixedBytes32","outputs":[{"name":"","type":"bytes32[]"}],"payable":false,"stateMutability":"view","type":"function"}]`))
 	if err != nil {
 		t.Fatal(err)
@@ -321,6 +324,7 @@ func methodMultiReturn(require *require.Assertions) (ABI, []byte, methodMultiOut
 }
 
 func TestMethodMultiReturn(t *testing.T) {
+	t.Parallel()
 	type reversed struct {
 		String string
 		Int    *big.Int
@@ -400,6 +404,7 @@ func TestMethodMultiReturn(t *testing.T) {
 }
 
 func TestMultiReturnWithArray(t *testing.T) {
+	t.Parallel()
 	const definition = `[{"name" : "multi", "type": "function", "outputs": [{"type": "uint64[3]"}, {"type": "uint64"}]}]`
 	abi, err := JSON(strings.NewReader(definition))
 	if err != nil {
@@ -423,6 +428,7 @@ func TestMultiReturnWithArray(t *testing.T) {
 }
 
 func TestMultiReturnWithStringArray(t *testing.T) {
+	t.Parallel()
 	const definition = `[{"name" : "multi", "type": "function", "outputs": [{"name": "","type": "uint256[3]"},{"name": "","type": "address"},{"name": "","type": "string[2]"},{"name": "","type": "bool"}]}]`
 	abi, err := JSON(strings.NewReader(definition))
 	if err != nil {
@@ -453,6 +459,7 @@ func TestMultiReturnWithStringArray(t *testing.T) {
 }
 
 func TestMultiReturnWithStringSlice(t *testing.T) {
+	t.Parallel()
 	const definition = `[{"name" : "multi", "type": "function", "outputs": [{"name": "","type": "string[]"},{"name": "","type": "uint256[]"}]}]`
 	abi, err := JSON(strings.NewReader(definition))
 	if err != nil {
@@ -485,6 +492,7 @@ func TestMultiReturnWithStringSlice(t *testing.T) {
 }
 
 func TestMultiReturnWithDeeplyNestedArray(t *testing.T) {
+	t.Parallel()
 	// Similar to TestMultiReturnWithArray, but with a special case in mind:
 	//  values of nested static arrays count towards the size as well, and any element following
 	//  after such nested array argument should be read with the correct offset,
@@ -525,6 +533,7 @@ func TestMultiReturnWithDeeplyNestedArray(t *testing.T) {
 }
 
 func TestUnmarshal(t *testing.T) {
+	t.Parallel()
 	const definition = `[
 	{ "name" : "int", "type": "function", "outputs": [ { "type": "uint256" } ] },
 	{ "name" : "bool", "type": "function", "outputs": [ { "type": "bool" } ] },
@@ -774,6 +783,7 @@ func TestUnmarshal(t *testing.T) {
 }
 
 func TestUnpackTuple(t *testing.T) {
+	t.Parallel()
 	const simpleTuple = `[{"name":"tuple","type":"function","outputs":[{"type":"tuple","name":"ret","components":[{"type":"int256","name":"a"},{"type":"int256","name":"b"}]}]}]`
 	abi, err := JSON(strings.NewReader(simpleTuple))
 	if err != nil {
@@ -876,6 +886,7 @@ func TestUnpackTuple(t *testing.T) {
 }
 
 func TestOOMMaliciousInput(t *testing.T) {
+	t.Parallel()
 	oomTests := []unpackTest{
 		{
 			def: `[{"type": "uint8[]"}]`,
@@ -946,6 +957,7 @@ func TestOOMMaliciousInput(t *testing.T) {
 }
 
 func TestPackAndUnpackIncompatibleNumber(t *testing.T) {
+	t.Parallel()
 	var encodeABI Arguments
 	uint256Ty, err := NewType("uint256", "", nil)
 	if err != nil {

accounts/accounts_test.go

@@ -24,6 +24,7 @@ import (
 )
 
 func TestTextHash(t *testing.T) {
+	t.Parallel()
 	hash := TextHash([]byte("Hello Joe"))
 	want := hexutil.MustDecode("0xa080337ae51c4e064c189e113edd0ba391df9206e2f49db658bb32cf2911730b")
 	if !bytes.Equal(hash, want) {

accounts/external/backend.go

@@ -17,6 +17,7 @@
 package external
 
 import (
+	"errors"
 	"fmt"
 	"math/big"
 	"sync"
@@ -98,11 +99,11 @@ func (api *ExternalSigner) Status() (string, error) {
 }
 
 func (api *ExternalSigner) Open(passphrase string) error {
-	return fmt.Errorf("operation not supported on external signers")
+	return errors.New("operation not supported on external signers")
 }
 
 func (api *ExternalSigner) Close() error {
-	return fmt.Errorf("operation not supported on external signers")
+	return errors.New("operation not supported on external signers")
 }
 
 func (api *ExternalSigner) Accounts() []accounts.Account {
@@ -145,7 +146,7 @@ func (api *ExternalSigner) Contains(account accounts.Account) bool {
 }
 
 func (api *ExternalSigner) Derive(path accounts.DerivationPath, pin bool) (accounts.Account, error) {
-	return accounts.Account{}, fmt.Errorf("operation not supported on external signers")
+	return accounts.Account{}, errors.New("operation not supported on external signers")
 }
 
 func (api *ExternalSigner) SelfDerive(bases []accounts.DerivationPath, chain ethereum.ChainStateReader) {
@@ -242,14 +243,14 @@ func (api *ExternalSigner) SignTx(account accounts.Account, tx *types.Transactio
 }
 
 func (api *ExternalSigner) SignTextWithPassphrase(account accounts.Account, passphrase string, text []byte) ([]byte, error) {
-	return []byte{}, fmt.Errorf("password-operations not supported on external signers")
+	return []byte{}, errors.New("password-operations not supported on external signers")
 }
 
 func (api *ExternalSigner) SignTxWithPassphrase(account accounts.Account, passphrase string, tx *types.Transaction, chainID *big.Int) (*types.Transaction, error) {
-	return nil, fmt.Errorf("password-operations not supported on external signers")
+	return nil, errors.New("password-operations not supported on external signers")
 }
 func (api *ExternalSigner) SignDataWithPassphrase(account accounts.Account, passphrase, mimeType string, data []byte) ([]byte, error) {
-	return nil, fmt.Errorf("password-operations not supported on external signers")
+	return nil, errors.New("password-operations not supported on external signers")
 }
 
 func (api *ExternalSigner) listAccounts() ([]common.Address, error) {

accounts/hd_test.go

@@ -25,6 +25,7 @@ import (
 // Tests that HD derivation paths can be correctly parsed into our internal binary
 // representation.
 func TestHDPathParsing(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		input  string
 		output DerivationPath
@@ -89,6 +90,7 @@ func testDerive(t *testing.T, next func() DerivationPath, expected []string) {
 }
 
 func TestHdPathIteration(t *testing.T) {
+	t.Parallel()
 	testDerive(t, DefaultIterator(DefaultBaseDerivationPath),
 		[]string{
 			"m/44'/60'/0'/0/0", "m/44'/60'/0'/0/1",

accounts/keystore/account_cache.go

@@ -31,6 +31,7 @@ import (
 	"github.com/ethereum/go-ethereum/accounts"
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/log"
+	"golang.org/x/exp/slices"
 )
 
 // Minimum amount of time between cache reloads. This limit applies if the platform does
@@ -38,11 +39,10 @@ import (
 // exist yet, the code will attempt to create a watcher at most this often.
 const minReloadInterval = 2 * time.Second
 
-type accountsByURL []accounts.Account
-
-func (s accountsByURL) Len() int           { return len(s) }
-func (s accountsByURL) Less(i, j int) bool { return s[i].URL.Cmp(s[j].URL) < 0 }
-func (s accountsByURL) Swap(i, j int)      { s[i], s[j] = s[j], s[i] }
+// byURL defines the sorting order for accounts.
+func byURL(a, b accounts.Account) int {
+	return a.URL.Cmp(b.URL)
+}
 
 // AmbiguousAddrError is returned when attempting to unlock
 // an address for which more than one file exists.
@@ -67,7 +67,7 @@ type accountCache struct {
 	keydir   string
 	watcher  *watcher
 	mu       sync.Mutex
-	all      accountsByURL
+	all      []accounts.Account
 	byAddr   map[common.Address][]accounts.Account
 	throttle *time.Timer
 	notify   chan struct{}
@@ -194,7 +194,7 @@ func (ac *accountCache) find(a accounts.Account) (accounts.Account, error) {
 	default:
 		err := &AmbiguousAddrError{Addr: a.Address, Matches: make([]accounts.Account, len(matches))}
 		copy(err.Matches, matches)
-		sort.Sort(accountsByURL(err.Matches))
+		slices.SortFunc(err.Matches, byURL)
 		return accounts.Account{}, err
 	}
 }

accounts/keystore/account_cache_test.go

@@ -17,12 +17,12 @@
 package keystore
 
 import (
+	"errors"
 	"fmt"
 	"math/rand"
 	"os"
 	"path/filepath"
 	"reflect"
-	"sort"
 	"testing"
 	"time"
 
@@ -30,6 +30,7 @@ import (
 	"github.com/davecgh/go-spew/spew"
 	"github.com/ethereum/go-ethereum/accounts"
 	"github.com/ethereum/go-ethereum/common"
+	"golang.org/x/exp/slices"
 )
 
 var (
@@ -67,14 +68,14 @@ func waitWatcherStart(ks *KeyStore) bool {
 
 func waitForAccounts(wantAccounts []accounts.Account, ks *KeyStore) error {
 	var list []accounts.Account
-	for t0 := time.Now(); time.Since(t0) < 5*time.Second; time.Sleep(200 * time.Millisecond) {
+	for t0 := time.Now(); time.Since(t0) < 5*time.Second; time.Sleep(100 * time.Millisecond) {
 		list = ks.Accounts()
 		if reflect.DeepEqual(list, wantAccounts) {
 			// ks should have also received change notifications
 			select {
 			case <-ks.changes:
 			default:
-				return fmt.Errorf("wasn't notified of new accounts")
+				return errors.New("wasn't notified of new accounts")
 			}
 			return nil
 		}
@@ -113,7 +114,6 @@ func TestWatchNewFile(t *testing.T) {
 func TestWatchNoDir(t *testing.T) {
 	t.Parallel()
 	// Create ks but not the directory that it watches.
-	rand.Seed(time.Now().UnixNano())
 	dir := filepath.Join(os.TempDir(), fmt.Sprintf("eth-keystore-watchnodir-test-%d-%d", os.Getpid(), rand.Int()))
 	ks := NewKeyStore(dir, LightScryptN, LightScryptP)
 	list := ks.Accounts()
@@ -152,6 +152,7 @@ func TestWatchNoDir(t *testing.T) {
 }
 
 func TestCacheInitialReload(t *testing.T) {
+	t.Parallel()
 	cache, _ := newAccountCache(cachetestDir)
 	accounts := cache.accounts()
 	if !reflect.DeepEqual(accounts, cachetestAccounts) {
@@ -160,6 +161,7 @@ func TestCacheInitialReload(t *testing.T) {
 }
 
 func TestCacheAddDeleteOrder(t *testing.T) {
+	t.Parallel()
 	cache, _ := newAccountCache("testdata/no-such-dir")
 	cache.watcher.running = true // prevent unexpected reloads
 
@@ -203,7 +205,7 @@ func TestCacheAddDeleteOrder(t *testing.T) {
 	// Check that the account list is sorted by filename.
 	wantAccounts := make([]accounts.Account, len(accs))
 	copy(wantAccounts, accs)
-	sort.Sort(accountsByURL(wantAccounts))
+	slices.SortFunc(wantAccounts, byURL)
 	list := cache.accounts()
 	if !reflect.DeepEqual(list, wantAccounts) {
 		t.Fatalf("got accounts: %s\nwant %s", spew.Sdump(accs), spew.Sdump(wantAccounts))
@@ -244,6 +246,7 @@ func TestCacheAddDeleteOrder(t *testing.T) {
 }
 
 func TestCacheFind(t *testing.T) {
+	t.Parallel()
 	dir := filepath.Join("testdata", "dir")
 	cache, _ := newAccountCache(dir)
 	cache.watcher.running = true // prevent unexpected reloads
@@ -322,7 +325,6 @@ func TestUpdatedKeyfileContents(t *testing.T) {
 	t.Parallel()
 
 	// Create a temporary keystore to test with
-	rand.Seed(time.Now().UnixNano())
 	dir := filepath.Join(os.TempDir(), fmt.Sprintf("eth-keystore-updatedkeyfilecontents-test-%d-%d", os.Getpid(), rand.Int()))
 	ks := NewKeyStore(dir, LightScryptN, LightScryptP)
 
@@ -351,7 +353,7 @@ func TestUpdatedKeyfileContents(t *testing.T) {
 		return
 	}
 	// needed so that modTime of `file` is different to its current value after forceCopyFile
-	time.Sleep(time.Second)
+	os.Chtimes(file, time.Now().Add(-time.Second), time.Now().Add(-time.Second))
 
 	// Now replace file contents
 	if err := forceCopyFile(file, cachetestAccounts[1].URL.Path); err != nil {
@@ -367,7 +369,7 @@ func TestUpdatedKeyfileContents(t *testing.T) {
 	}
 
 	// needed so that modTime of `file` is different to its current value after forceCopyFile
-	time.Sleep(time.Second)
+	os.Chtimes(file, time.Now().Add(-time.Second), time.Now().Add(-time.Second))
 
 	// Now replace file contents again
 	if err := forceCopyFile(file, cachetestAccounts[2].URL.Path); err != nil {
@@ -383,7 +385,7 @@ func TestUpdatedKeyfileContents(t *testing.T) {
 	}
 
 	// needed so that modTime of `file` is different to its current value after os.WriteFile
-	time.Sleep(time.Second)
+	os.Chtimes(file, time.Now().Add(-time.Second), time.Now().Add(-time.Second))
 
 	// Now replace file contents with crap
 	if err := os.WriteFile(file, []byte("foo"), 0600); err != nil {

accounts/keystore/keystore_fuzzing_test.go

@@ -0,0 +1,34 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package keystore
+
+import (
+	"testing"
+)
+
+func FuzzPassword(f *testing.F) {
+	f.Fuzz(func(t *testing.T, password string) {
+		ks := NewKeyStore(t.TempDir(), LightScryptN, LightScryptP)
+		a, err := ks.NewAccount(password)
+		if err != nil {
+			t.Fatal(err)
+		}
+		if err := ks.Unlock(a, password); err != nil {
+			t.Fatal(err)
+		}
+	})
+}

accounts/keystore/keystore_test.go

@@ -20,7 +20,6 @@ import (
 	"math/rand"
 	"os"
 	"runtime"
-	"sort"
 	"strings"
 	"sync"
 	"sync/atomic"
@@ -31,11 +30,13 @@ import (
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/event"
+	"golang.org/x/exp/slices"
 )
 
 var testSigData = make([]byte, 32)
 
 func TestKeyStore(t *testing.T) {
+	t.Parallel()
 	dir, ks := tmpKeyStore(t, true)
 
 	a, err := ks.NewAccount("foo")
@@ -70,6 +71,7 @@ func TestKeyStore(t *testing.T) {
 }
 
 func TestSign(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, true)
 
 	pass := "" // not used but required by API
@@ -86,6 +88,7 @@ func TestSign(t *testing.T) {
 }
 
 func TestSignWithPassphrase(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, true)
 
 	pass := "passwd"
@@ -280,6 +283,7 @@ type walletEvent struct {
 // Tests that wallet notifications and correctly fired when accounts are added
 // or deleted from the keystore.
 func TestWalletNotifications(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, false)
 
 	// Subscribe to the wallet feed and collect events.
@@ -341,6 +345,7 @@ func TestWalletNotifications(t *testing.T) {
 
 // TestImportExport tests the import functionality of a keystore.
 func TestImportECDSA(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, true)
 	key, err := crypto.GenerateKey()
 	if err != nil {
@@ -359,6 +364,7 @@ func TestImportECDSA(t *testing.T) {
 
 // TestImportECDSA tests the import and export functionality of a keystore.
 func TestImportExport(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, true)
 	acc, err := ks.NewAccount("old")
 	if err != nil {
@@ -387,6 +393,7 @@ func TestImportExport(t *testing.T) {
 // TestImportRace tests the keystore on races.
 // This test should fail under -race if importing races.
 func TestImportRace(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStore(t, true)
 	acc, err := ks.NewAccount("old")
 	if err != nil {
@@ -397,19 +404,19 @@ func TestImportRace(t *testing.T) {
 		t.Fatalf("failed to export account: %v", acc)
 	}
 	_, ks2 := tmpKeyStore(t, true)
-	var atom uint32
+	var atom atomic.Uint32
 	var wg sync.WaitGroup
 	wg.Add(2)
 	for i := 0; i < 2; i++ {
 		go func() {
 			defer wg.Done()
 			if _, err := ks2.Import(json, "new", "new"); err != nil {
-				atomic.AddUint32(&atom, 1)
+				atom.Add(1)
 			}
 		}()
 	}
 	wg.Wait()
-	if atom != 1 {
+	if atom.Load() != 1 {
 		t.Errorf("Import is racy")
 	}
 }
@@ -424,7 +431,7 @@ func checkAccounts(t *testing.T, live map[common.Address]accounts.Account, walle
 	for _, account := range live {
 		liveList = append(liveList, account)
 	}
-	sort.Sort(accountsByURL(liveList))
+	slices.SortFunc(liveList, byURL)
 	for j, wallet := range wallets {
 		if accs := wallet.Accounts(); len(accs) != 1 {
 			t.Errorf("wallet %d: contains invalid number of accounts: have %d, want 1", j, len(accs))

accounts/keystore/passphrase.go

@@ -225,10 +225,13 @@ func DecryptKey(keyjson []byte, auth string) (*Key, error) {
 	if err != nil {
 		return nil, err
 	}
-	key := crypto.ToECDSAUnsafe(keyBytes)
+	key, err := crypto.ToECDSA(keyBytes)
+	if err != nil {
+		return nil, fmt.Errorf("invalid key: %w", err)
+	}
 	id, err := uuid.FromBytes(keyId)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("invalid UUID: %w", err)
 	}
 	return &Key{
 		Id:         id,

accounts/keystore/passphrase_test.go

@@ -30,6 +30,7 @@ const (
 
 // Tests that a json key file can be decrypted and encrypted in multiple rounds.
 func TestKeyEncryptDecrypt(t *testing.T) {
+	t.Parallel()
 	keyjson, err := os.ReadFile("testdata/very-light-scrypt.json")
 	if err != nil {
 		t.Fatal(err)
@@ -54,7 +55,7 @@ func TestKeyEncryptDecrypt(t *testing.T) {
 		// Recrypt with a new password and start over
 		password += "new data appended" // nolint: gosec
 		if keyjson, err = EncryptKey(key, password, veryLightScryptN, veryLightScryptP); err != nil {
-			t.Errorf("test %d: failed to recrypt key %v", i, err)
+			t.Errorf("test %d: failed to re-encrypt key %v", i, err)
 		}
 	}
 }

accounts/keystore/plain_test.go

@@ -40,6 +40,7 @@ func tmpKeyStoreIface(t *testing.T, encrypted bool) (dir string, ks keyStore) {
 }
 
 func TestKeyStorePlain(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStoreIface(t, false)
 
 	pass := "" // not used but required by API
@@ -60,6 +61,7 @@ func TestKeyStorePlain(t *testing.T) {
 }
 
 func TestKeyStorePassphrase(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStoreIface(t, true)
 
 	pass := "foo"
@@ -80,6 +82,7 @@ func TestKeyStorePassphrase(t *testing.T) {
 }
 
 func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
+	t.Parallel()
 	_, ks := tmpKeyStoreIface(t, true)
 
 	pass := "foo"
@@ -93,6 +96,7 @@ func TestKeyStorePassphraseDecryptionFail(t *testing.T) {
 }
 
 func TestImportPreSaleKey(t *testing.T) {
+	t.Parallel()
 	dir, ks := tmpKeyStoreIface(t, true)
 
 	// file content of a presale key file generated with:

accounts/keystore/watch.go

@@ -20,6 +20,7 @@
 package keystore
 
 import (
+	"os"
 	"time"
 
 	"github.com/ethereum/go-ethereum/log"
@@ -77,7 +78,9 @@ func (w *watcher) loop() {
 	}
 	defer watcher.Close()
 	if err := watcher.Add(w.ac.keydir); err != nil {
-		logger.Warn("Failed to watch keystore folder", "err", err)
+		if !os.IsNotExist(err) {
+			logger.Warn("Failed to watch keystore folder", "err", err)
+		}
 		return
 	}
 
@@ -122,7 +125,7 @@ func (w *watcher) loop() {
 			if !ok {
 				return
 			}
-			log.Info("Filsystem watcher error", "err", err)
+			log.Info("Filesystem watcher error", "err", err)
 		case <-debounce.C:
 			w.ac.scanAccounts()
 			rescanTriggered = false

accounts/scwallet/README.md

@@ -8,7 +8,7 @@
 
 ## Preparing the smartcard
 
-  **WARNING: FOILLOWING THESE INSTRUCTIONS WILL DESTROY THE MASTER KEY ON YOUR CARD. ONLY PROCEED IF NO FUNDS ARE ASSOCIATED WITH THESE ACCOUNTS**
+  **WARNING: FOLLOWING THESE INSTRUCTIONS WILL DESTROY THE MASTER KEY ON YOUR CARD. ONLY PROCEED IF NO FUNDS ARE ASSOCIATED WITH THESE ACCOUNTS**
 
   You can use status' [keycard-cli](https://github.com/status-im/keycard-cli) and you should get _at least_ version 2.1.1 of their [smartcard application](https://github.com/status-im/status-keycard/releases/download/2.2.1/keycard_v2.2.1.cap)
 

accounts/scwallet/securechannel.go

@@ -24,6 +24,7 @@ import (
 	"crypto/rand"
 	"crypto/sha256"
 	"crypto/sha512"
+	"errors"
 	"fmt"
 
 	"github.com/ethereum/go-ethereum/crypto"
@@ -125,7 +126,7 @@ func (s *SecureChannelSession) Pair(pairingPassword []byte) error {
 // Unpair disestablishes an existing pairing.
 func (s *SecureChannelSession) Unpair() error {
 	if s.PairingKey == nil {
-		return fmt.Errorf("cannot unpair: not paired")
+		return errors.New("cannot unpair: not paired")
 	}
 
 	_, err := s.transmitEncrypted(claSCWallet, insUnpair, s.PairingIndex, 0, []byte{})
@@ -141,7 +142,7 @@ func (s *SecureChannelSession) Unpair() error {
 // Open initializes the secure channel.
 func (s *SecureChannelSession) Open() error {
 	if s.iv != nil {
-		return fmt.Errorf("session already opened")
+		return errors.New("session already opened")
 	}
 
 	response, err := s.open()
@@ -215,7 +216,7 @@ func (s *SecureChannelSession) pair(p1 uint8, data []byte) (*responseAPDU, error
 // transmitEncrypted sends an encrypted message, and decrypts and returns the response.
 func (s *SecureChannelSession) transmitEncrypted(cla, ins, p1, p2 byte, data []byte) (*responseAPDU, error) {
 	if s.iv == nil {
-		return nil, fmt.Errorf("channel not open")
+		return nil, errors.New("channel not open")
 	}
 
 	data, err := s.encryptAPDU(data)
@@ -254,7 +255,7 @@ func (s *SecureChannelSession) transmitEncrypted(cla, ins, p1, p2 byte, data []b
 		return nil, err
 	}
 	if !bytes.Equal(s.iv, rmac) {
-		return nil, fmt.Errorf("invalid MAC in response")
+		return nil, errors.New("invalid MAC in response")
 	}
 
 	rapdu := &responseAPDU{}
@@ -319,7 +320,7 @@ func unpad(data []byte, terminator byte) ([]byte, error) {
 			return nil, fmt.Errorf("expected end of padding, got %d", data[len(data)-i])
 		}
 	}
-	return nil, fmt.Errorf("expected end of padding, got 0")
+	return nil, errors.New("expected end of padding, got 0")
 }
 
 // updateIV is an internal method that updates the initialization vector after

accounts/scwallet/wallet.go

@@ -252,7 +252,7 @@ func (w *Wallet) release() error {
 // with the wallet.
 func (w *Wallet) pair(puk []byte) error {
 	if w.session.paired() {
-		return fmt.Errorf("wallet already paired")
+		return errors.New("wallet already paired")
 	}
 	pairing, err := w.session.pair(puk)
 	if err != nil {
@@ -776,16 +776,16 @@ func (w *Wallet) findAccountPath(account accounts.Account) (accounts.DerivationP
 		return nil, fmt.Errorf("scheme %s does not match wallet scheme %s", account.URL.Scheme, w.Hub.scheme)
 	}
 
-	parts := strings.SplitN(account.URL.Path, "/", 2)
-	if len(parts) != 2 {
+	url, path, found := strings.Cut(account.URL.Path, "/")
+	if !found {
 		return nil, fmt.Errorf("invalid URL format: %s", account.URL)
 	}
 
-	if parts[0] != fmt.Sprintf("%x", w.PublicKey[1:3]) {
+	if url != fmt.Sprintf("%x", w.PublicKey[1:3]) {
 		return nil, fmt.Errorf("URL %s is not for this wallet", account.URL)
 	}
 
-	return accounts.ParseDerivationPath(parts[1])
+	return accounts.ParseDerivationPath(path)
 }
 
 // Session represents a secured communication session with the wallet.
@@ -813,7 +813,7 @@ func (s *Session) pair(secret []byte) (smartcardPairing, error) {
 // unpair deletes an existing pairing.
 func (s *Session) unpair() error {
 	if !s.verified {
-		return fmt.Errorf("unpair requires that the PIN be verified")
+		return errors.New("unpair requires that the PIN be verified")
 	}
 	return s.Channel.Unpair()
 }
@@ -907,7 +907,7 @@ func (s *Session) initialize(seed []byte) error {
 		return err
 	}
 	if status == "Online" {
-		return fmt.Errorf("card is already initialized, cowardly refusing to proceed")
+		return errors.New("card is already initialized, cowardly refusing to proceed")
 	}
 
 	s.Wallet.lock.Lock()

accounts/url_test.go

@@ -21,6 +21,7 @@ import (
 )
 
 func TestURLParsing(t *testing.T) {
+	t.Parallel()
 	url, err := parseURL("https://ethereum.org")
 	if err != nil {
 		t.Errorf("unexpected error: %v", err)
@@ -40,6 +41,7 @@ func TestURLParsing(t *testing.T) {
 }
 
 func TestURLString(t *testing.T) {
+	t.Parallel()
 	url := URL{Scheme: "https", Path: "ethereum.org"}
 	if url.String() != "https://ethereum.org" {
 		t.Errorf("expected: %v, got: %v", "https://ethereum.org", url.String())
@@ -52,10 +54,11 @@ func TestURLString(t *testing.T) {
 }
 
 func TestURLMarshalJSON(t *testing.T) {
+	t.Parallel()
 	url := URL{Scheme: "https", Path: "ethereum.org"}
 	json, err := url.MarshalJSON()
 	if err != nil {
-		t.Errorf("unexpcted error: %v", err)
+		t.Errorf("unexpected error: %v", err)
 	}
 	if string(json) != "\"https://ethereum.org\"" {
 		t.Errorf("expected: %v, got: %v", "\"https://ethereum.org\"", string(json))
@@ -63,10 +66,11 @@ func TestURLMarshalJSON(t *testing.T) {
 }
 
 func TestURLUnmarshalJSON(t *testing.T) {
+	t.Parallel()
 	url := &URL{}
 	err := url.UnmarshalJSON([]byte("\"https://ethereum.org\""))
 	if err != nil {
-		t.Errorf("unexpcted error: %v", err)
+		t.Errorf("unexpected error: %v", err)
 	}
 	if url.Scheme != "https" {
 		t.Errorf("expected: %v, got: %v", "https", url.Scheme)
@@ -77,6 +81,7 @@ func TestURLUnmarshalJSON(t *testing.T) {
 }
 
 func TestURLComparison(t *testing.T) {
+	t.Parallel()
 	tests := []struct {
 		urlA   URL
 		urlB   URL

accounts/usbwallet/hub.go

@@ -63,9 +63,9 @@ type Hub struct {
 	stateLock sync.RWMutex // Protects the internals of the hub from racey access
 
 	// TODO(karalabe): remove if hotplug lands on Windows
-	commsPend int        // Number of operations blocking enumeration
-	commsLock sync.Mutex // Lock protecting the pending counter and enumeration
-	enumFails uint32     // Number of times enumeration has failed
+	commsPend int           // Number of operations blocking enumeration
+	commsLock sync.Mutex    // Lock protecting the pending counter and enumeration
+	enumFails atomic.Uint32 // Number of times enumeration has failed
 }
 
 // NewLedgerHub creates a new hardware wallet manager for Ledger devices.
@@ -151,7 +151,7 @@ func (hub *Hub) refreshWallets() {
 		return
 	}
 	// If USB enumeration is continually failing, don't keep trying indefinitely
-	if atomic.LoadUint32(&hub.enumFails) > 2 {
+	if hub.enumFails.Load() > 2 {
 		return
 	}
 	// Retrieve the current list of USB wallet devices
@@ -172,7 +172,7 @@ func (hub *Hub) refreshWallets() {
 	}
 	infos, err := usb.Enumerate(hub.vendorID, 0)
 	if err != nil {
-		failcount := atomic.AddUint32(&hub.enumFails, 1)
+		failcount := hub.enumFails.Add(1)
 		if runtime.GOOS == "linux" {
 			// See rationale before the enumeration why this is needed and only on Linux.
 			hub.commsLock.Unlock()
@@ -181,7 +181,7 @@ func (hub *Hub) refreshWallets() {
 			"vendor", hub.vendorID, "failcount", failcount, "err", err)
 		return
 	}
-	atomic.StoreUint32(&hub.enumFails, 0)
+	hub.enumFails.Store(0)
 
 	for _, info := range infos {
 		for _, id := range hub.productIDs {

accounts/usbwallet/ledger.go

@@ -59,6 +59,8 @@ const (
 	ledgerP1InitTransactionData     ledgerParam1 = 0x00 // First transaction data block for signing
 	ledgerP1ContTransactionData     ledgerParam1 = 0x80 // Subsequent transaction data block for signing
 	ledgerP2DiscardAddressChainCode ledgerParam2 = 0x00 // Do not return the chain code along with the address
+
+	ledgerEip155Size int = 3 // Size of the EIP-155 chain_id,r,s in unsigned transactions
 )
 
 // errLedgerReplyInvalidHeader is the error message returned by a Ledger data exchange
@@ -347,9 +349,15 @@ func (w *ledgerDriver) ledgerSign(derivationPath []uint32, tx *types.Transaction
 		op    = ledgerP1InitTransactionData
 		reply []byte
 	)
+
+	// Chunk size selection to mitigate an underlying RLP deserialization issue on the ledger app.
+	// https://github.com/LedgerHQ/app-ethereum/issues/409
+	chunk := 255
+	for ; len(payload)%chunk <= ledgerEip155Size; chunk-- {
+	}
+
 	for len(payload) > 0 {
 		// Calculate the size of the next data chunk
-		chunk := 255
 		if chunk > len(payload) {
 			chunk = len(payload)
 		}

accounts/usbwallet/wallet.go

@@ -624,7 +624,7 @@ func (w *wallet) SignTx(account accounts.Account, tx *types.Transaction, chainID
 	return signed, nil
 }
 
-// SignHashWithPassphrase implements accounts.Wallet, however signing arbitrary
+// SignTextWithPassphrase implements accounts.Wallet, however signing arbitrary
 // data is not supported for Ledger wallets, so this method will always return
 // an error.
 func (w *wallet) SignTextWithPassphrase(account accounts.Account, passphrase string, text []byte) ([]byte, error) {

appveyor.yml

@@ -26,7 +26,7 @@ for:
       - go run build/ci.go lint
       - go run build/ci.go install -dlgo
     test_script:
-      - go run build/ci.go test -dlgo -coverage
+      - go run build/ci.go test -dlgo
 
   # linux/386 is disabled.
   - matrix:
@@ -54,4 +54,4 @@ for:
       - go run build/ci.go archive -arch %GETH_ARCH% -type zip -signer WINDOWS_SIGNING_KEY -upload gethstore/builds
       - go run build/ci.go nsis -arch %GETH_ARCH% -signer WINDOWS_SIGNING_KEY -upload gethstore/builds
     test_script:
-      - go run build/ci.go test -dlgo -arch %GETH_ARCH% -cc %GETH_CC% -coverage
+      - go run build/ci.go test -dlgo -arch %GETH_ARCH% -cc %GETH_CC% -short

beacon/engine/errors.go

@@ -74,13 +74,13 @@ var (
 	//   - newPayloadV1: if the payload was accepted, but not processed (side chain)
 	ACCEPTED = "ACCEPTED"
 
-	INVALIDBLOCKHASH = "INVALID_BLOCK_HASH"
-
 	GenericServerError       = &EngineAPIError{code: -32000, msg: "Server error"}
 	UnknownPayload           = &EngineAPIError{code: -38001, msg: "Unknown payload"}
 	InvalidForkChoiceState   = &EngineAPIError{code: -38002, msg: "Invalid forkchoice state"}
 	InvalidPayloadAttributes = &EngineAPIError{code: -38003, msg: "Invalid payload attributes"}
+	TooLargeRequest          = &EngineAPIError{code: -38004, msg: "Too large request"}
 	InvalidParams            = &EngineAPIError{code: -32602, msg: "Invalid parameters"}
+	UnsupportedFork          = &EngineAPIError{code: -38005, msg: "Unsupported fork"}
 
 	STATUS_INVALID         = ForkChoiceResponse{PayloadStatus: PayloadStatusV1{Status: INVALID}, PayloadID: nil}
 	STATUS_SYNCING         = ForkChoiceResponse{PayloadStatus: PayloadStatusV1{Status: SYNCING}, PayloadID: nil}

beacon/engine/gen_blockparams.go

@@ -20,12 +20,14 @@ func (p PayloadAttributes) MarshalJSON() ([]byte, error) {
 		Random                common.Hash         `json:"prevRandao"            gencodec:"required"`
 		SuggestedFeeRecipient common.Address      `json:"suggestedFeeRecipient" gencodec:"required"`
 		Withdrawals           []*types.Withdrawal `json:"withdrawals"`
+		BeaconRoot            *common.Hash        `json:"parentBeaconBlockRoot"`
 	}
 	var enc PayloadAttributes
 	enc.Timestamp = hexutil.Uint64(p.Timestamp)
 	enc.Random = p.Random
 	enc.SuggestedFeeRecipient = p.SuggestedFeeRecipient
 	enc.Withdrawals = p.Withdrawals
+	enc.BeaconRoot = p.BeaconRoot
 	return json.Marshal(&enc)
 }
 
@@ -36,6 +38,7 @@ func (p *PayloadAttributes) UnmarshalJSON(input []byte) error {
 		Random                *common.Hash        `json:"prevRandao"            gencodec:"required"`
 		SuggestedFeeRecipient *common.Address     `json:"suggestedFeeRecipient" gencodec:"required"`
 		Withdrawals           []*types.Withdrawal `json:"withdrawals"`
+		BeaconRoot            *common.Hash        `json:"parentBeaconBlockRoot"`
 	}
 	var dec PayloadAttributes
 	if err := json.Unmarshal(input, &dec); err != nil {
@@ -56,5 +59,8 @@ func (p *PayloadAttributes) UnmarshalJSON(input []byte) error {
 	if dec.Withdrawals != nil {
 		p.Withdrawals = dec.Withdrawals
 	}
+	if dec.BeaconRoot != nil {
+		p.BeaconRoot = dec.BeaconRoot
+	}
 	return nil
 }

beacon/engine/gen_ed.go

@@ -32,6 +32,8 @@ func (e ExecutableData) MarshalJSON() ([]byte, error) {
 		BlockHash     common.Hash         `json:"blockHash"     gencodec:"required"`
 		Transactions  []hexutil.Bytes     `json:"transactions"  gencodec:"required"`
 		Withdrawals   []*types.Withdrawal `json:"withdrawals"`
+		BlobGasUsed   *hexutil.Uint64     `json:"blobGasUsed"`
+		ExcessBlobGas *hexutil.Uint64     `json:"excessBlobGas"`
 	}
 	var enc ExecutableData
 	enc.ParentHash = e.ParentHash
@@ -54,6 +56,8 @@ func (e ExecutableData) MarshalJSON() ([]byte, error) {
 		}
 	}
 	enc.Withdrawals = e.Withdrawals
+	enc.BlobGasUsed = (*hexutil.Uint64)(e.BlobGasUsed)
+	enc.ExcessBlobGas = (*hexutil.Uint64)(e.ExcessBlobGas)
 	return json.Marshal(&enc)
 }
 
@@ -75,6 +79,8 @@ func (e *ExecutableData) UnmarshalJSON(input []byte) error {
 		BlockHash     *common.Hash        `json:"blockHash"     gencodec:"required"`
 		Transactions  []hexutil.Bytes     `json:"transactions"  gencodec:"required"`
 		Withdrawals   []*types.Withdrawal `json:"withdrawals"`
+		BlobGasUsed   *hexutil.Uint64     `json:"blobGasUsed"`
+		ExcessBlobGas *hexutil.Uint64     `json:"excessBlobGas"`
 	}
 	var dec ExecutableData
 	if err := json.Unmarshal(input, &dec); err != nil {
@@ -142,5 +148,11 @@ func (e *ExecutableData) UnmarshalJSON(input []byte) error {
 	if dec.Withdrawals != nil {
 		e.Withdrawals = dec.Withdrawals
 	}
+	if dec.BlobGasUsed != nil {
+		e.BlobGasUsed = (*uint64)(dec.BlobGasUsed)
+	}
+	if dec.ExcessBlobGas != nil {
+		e.ExcessBlobGas = (*uint64)(dec.ExcessBlobGas)
+	}
 	return nil
 }

beacon/engine/gen_epe.go

@@ -17,10 +17,14 @@ func (e ExecutionPayloadEnvelope) MarshalJSON() ([]byte, error) {
 	type ExecutionPayloadEnvelope struct {
 		ExecutionPayload *ExecutableData `json:"executionPayload"  gencodec:"required"`
 		BlockValue       *hexutil.Big    `json:"blockValue"  gencodec:"required"`
+		BlobsBundle      *BlobsBundleV1  `json:"blobsBundle"`
+		Override         bool            `json:"shouldOverrideBuilder"`
 	}
 	var enc ExecutionPayloadEnvelope
 	enc.ExecutionPayload = e.ExecutionPayload
 	enc.BlockValue = (*hexutil.Big)(e.BlockValue)
+	enc.BlobsBundle = e.BlobsBundle
+	enc.Override = e.Override
 	return json.Marshal(&enc)
 }
 
@@ -29,6 +33,8 @@ func (e *ExecutionPayloadEnvelope) UnmarshalJSON(input []byte) error {
 	type ExecutionPayloadEnvelope struct {
 		ExecutionPayload *ExecutableData `json:"executionPayload"  gencodec:"required"`
 		BlockValue       *hexutil.Big    `json:"blockValue"  gencodec:"required"`
+		BlobsBundle      *BlobsBundleV1  `json:"blobsBundle"`
+		Override         *bool           `json:"shouldOverrideBuilder"`
 	}
 	var dec ExecutionPayloadEnvelope
 	if err := json.Unmarshal(input, &dec); err != nil {
@@ -42,5 +48,11 @@ func (e *ExecutionPayloadEnvelope) UnmarshalJSON(input []byte) error {
 		return errors.New("missing required field 'blockValue' for ExecutionPayloadEnvelope")
 	}
 	e.BlockValue = (*big.Int)(dec.BlockValue)
+	if dec.BlobsBundle != nil {
+		e.BlobsBundle = dec.BlobsBundle
+	}
+	if dec.Override != nil {
+		e.Override = *dec.Override
+	}
 	return nil
 }

beacon/engine/types.go

@@ -35,6 +35,7 @@ type PayloadAttributes struct {
 	Random                common.Hash         `json:"prevRandao"            gencodec:"required"`
 	SuggestedFeeRecipient common.Address      `json:"suggestedFeeRecipient" gencodec:"required"`
 	Withdrawals           []*types.Withdrawal `json:"withdrawals"`
+	BeaconRoot            *common.Hash        `json:"parentBeaconBlockRoot"`
 }
 
 // JSON type overrides for PayloadAttributes.
@@ -61,6 +62,8 @@ type ExecutableData struct {
 	BlockHash     common.Hash         `json:"blockHash"     gencodec:"required"`
 	Transactions  [][]byte            `json:"transactions"  gencodec:"required"`
 	Withdrawals   []*types.Withdrawal `json:"withdrawals"`
+	BlobGasUsed   *uint64             `json:"blobGasUsed"`
+	ExcessBlobGas *uint64             `json:"excessBlobGas"`
 }
 
 // JSON type overrides for executableData.
@@ -73,6 +76,8 @@ type executableDataMarshaling struct {
 	ExtraData     hexutil.Bytes
 	LogsBloom     hexutil.Bytes
 	Transactions  []hexutil.Bytes
+	BlobGasUsed   *hexutil.Uint64
+	ExcessBlobGas *hexutil.Uint64
 }
 
 //go:generate go run github.com/fjl/gencodec -type ExecutionPayloadEnvelope -field-override executionPayloadEnvelopeMarshaling -out gen_epe.go
@@ -80,6 +85,14 @@ type executableDataMarshaling struct {
 type ExecutionPayloadEnvelope struct {
 	ExecutionPayload *ExecutableData `json:"executionPayload"  gencodec:"required"`
 	BlockValue       *big.Int        `json:"blockValue"  gencodec:"required"`
+	BlobsBundle      *BlobsBundleV1  `json:"blobsBundle"`
+	Override         bool            `json:"shouldOverrideBuilder"`
+}
+
+type BlobsBundleV1 struct {
+	Commitments []hexutil.Bytes `json:"commitments"`
+	Proofs      []hexutil.Bytes `json:"proofs"`
+	Blobs       []hexutil.Bytes `json:"blobs"`
 }
 
 // JSON type overrides for ExecutionPayloadEnvelope.
@@ -152,14 +165,15 @@ func decodeTransactions(enc [][]byte) ([]*types.Transaction, error) {
 // ExecutableDataToBlock constructs a block from executable data.
 // It verifies that the following fields:
 //
-//	len(extraData) <= 32
-//	uncleHash = emptyUncleHash
-//	difficulty = 0
+//		len(extraData) <= 32
+//		uncleHash = emptyUncleHash
+//		difficulty = 0
+//	 	if versionedHashes != nil, versionedHashes match to blob transactions
 //
 // and that the blockhash of the constructed block matches the parameters. Nil
 // Withdrawals value will propagate through the returned block. Empty
 // Withdrawals value must be passed via non-nil, length 0 value in params.
-func ExecutableDataToBlock(params ExecutableData) (*types.Block, error) {
+func ExecutableDataToBlock(params ExecutableData, versionedHashes []common.Hash, beaconRoot *common.Hash) (*types.Block, error) {
 	txs, err := decodeTransactions(params.Transactions)
 	if err != nil {
 		return nil, err
@@ -174,6 +188,18 @@ func ExecutableDataToBlock(params ExecutableData) (*types.Block, error) {
 	if params.BaseFeePerGas != nil && (params.BaseFeePerGas.Sign() == -1 || params.BaseFeePerGas.BitLen() > 256) {
 		return nil, fmt.Errorf("invalid baseFeePerGas: %v", params.BaseFeePerGas)
 	}
+	var blobHashes []common.Hash
+	for _, tx := range txs {
+		blobHashes = append(blobHashes, tx.BlobHashes()...)
+	}
+	if len(blobHashes) != len(versionedHashes) {
+		return nil, fmt.Errorf("invalid number of versionedHashes: %v blobHashes: %v", versionedHashes, blobHashes)
+	}
+	for i := 0; i < len(blobHashes); i++ {
+		if blobHashes[i] != versionedHashes[i] {
+			return nil, fmt.Errorf("invalid versionedHash at %v: %v blobHashes: %v", i, versionedHashes, blobHashes)
+		}
+	}
 	// Only set withdrawalsRoot if it is non-nil. This allows CLs to use
 	// ExecutableData before withdrawals are enabled by marshaling
 	// Withdrawals as the json null value.
@@ -183,22 +209,25 @@ func ExecutableDataToBlock(params ExecutableData) (*types.Block, error) {
 		withdrawalsRoot = &h
 	}
 	header := &types.Header{
-		ParentHash:      params.ParentHash,
-		UncleHash:       types.EmptyUncleHash,
-		Coinbase:        params.FeeRecipient,
-		Root:            params.StateRoot,
-		TxHash:          types.DeriveSha(types.Transactions(txs), trie.NewStackTrie(nil)),
-		ReceiptHash:     params.ReceiptsRoot,
-		Bloom:           types.BytesToBloom(params.LogsBloom),
-		Difficulty:      common.Big0,
-		Number:          new(big.Int).SetUint64(params.Number),
-		GasLimit:        params.GasLimit,
-		GasUsed:         params.GasUsed,
-		Time:            params.Timestamp,
-		BaseFee:         params.BaseFeePerGas,
-		Extra:           params.ExtraData,
-		MixDigest:       params.Random,
-		WithdrawalsHash: withdrawalsRoot,
+		ParentHash:       params.ParentHash,
+		UncleHash:        types.EmptyUncleHash,
+		Coinbase:         params.FeeRecipient,
+		Root:             params.StateRoot,
+		TxHash:           types.DeriveSha(types.Transactions(txs), trie.NewStackTrie(nil)),
+		ReceiptHash:      params.ReceiptsRoot,
+		Bloom:            types.BytesToBloom(params.LogsBloom),
+		Difficulty:       common.Big0,
+		Number:           new(big.Int).SetUint64(params.Number),
+		GasLimit:         params.GasLimit,
+		GasUsed:          params.GasUsed,
+		Time:             params.Timestamp,
+		BaseFee:          params.BaseFeePerGas,
+		Extra:            params.ExtraData,
+		MixDigest:        params.Random,
+		WithdrawalsHash:  withdrawalsRoot,
+		ExcessBlobGas:    params.ExcessBlobGas,
+		BlobGasUsed:      params.BlobGasUsed,
+		ParentBeaconRoot: beaconRoot,
 	}
 	block := types.NewBlockWithHeader(header).WithBody(txs, nil /* uncles */).WithWithdrawals(params.Withdrawals)
 	if block.Hash() != params.BlockHash {
@@ -209,7 +238,7 @@ func ExecutableDataToBlock(params ExecutableData) (*types.Block, error) {
 
 // BlockToExecutableData constructs the ExecutableData structure by filling the
 // fields from the given block. It assumes the given block is post-merge block.
-func BlockToExecutableData(block *types.Block, fees *big.Int) *ExecutionPayloadEnvelope {
+func BlockToExecutableData(block *types.Block, fees *big.Int, sidecars []*types.BlobTxSidecar) *ExecutionPayloadEnvelope {
 	data := &ExecutableData{
 		BlockHash:     block.Hash(),
 		ParentHash:    block.ParentHash(),
@@ -226,12 +255,26 @@ func BlockToExecutableData(block *types.Block, fees *big.Int) *ExecutionPayloadE
 		Random:        block.MixDigest(),
 		ExtraData:     block.Extra(),
 		Withdrawals:   block.Withdrawals(),
+		BlobGasUsed:   block.BlobGasUsed(),
+		ExcessBlobGas: block.ExcessBlobGas(),
 	}
-	return &ExecutionPayloadEnvelope{ExecutionPayload: data, BlockValue: fees}
+	bundle := BlobsBundleV1{
+		Commitments: make([]hexutil.Bytes, 0),
+		Blobs:       make([]hexutil.Bytes, 0),
+		Proofs:      make([]hexutil.Bytes, 0),
+	}
+	for _, sidecar := range sidecars {
+		for j := range sidecar.Blobs {
+			bundle.Blobs = append(bundle.Blobs, hexutil.Bytes(sidecar.Blobs[j][:]))
+			bundle.Commitments = append(bundle.Commitments, hexutil.Bytes(sidecar.Commitments[j][:]))
+			bundle.Proofs = append(bundle.Proofs, hexutil.Bytes(sidecar.Proofs[j][:]))
+		}
+	}
+	return &ExecutionPayloadEnvelope{ExecutionPayload: data, BlockValue: fees, BlobsBundle: &bundle, Override: false}
 }
 
 // ExecutionPayloadBodyV1 is used in the response to GetPayloadBodiesByHashV1 and GetPayloadBodiesByRangeV1
 type ExecutionPayloadBodyV1 struct {
 	TransactionData []hexutil.Bytes     `json:"transactions"`
-	Withdrawals     []*types.Withdrawal `json:"withdrawals,omitempty"`
+	Withdrawals     []*types.Withdrawal `json:"withdrawals"`
 }

beacon/light/canonical.go

@@ -0,0 +1,125 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package light
+
+import (
+	"encoding/binary"
+	"fmt"
+
+	"github.com/ethereum/go-ethereum/common/lru"
+	"github.com/ethereum/go-ethereum/ethdb"
+	"github.com/ethereum/go-ethereum/log"
+	"github.com/ethereum/go-ethereum/rlp"
+)
+
+// canonicalStore stores instances of the given type in a database and caches
+// them in memory, associated with a continuous range of period numbers.
+// Note: canonicalStore is not thread safe and it is the caller's responsibility
+// to avoid concurrent access.
+type canonicalStore[T any] struct {
+	keyPrefix []byte
+	periods   periodRange
+	cache     *lru.Cache[uint64, T]
+}
+
+// newCanonicalStore creates a new canonicalStore and loads all keys associated
+// with the keyPrefix in order to determine the ranges available in the database.
+func newCanonicalStore[T any](db ethdb.Iteratee, keyPrefix []byte) (*canonicalStore[T], error) {
+	cs := &canonicalStore[T]{
+		keyPrefix: keyPrefix,
+		cache:     lru.NewCache[uint64, T](100),
+	}
+	var (
+		iter  = db.NewIterator(keyPrefix, nil)
+		kl    = len(keyPrefix)
+		first = true
+	)
+	defer iter.Release()
+
+	for iter.Next() {
+		if len(iter.Key()) != kl+8 {
+			log.Warn("Invalid key length in the canonical chain database", "key", fmt.Sprintf("%#x", iter.Key()))
+			continue
+		}
+		period := binary.BigEndian.Uint64(iter.Key()[kl : kl+8])
+		if first {
+			cs.periods.Start = period
+		} else if cs.periods.End != period {
+			return nil, fmt.Errorf("gap in the canonical chain database between periods %d and %d", cs.periods.End, period-1)
+		}
+		first = false
+		cs.periods.End = period + 1
+	}
+	return cs, nil
+}
+
+// databaseKey returns the database key belonging to the given period.
+func (cs *canonicalStore[T]) databaseKey(period uint64) []byte {
+	return binary.BigEndian.AppendUint64(append([]byte{}, cs.keyPrefix...), period)
+}
+
+// add adds the given item to the database. It also ensures that the range remains
+// continuous. Can be used either with a batch or database backend.
+func (cs *canonicalStore[T]) add(backend ethdb.KeyValueWriter, period uint64, value T) error {
+	if !cs.periods.canExpand(period) {
+		return fmt.Errorf("period expansion is not allowed, first: %d, next: %d, period: %d", cs.periods.Start, cs.periods.End, period)
+	}
+	enc, err := rlp.EncodeToBytes(value)
+	if err != nil {
+		return err
+	}
+	if err := backend.Put(cs.databaseKey(period), enc); err != nil {
+		return err
+	}
+	cs.cache.Add(period, value)
+	cs.periods.expand(period)
+	return nil
+}
+
+// deleteFrom removes items starting from the given period.
+func (cs *canonicalStore[T]) deleteFrom(db ethdb.KeyValueWriter, fromPeriod uint64) (deleted periodRange) {
+	keepRange, deleteRange := cs.periods.split(fromPeriod)
+	deleteRange.each(func(period uint64) {
+		db.Delete(cs.databaseKey(period))
+		cs.cache.Remove(period)
+	})
+	cs.periods = keepRange
+	return deleteRange
+}
+
+// get returns the item at the given period or the null value of the given type
+// if no item is present.
+func (cs *canonicalStore[T]) get(backend ethdb.KeyValueReader, period uint64) (T, bool) {
+	var null, value T
+	if !cs.periods.contains(period) {
+		return null, false
+	}
+	if value, ok := cs.cache.Get(period); ok {
+		return value, true
+	}
+	enc, err := backend.Get(cs.databaseKey(period))
+	if err != nil {
+		log.Error("Canonical store value not found", "period", period, "start", cs.periods.Start, "end", cs.periods.End)
+		return null, false
+	}
+	if err := rlp.DecodeBytes(enc, &value); err != nil {
+		log.Error("Error decoding canonical store value", "error", err)
+		return null, false
+	}
+	cs.cache.Add(period, value)
+	return value, true
+}

beacon/light/committee_chain.go

@@ -0,0 +1,514 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package light
+
+import (
+	"errors"
+	"fmt"
+	"math"
+	"sync"
+	"time"
+
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/beacon/types"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/lru"
+	"github.com/ethereum/go-ethereum/common/mclock"
+	"github.com/ethereum/go-ethereum/core/rawdb"
+	"github.com/ethereum/go-ethereum/ethdb"
+	"github.com/ethereum/go-ethereum/log"
+)
+
+var (
+	ErrNeedCommittee      = errors.New("sync committee required")
+	ErrInvalidUpdate      = errors.New("invalid committee update")
+	ErrInvalidPeriod      = errors.New("invalid update period")
+	ErrWrongCommitteeRoot = errors.New("wrong committee root")
+	ErrCannotReorg        = errors.New("can not reorg committee chain")
+)
+
+// CommitteeChain is a passive data structure that can validate, hold and update
+// a chain of beacon light sync committees and updates. It requires at least one
+// externally set fixed committee root at the beginning of the chain which can
+// be set either based on a BootstrapData or a trusted source (a local beacon
+// full node). This makes the structure useful for both light client and light
+// server setups.
+//
+// It always maintains the following consistency constraints:
+//   - a committee can only be present if its root hash matches an existing fixed
+//     root or if it is proven by an update at the previous period
+//   - an update can only be present if a committee is present at the same period
+//     and the update signature is valid and has enough participants.
+//     The committee at the next period (proven by the update) should also be
+//     present (note that this means they can only be added together if neither
+//     is present yet). If a fixed root is present at the next period then the
+//     update can only be present if it proves the same committee root.
+//
+// Once synced to the current sync period, CommitteeChain can also validate
+// signed beacon headers.
+type CommitteeChain struct {
+	// chainmu guards against concurrent access to the canonicalStore structures
+	// (updates, committees, fixedCommitteeRoots) and ensures that they stay consistent
+	// with each other and with committeeCache.
+	chainmu             sync.RWMutex
+	db                  ethdb.KeyValueStore
+	updates             *canonicalStore[*types.LightClientUpdate]
+	committees          *canonicalStore[*types.SerializedSyncCommittee]
+	fixedCommitteeRoots *canonicalStore[common.Hash]
+	committeeCache      *lru.Cache[uint64, syncCommittee] // cache deserialized committees
+
+	clock       mclock.Clock         // monotonic clock (simulated clock in tests)
+	unixNano    func() int64         // system clock (simulated clock in tests)
+	sigVerifier committeeSigVerifier // BLS sig verifier (dummy verifier in tests)
+
+	config             *types.ChainConfig
+	signerThreshold    int
+	minimumUpdateScore types.UpdateScore
+	enforceTime        bool // enforceTime specifies whether the age of a signed header should be checked
+}
+
+// NewCommitteeChain creates a new CommitteeChain.
+func NewCommitteeChain(db ethdb.KeyValueStore, config *types.ChainConfig, signerThreshold int, enforceTime bool) *CommitteeChain {
+	return newCommitteeChain(db, config, signerThreshold, enforceTime, blsVerifier{}, &mclock.System{}, func() int64 { return time.Now().UnixNano() })
+}
+
+// newCommitteeChain creates a new CommitteeChain with the option of replacing the
+// clock source and signature verification for testing purposes.
+func newCommitteeChain(db ethdb.KeyValueStore, config *types.ChainConfig, signerThreshold int, enforceTime bool, sigVerifier committeeSigVerifier, clock mclock.Clock, unixNano func() int64) *CommitteeChain {
+	s := &CommitteeChain{
+		committeeCache:  lru.NewCache[uint64, syncCommittee](10),
+		db:              db,
+		sigVerifier:     sigVerifier,
+		clock:           clock,
+		unixNano:        unixNano,
+		config:          config,
+		signerThreshold: signerThreshold,
+		enforceTime:     enforceTime,
+		minimumUpdateScore: types.UpdateScore{
+			SignerCount:    uint32(signerThreshold),
+			SubPeriodIndex: params.SyncPeriodLength / 16,
+		},
+	}
+
+	var err1, err2, err3 error
+	if s.fixedCommitteeRoots, err1 = newCanonicalStore[common.Hash](db, rawdb.FixedCommitteeRootKey); err1 != nil {
+		log.Error("Error creating fixed committee root store", "error", err1)
+	}
+	if s.committees, err2 = newCanonicalStore[*types.SerializedSyncCommittee](db, rawdb.SyncCommitteeKey); err2 != nil {
+		log.Error("Error creating committee store", "error", err2)
+	}
+	if s.updates, err3 = newCanonicalStore[*types.LightClientUpdate](db, rawdb.BestUpdateKey); err3 != nil {
+		log.Error("Error creating update store", "error", err3)
+	}
+	if err1 != nil || err2 != nil || err3 != nil || !s.checkConstraints() {
+		log.Info("Resetting invalid committee chain")
+		s.Reset()
+	}
+	// roll back invalid updates (might be necessary if forks have been changed since last time)
+	for !s.updates.periods.isEmpty() {
+		update, ok := s.updates.get(s.db, s.updates.periods.End-1)
+		if !ok {
+			log.Error("Sync committee update missing", "period", s.updates.periods.End-1)
+			s.Reset()
+			break
+		}
+		if valid, err := s.verifyUpdate(update); err != nil {
+			log.Error("Error validating update", "period", s.updates.periods.End-1, "error", err)
+		} else if valid {
+			break
+		}
+		if err := s.rollback(s.updates.periods.End); err != nil {
+			log.Error("Error writing batch into chain database", "error", err)
+		}
+	}
+	if !s.committees.periods.isEmpty() {
+		log.Trace("Sync committee chain loaded", "first period", s.committees.periods.Start, "last period", s.committees.periods.End-1)
+	}
+	return s
+}
+
+// checkConstraints checks committee chain validity constraints
+func (s *CommitteeChain) checkConstraints() bool {
+	isNotInFixedCommitteeRootRange := func(r periodRange) bool {
+		return s.fixedCommitteeRoots.periods.isEmpty() ||
+			r.Start < s.fixedCommitteeRoots.periods.Start ||
+			r.Start >= s.fixedCommitteeRoots.periods.End
+	}
+
+	valid := true
+	if !s.updates.periods.isEmpty() {
+		if isNotInFixedCommitteeRootRange(s.updates.periods) {
+			log.Error("Start update is not in the fixed roots range")
+			valid = false
+		}
+		if s.committees.periods.Start > s.updates.periods.Start || s.committees.periods.End <= s.updates.periods.End {
+			log.Error("Missing committees in update range")
+			valid = false
+		}
+	}
+	if !s.committees.periods.isEmpty() {
+		if isNotInFixedCommitteeRootRange(s.committees.periods) {
+			log.Error("Start committee is not in the fixed roots range")
+			valid = false
+		}
+		if s.committees.periods.End > s.fixedCommitteeRoots.periods.End && s.committees.periods.End > s.updates.periods.End+1 {
+			log.Error("Last committee is neither in the fixed roots range nor proven by updates")
+			valid = false
+		}
+	}
+	return valid
+}
+
+// Reset resets the committee chain.
+func (s *CommitteeChain) Reset() {
+	s.chainmu.Lock()
+	defer s.chainmu.Unlock()
+
+	if err := s.rollback(0); err != nil {
+		log.Error("Error writing batch into chain database", "error", err)
+	}
+}
+
+// CheckpointInit initializes a CommitteeChain based on the checkpoint.
+// Note: if the chain is already initialized and the committees proven by the
+// checkpoint do match the existing chain then the chain is retained and the
+// new checkpoint becomes fixed.
+func (s *CommitteeChain) CheckpointInit(bootstrap *types.BootstrapData) error {
+	s.chainmu.Lock()
+	defer s.chainmu.Unlock()
+
+	if err := bootstrap.Validate(); err != nil {
+		return err
+	}
+
+	period := bootstrap.Header.SyncPeriod()
+	if err := s.deleteFixedCommitteeRootsFrom(period + 2); err != nil {
+		s.Reset()
+		return err
+	}
+	if s.addFixedCommitteeRoot(period, bootstrap.CommitteeRoot) != nil {
+		s.Reset()
+		if err := s.addFixedCommitteeRoot(period, bootstrap.CommitteeRoot); err != nil {
+			s.Reset()
+			return err
+		}
+	}
+	if err := s.addFixedCommitteeRoot(period+1, common.Hash(bootstrap.CommitteeBranch[0])); err != nil {
+		s.Reset()
+		return err
+	}
+	if err := s.addCommittee(period, bootstrap.Committee); err != nil {
+		s.Reset()
+		return err
+	}
+	return nil
+}
+
+// addFixedCommitteeRoot sets a fixed committee root at the given period.
+// Note that the period where the first committee is added has to have a fixed
+// root which can either come from a BootstrapData or a trusted source.
+func (s *CommitteeChain) addFixedCommitteeRoot(period uint64, root common.Hash) error {
+	if root == (common.Hash{}) {
+		return ErrWrongCommitteeRoot
+	}
+
+	batch := s.db.NewBatch()
+	oldRoot := s.getCommitteeRoot(period)
+	if !s.fixedCommitteeRoots.periods.canExpand(period) {
+		// Note: the fixed committee root range should always be continuous and
+		// therefore the expected syncing method is to forward sync and optionally
+		// backward sync periods one by one, starting from a checkpoint. The only
+		// case when a root that is not adjacent to the already fixed ones can be
+		// fixed is when the same root has already been proven by an update chain.
+		// In this case the all roots in between can and should be fixed.
+		// This scenario makes sense when a new trusted checkpoint is added to an
+		// existing chain, ensuring that it will not be rolled back (might be
+		// important in case of low signer participation rate).
+		if root != oldRoot {
+			return ErrInvalidPeriod
+		}
+		// if the old root exists and matches the new one then it is guaranteed
+		// that the given period is after the existing fixed range and the roots
+		// in between can also be fixed.
+		for p := s.fixedCommitteeRoots.periods.End; p < period; p++ {
+			if err := s.fixedCommitteeRoots.add(batch, p, s.getCommitteeRoot(p)); err != nil {
+				return err
+			}
+		}
+	}
+	if oldRoot != (common.Hash{}) && (oldRoot != root) {
+		// existing old root was different, we have to reorg the chain
+		if err := s.rollback(period); err != nil {
+			return err
+		}
+	}
+	if err := s.fixedCommitteeRoots.add(batch, period, root); err != nil {
+		return err
+	}
+	if err := batch.Write(); err != nil {
+		log.Error("Error writing batch into chain database", "error", err)
+		return err
+	}
+	return nil
+}
+
+// deleteFixedCommitteeRootsFrom deletes fixed roots starting from the given period.
+// It also maintains chain consistency, meaning that it also deletes updates and
+// committees if they are no longer supported by a valid update chain.
+func (s *CommitteeChain) deleteFixedCommitteeRootsFrom(period uint64) error {
+	if period >= s.fixedCommitteeRoots.periods.End {
+		return nil
+	}
+	batch := s.db.NewBatch()
+	s.fixedCommitteeRoots.deleteFrom(batch, period)
+	if s.updates.periods.isEmpty() || period <= s.updates.periods.Start {
+		// Note: the first period of the update chain should always be fixed so if
+		// the fixed root at the first update is removed then the entire update chain
+		// and the proven committees have to be removed. Earlier committees in the
+		// remaining fixed root range can stay.
+		s.updates.deleteFrom(batch, period)
+		s.deleteCommitteesFrom(batch, period)
+	} else {
+		// The update chain stays intact, some previously fixed committee roots might
+		// get unfixed but are still proven by the update chain. If there were
+		// committees present after the range proven by updates, those should be
+		// removed if the belonging fixed roots are also removed.
+		fromPeriod := s.updates.periods.End + 1 // not proven by updates
+		if period > fromPeriod {
+			fromPeriod = period // also not justified by fixed roots
+		}
+		s.deleteCommitteesFrom(batch, fromPeriod)
+	}
+	if err := batch.Write(); err != nil {
+		log.Error("Error writing batch into chain database", "error", err)
+		return err
+	}
+	return nil
+}
+
+// deleteCommitteesFrom deletes committees starting from the given period.
+func (s *CommitteeChain) deleteCommitteesFrom(batch ethdb.Batch, period uint64) {
+	deleted := s.committees.deleteFrom(batch, period)
+	for period := deleted.Start; period < deleted.End; period++ {
+		s.committeeCache.Remove(period)
+	}
+}
+
+// addCommittee adds a committee at the given period if possible.
+func (s *CommitteeChain) addCommittee(period uint64, committee *types.SerializedSyncCommittee) error {
+	if !s.committees.periods.canExpand(period) {
+		return ErrInvalidPeriod
+	}
+	root := s.getCommitteeRoot(period)
+	if root == (common.Hash{}) {
+		return ErrInvalidPeriod
+	}
+	if root != committee.Root() {
+		return ErrWrongCommitteeRoot
+	}
+	if !s.committees.periods.contains(period) {
+		if err := s.committees.add(s.db, period, committee); err != nil {
+			return err
+		}
+		s.committeeCache.Remove(period)
+	}
+	return nil
+}
+
+// InsertUpdate adds a new update if possible.
+func (s *CommitteeChain) InsertUpdate(update *types.LightClientUpdate, nextCommittee *types.SerializedSyncCommittee) error {
+	s.chainmu.Lock()
+	defer s.chainmu.Unlock()
+
+	period := update.AttestedHeader.Header.SyncPeriod()
+	if !s.updates.periods.canExpand(period) || !s.committees.periods.contains(period) {
+		return ErrInvalidPeriod
+	}
+	if s.minimumUpdateScore.BetterThan(update.Score()) {
+		return ErrInvalidUpdate
+	}
+	oldRoot := s.getCommitteeRoot(period + 1)
+	reorg := oldRoot != (common.Hash{}) && oldRoot != update.NextSyncCommitteeRoot
+	if oldUpdate, ok := s.updates.get(s.db, period); ok && !update.Score().BetterThan(oldUpdate.Score()) {
+		// a better or equal update already exists; no changes, only fail if new one tried to reorg
+		if reorg {
+			return ErrCannotReorg
+		}
+		return nil
+	}
+	if s.fixedCommitteeRoots.periods.contains(period+1) && reorg {
+		return ErrCannotReorg
+	}
+	if ok, err := s.verifyUpdate(update); err != nil {
+		return err
+	} else if !ok {
+		return ErrInvalidUpdate
+	}
+	addCommittee := !s.committees.periods.contains(period+1) || reorg
+	if addCommittee {
+		if nextCommittee == nil {
+			return ErrNeedCommittee
+		}
+		if nextCommittee.Root() != update.NextSyncCommitteeRoot {
+			return ErrWrongCommitteeRoot
+		}
+	}
+	if reorg {
+		if err := s.rollback(period + 1); err != nil {
+			return err
+		}
+	}
+	batch := s.db.NewBatch()
+	if addCommittee {
+		if err := s.committees.add(batch, period+1, nextCommittee); err != nil {
+			return err
+		}
+		s.committeeCache.Remove(period + 1)
+	}
+	if err := s.updates.add(batch, period, update); err != nil {
+		return err
+	}
+	if err := batch.Write(); err != nil {
+		log.Error("Error writing batch into chain database", "error", err)
+		return err
+	}
+	log.Info("Inserted new committee update", "period", period, "next committee root", update.NextSyncCommitteeRoot)
+	return nil
+}
+
+// NextSyncPeriod returns the next period where an update can be added and also
+// whether the chain is initialized at all.
+func (s *CommitteeChain) NextSyncPeriod() (uint64, bool) {
+	s.chainmu.RLock()
+	defer s.chainmu.RUnlock()
+
+	if s.committees.periods.isEmpty() {
+		return 0, false
+	}
+	if !s.updates.periods.isEmpty() {
+		return s.updates.periods.End, true
+	}
+	return s.committees.periods.End - 1, true
+}
+
+// rollback removes all committees and fixed roots from the given period and updates
+// starting from the previous period.
+func (s *CommitteeChain) rollback(period uint64) error {
+	max := s.updates.periods.End + 1
+	if s.committees.periods.End > max {
+		max = s.committees.periods.End
+	}
+	if s.fixedCommitteeRoots.periods.End > max {
+		max = s.fixedCommitteeRoots.periods.End
+	}
+	for max > period {
+		max--
+		batch := s.db.NewBatch()
+		s.deleteCommitteesFrom(batch, max)
+		s.fixedCommitteeRoots.deleteFrom(batch, max)
+		if max > 0 {
+			s.updates.deleteFrom(batch, max-1)
+		}
+		if err := batch.Write(); err != nil {
+			log.Error("Error writing batch into chain database", "error", err)
+			return err
+		}
+	}
+	return nil
+}
+
+// getCommitteeRoot returns the committee root at the given period, either fixed,
+// proven by a previous update or both. It returns an empty hash if the committee
+// root is unknown.
+func (s *CommitteeChain) getCommitteeRoot(period uint64) common.Hash {
+	if root, ok := s.fixedCommitteeRoots.get(s.db, period); ok || period == 0 {
+		return root
+	}
+	if update, ok := s.updates.get(s.db, period-1); ok {
+		return update.NextSyncCommitteeRoot
+	}
+	return common.Hash{}
+}
+
+// getSyncCommittee returns the deserialized sync committee at the given period.
+func (s *CommitteeChain) getSyncCommittee(period uint64) (syncCommittee, error) {
+	if c, ok := s.committeeCache.Get(period); ok {
+		return c, nil
+	}
+	if sc, ok := s.committees.get(s.db, period); ok {
+		c, err := s.sigVerifier.deserializeSyncCommittee(sc)
+		if err != nil {
+			return nil, fmt.Errorf("Sync committee #%d deserialization error: %v", period, err)
+		}
+		s.committeeCache.Add(period, c)
+		return c, nil
+	}
+	return nil, fmt.Errorf("Missing serialized sync committee #%d", period)
+}
+
+// VerifySignedHeader returns true if the given signed header has a valid signature
+// according to the local committee chain. The caller should ensure that the
+// committees advertised by the same source where the signed header came from are
+// synced before verifying the signature.
+// The age of the header is also returned (the time elapsed since the beginning
+// of the given slot, according to the local system clock). If enforceTime is
+// true then negative age (future) headers are rejected.
+func (s *CommitteeChain) VerifySignedHeader(head types.SignedHeader) (bool, time.Duration, error) {
+	s.chainmu.RLock()
+	defer s.chainmu.RUnlock()
+
+	return s.verifySignedHeader(head)
+}
+
+func (s *CommitteeChain) verifySignedHeader(head types.SignedHeader) (bool, time.Duration, error) {
+	var age time.Duration
+	now := s.unixNano()
+	if head.Header.Slot < (uint64(now-math.MinInt64)/uint64(time.Second)-s.config.GenesisTime)/12 {
+		age = time.Duration(now - int64(time.Second)*int64(s.config.GenesisTime+head.Header.Slot*12))
+	} else {
+		age = time.Duration(math.MinInt64)
+	}
+	if s.enforceTime && age < 0 {
+		return false, age, nil
+	}
+	committee, err := s.getSyncCommittee(types.SyncPeriod(head.SignatureSlot))
+	if err != nil {
+		return false, 0, err
+	}
+	if committee == nil {
+		return false, age, nil
+	}
+	if signingRoot, err := s.config.Forks.SigningRoot(head.Header); err == nil {
+		return s.sigVerifier.verifySignature(committee, signingRoot, &head.Signature), age, nil
+	}
+	return false, age, nil
+}
+
+// verifyUpdate checks whether the header signature is correct and the update
+// fits into the specified constraints (assumes that the update has been
+// successfully validated previously)
+func (s *CommitteeChain) verifyUpdate(update *types.LightClientUpdate) (bool, error) {
+	// Note: SignatureSlot determines the sync period of the committee used for signature
+	// verification. Though in reality SignatureSlot is always bigger than update.Header.Slot,
+	// setting them as equal here enforces the rule that they have to be in the same sync
+	// period in order for the light client update proof to be meaningful.
+	ok, age, err := s.verifySignedHeader(update.AttestedHeader)
+	if age < 0 {
+		log.Warn("Future committee update received", "age", age)
+	}
+	return ok, err
+}

beacon/light/committee_chain_test.go

@@ -0,0 +1,356 @@
+// Copyright 2022 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package light
+
+import (
+	"crypto/rand"
+	"testing"
+	"time"
+
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/beacon/types"
+	"github.com/ethereum/go-ethereum/common/mclock"
+	"github.com/ethereum/go-ethereum/ethdb/memorydb"
+)
+
+var (
+	testGenesis  = newTestGenesis()
+	testGenesis2 = newTestGenesis()
+
+	tfBase = newTestForks(testGenesis, types.Forks{
+		&types.Fork{Epoch: 0, Version: []byte{0}},
+	})
+	tfAlternative = newTestForks(testGenesis, types.Forks{
+		&types.Fork{Epoch: 0, Version: []byte{0}},
+		&types.Fork{Epoch: 0x700, Version: []byte{1}},
+	})
+	tfAnotherGenesis = newTestForks(testGenesis2, types.Forks{
+		&types.Fork{Epoch: 0, Version: []byte{0}},
+	})
+
+	tcBase                      = newTestCommitteeChain(nil, tfBase, true, 0, 10, 400, false)
+	tcBaseWithInvalidUpdates    = newTestCommitteeChain(tcBase, tfBase, false, 5, 10, 200, false) // signer count too low
+	tcBaseWithBetterUpdates     = newTestCommitteeChain(tcBase, tfBase, false, 5, 10, 440, false)
+	tcReorgWithWorseUpdates     = newTestCommitteeChain(tcBase, tfBase, true, 5, 10, 400, false)
+	tcReorgWithWorseUpdates2    = newTestCommitteeChain(tcBase, tfBase, true, 5, 10, 380, false)
+	tcReorgWithBetterUpdates    = newTestCommitteeChain(tcBase, tfBase, true, 5, 10, 420, false)
+	tcReorgWithFinalizedUpdates = newTestCommitteeChain(tcBase, tfBase, true, 5, 10, 400, true)
+	tcFork                      = newTestCommitteeChain(tcBase, tfAlternative, true, 7, 10, 400, false)
+	tcAnotherGenesis            = newTestCommitteeChain(nil, tfAnotherGenesis, true, 0, 10, 400, false)
+)
+
+func TestCommitteeChainFixedCommitteeRoots(t *testing.T) {
+	for _, reload := range []bool{false, true} {
+		c := newCommitteeChainTest(t, tfBase, 300, true)
+		c.setClockPeriod(7)
+		c.addFixedCommitteeRoot(tcBase, 4, nil)
+		c.addFixedCommitteeRoot(tcBase, 5, nil)
+		c.addFixedCommitteeRoot(tcBase, 6, nil)
+		c.addFixedCommitteeRoot(tcBase, 8, ErrInvalidPeriod) // range has to be continuous
+		c.addFixedCommitteeRoot(tcBase, 3, nil)
+		c.addFixedCommitteeRoot(tcBase, 2, nil)
+		if reload {
+			c.reloadChain()
+		}
+		c.addCommittee(tcBase, 4, nil)
+		c.addCommittee(tcBase, 6, ErrInvalidPeriod) // range has to be continuous
+		c.addCommittee(tcBase, 5, nil)
+		c.addCommittee(tcBase, 6, nil)
+		c.addCommittee(tcAnotherGenesis, 3, ErrWrongCommitteeRoot)
+		c.addCommittee(tcBase, 3, nil)
+		if reload {
+			c.reloadChain()
+		}
+		c.verifyRange(tcBase, 3, 6)
+	}
+}
+
+func TestCommitteeChainCheckpointSync(t *testing.T) {
+	for _, enforceTime := range []bool{false, true} {
+		for _, reload := range []bool{false, true} {
+			c := newCommitteeChainTest(t, tfBase, 300, enforceTime)
+			if enforceTime {
+				c.setClockPeriod(6)
+			}
+			c.insertUpdate(tcBase, 3, true, ErrInvalidPeriod)
+			c.addFixedCommitteeRoot(tcBase, 3, nil)
+			c.addFixedCommitteeRoot(tcBase, 4, nil)
+			c.insertUpdate(tcBase, 4, true, ErrInvalidPeriod) // still no committee
+			c.addCommittee(tcBase, 3, nil)
+			c.addCommittee(tcBase, 4, nil)
+			if reload {
+				c.reloadChain()
+			}
+			c.verifyRange(tcBase, 3, 4)
+			c.insertUpdate(tcBase, 3, false, nil)              // update can be added without committee here
+			c.insertUpdate(tcBase, 4, false, ErrNeedCommittee) // but not here as committee 5 is not there yet
+			c.insertUpdate(tcBase, 4, true, nil)
+			c.verifyRange(tcBase, 3, 5)
+			c.insertUpdate(tcBaseWithInvalidUpdates, 5, true, ErrInvalidUpdate) // signer count too low
+			c.insertUpdate(tcBase, 5, true, nil)
+			if reload {
+				c.reloadChain()
+			}
+			if enforceTime {
+				c.insertUpdate(tcBase, 6, true, ErrInvalidUpdate) // future update rejected
+				c.setClockPeriod(7)
+			}
+			c.insertUpdate(tcBase, 6, true, nil) // when the time comes it's accepted
+			if reload {
+				c.reloadChain()
+			}
+			if enforceTime {
+				c.verifyRange(tcBase, 3, 6) // committee 7 is there but still in the future
+				c.setClockPeriod(8)
+			}
+			c.verifyRange(tcBase, 3, 7) // now period 7 can also be verified
+			// try reverse syncing an update
+			c.insertUpdate(tcBase, 2, false, ErrInvalidPeriod) // fixed committee is needed first
+			c.addFixedCommitteeRoot(tcBase, 2, nil)
+			c.addCommittee(tcBase, 2, nil)
+			c.insertUpdate(tcBase, 2, false, nil)
+			c.verifyRange(tcBase, 2, 7)
+		}
+	}
+}
+
+func TestCommitteeChainReorg(t *testing.T) {
+	for _, reload := range []bool{false, true} {
+		for _, addBetterUpdates := range []bool{false, true} {
+			c := newCommitteeChainTest(t, tfBase, 300, true)
+			c.setClockPeriod(11)
+			c.addFixedCommitteeRoot(tcBase, 3, nil)
+			c.addFixedCommitteeRoot(tcBase, 4, nil)
+			c.addCommittee(tcBase, 3, nil)
+			for period := uint64(3); period < 10; period++ {
+				c.insertUpdate(tcBase, period, true, nil)
+			}
+			if reload {
+				c.reloadChain()
+			}
+			c.verifyRange(tcBase, 3, 10)
+			c.insertUpdate(tcReorgWithWorseUpdates, 5, true, ErrCannotReorg)
+			c.insertUpdate(tcReorgWithWorseUpdates2, 5, true, ErrCannotReorg)
+			if addBetterUpdates {
+				// add better updates for the base chain and expect first reorg to fail
+				// (only add updates as committees should be the same)
+				for period := uint64(5); period < 10; period++ {
+					c.insertUpdate(tcBaseWithBetterUpdates, period, false, nil)
+				}
+				if reload {
+					c.reloadChain()
+				}
+				c.verifyRange(tcBase, 3, 10) // still on the same chain
+				c.insertUpdate(tcReorgWithBetterUpdates, 5, true, ErrCannotReorg)
+			} else {
+				// reorg with better updates
+				c.insertUpdate(tcReorgWithBetterUpdates, 5, false, ErrNeedCommittee)
+				c.verifyRange(tcBase, 3, 10) // no success yet, still on the base chain
+				c.verifyRange(tcReorgWithBetterUpdates, 3, 5)
+				c.insertUpdate(tcReorgWithBetterUpdates, 5, true, nil)
+				// successful reorg, base chain should only match before the reorg period
+				if reload {
+					c.reloadChain()
+				}
+				c.verifyRange(tcBase, 3, 5)
+				c.verifyRange(tcReorgWithBetterUpdates, 3, 6)
+				for period := uint64(6); period < 10; period++ {
+					c.insertUpdate(tcReorgWithBetterUpdates, period, true, nil)
+				}
+				c.verifyRange(tcReorgWithBetterUpdates, 3, 10)
+			}
+			// reorg with finalized updates; should succeed even if base chain updates
+			// have been improved because a finalized update beats everything else
+			c.insertUpdate(tcReorgWithFinalizedUpdates, 5, false, ErrNeedCommittee)
+			c.insertUpdate(tcReorgWithFinalizedUpdates, 5, true, nil)
+			if reload {
+				c.reloadChain()
+			}
+			c.verifyRange(tcReorgWithFinalizedUpdates, 3, 6)
+			for period := uint64(6); period < 10; period++ {
+				c.insertUpdate(tcReorgWithFinalizedUpdates, period, true, nil)
+			}
+			c.verifyRange(tcReorgWithFinalizedUpdates, 3, 10)
+		}
+	}
+}
+
+func TestCommitteeChainFork(t *testing.T) {
+	c := newCommitteeChainTest(t, tfAlternative, 300, true)
+	c.setClockPeriod(11)
+	// trying to sync a chain on an alternative fork with the base chain data
+	c.addFixedCommitteeRoot(tcBase, 0, nil)
+	c.addFixedCommitteeRoot(tcBase, 1, nil)
+	c.addCommittee(tcBase, 0, nil)
+	// shared section should sync without errors
+	for period := uint64(0); period < 7; period++ {
+		c.insertUpdate(tcBase, period, true, nil)
+	}
+	c.insertUpdate(tcBase, 7, true, ErrInvalidUpdate) // wrong fork
+	// committee root #7 is still the same but signatures are already signed with
+	// a different fork id so period 7 should only verify on the alternative fork
+	c.verifyRange(tcBase, 0, 6)
+	c.verifyRange(tcFork, 0, 7)
+	for period := uint64(7); period < 10; period++ {
+		c.insertUpdate(tcFork, period, true, nil)
+	}
+	c.verifyRange(tcFork, 0, 10)
+	// reload the chain while switching to the base fork
+	c.config = tfBase
+	c.reloadChain()
+	// updates 7..9 should be rolled back now
+	c.verifyRange(tcFork, 0, 6) // again, period 7 only verifies on the right fork
+	c.verifyRange(tcBase, 0, 7)
+	c.insertUpdate(tcFork, 7, true, ErrInvalidUpdate) // wrong fork
+	for period := uint64(7); period < 10; period++ {
+		c.insertUpdate(tcBase, period, true, nil)
+	}
+	c.verifyRange(tcBase, 0, 10)
+}
+
+type committeeChainTest struct {
+	t               *testing.T
+	db              *memorydb.Database
+	clock           *mclock.Simulated
+	config          types.ChainConfig
+	signerThreshold int
+	enforceTime     bool
+	chain           *CommitteeChain
+}
+
+func newCommitteeChainTest(t *testing.T, config types.ChainConfig, signerThreshold int, enforceTime bool) *committeeChainTest {
+	c := &committeeChainTest{
+		t:               t,
+		db:              memorydb.New(),
+		clock:           &mclock.Simulated{},
+		config:          config,
+		signerThreshold: signerThreshold,
+		enforceTime:     enforceTime,
+	}
+	c.chain = newCommitteeChain(c.db, &config, signerThreshold, enforceTime, dummyVerifier{}, c.clock, func() int64 { return int64(c.clock.Now()) })
+	return c
+}
+
+func (c *committeeChainTest) reloadChain() {
+	c.chain = newCommitteeChain(c.db, &c.config, c.signerThreshold, c.enforceTime, dummyVerifier{}, c.clock, func() int64 { return int64(c.clock.Now()) })
+}
+
+func (c *committeeChainTest) setClockPeriod(period float64) {
+	target := mclock.AbsTime(period * float64(time.Second*12*params.SyncPeriodLength))
+	wait := time.Duration(target - c.clock.Now())
+	if wait < 0 {
+		c.t.Fatalf("Invalid setClockPeriod")
+	}
+	c.clock.Run(wait)
+}
+
+func (c *committeeChainTest) addFixedCommitteeRoot(tc *testCommitteeChain, period uint64, expErr error) {
+	if err := c.chain.addFixedCommitteeRoot(period, tc.periods[period].committee.Root()); err != expErr {
+		c.t.Errorf("Incorrect error output from addFixedCommitteeRoot at period %d (expected %v, got %v)", period, expErr, err)
+	}
+}
+
+func (c *committeeChainTest) addCommittee(tc *testCommitteeChain, period uint64, expErr error) {
+	if err := c.chain.addCommittee(period, tc.periods[period].committee); err != expErr {
+		c.t.Errorf("Incorrect error output from addCommittee at period %d (expected %v, got %v)", period, expErr, err)
+	}
+}
+
+func (c *committeeChainTest) insertUpdate(tc *testCommitteeChain, period uint64, addCommittee bool, expErr error) {
+	var committee *types.SerializedSyncCommittee
+	if addCommittee {
+		committee = tc.periods[period+1].committee
+	}
+	if err := c.chain.InsertUpdate(tc.periods[period].update, committee); err != expErr {
+		c.t.Errorf("Incorrect error output from InsertUpdate at period %d (expected %v, got %v)", period, expErr, err)
+	}
+}
+
+func (c *committeeChainTest) verifySignedHeader(tc *testCommitteeChain, period float64, expOk bool) {
+	slot := uint64(period * float64(params.SyncPeriodLength))
+	signedHead := GenerateTestSignedHeader(types.Header{Slot: slot}, &tc.config, tc.periods[types.SyncPeriod(slot)].committee, slot+1, 400)
+	if ok, _, _ := c.chain.VerifySignedHeader(signedHead); ok != expOk {
+		c.t.Errorf("Incorrect output from VerifySignedHeader at period %f (expected %v, got %v)", period, expOk, ok)
+	}
+}
+
+func (c *committeeChainTest) verifyRange(tc *testCommitteeChain, begin, end uint64) {
+	if begin > 0 {
+		c.verifySignedHeader(tc, float64(begin)-0.5, false)
+	}
+	for period := begin; period <= end; period++ {
+		c.verifySignedHeader(tc, float64(period)+0.5, true)
+	}
+	c.verifySignedHeader(tc, float64(end)+1.5, false)
+}
+
+func newTestGenesis() types.ChainConfig {
+	var config types.ChainConfig
+	rand.Read(config.GenesisValidatorsRoot[:])
+	return config
+}
+
+func newTestForks(config types.ChainConfig, forks types.Forks) types.ChainConfig {
+	for _, fork := range forks {
+		config.AddFork(fork.Name, fork.Epoch, fork.Version)
+	}
+	return config
+}
+
+func newTestCommitteeChain(parent *testCommitteeChain, config types.ChainConfig, newCommittees bool, begin, end int, signerCount int, finalizedHeader bool) *testCommitteeChain {
+	tc := &testCommitteeChain{
+		config: config,
+	}
+	if parent != nil {
+		tc.periods = make([]testPeriod, len(parent.periods))
+		copy(tc.periods, parent.periods)
+	}
+	if newCommittees {
+		if begin == 0 {
+			tc.fillCommittees(begin, end+1)
+		} else {
+			tc.fillCommittees(begin+1, end+1)
+		}
+	}
+	tc.fillUpdates(begin, end, signerCount, finalizedHeader)
+	return tc
+}
+
+type testPeriod struct {
+	committee *types.SerializedSyncCommittee
+	update    *types.LightClientUpdate
+}
+
+type testCommitteeChain struct {
+	periods []testPeriod
+	config  types.ChainConfig
+}
+
+func (tc *testCommitteeChain) fillCommittees(begin, end int) {
+	if len(tc.periods) <= end {
+		tc.periods = append(tc.periods, make([]testPeriod, end+1-len(tc.periods))...)
+	}
+	for i := begin; i <= end; i++ {
+		tc.periods[i].committee = GenerateTestCommittee()
+	}
+}
+
+func (tc *testCommitteeChain) fillUpdates(begin, end int, signerCount int, finalizedHeader bool) {
+	for i := begin; i <= end; i++ {
+		tc.periods[i].update = GenerateTestUpdate(&tc.config, uint64(i), tc.periods[i].committee, tc.periods[i+1].committee, signerCount, finalizedHeader)
+	}
+}

beacon/light/range.go

@@ -0,0 +1,78 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package light
+
+// periodRange represents a (possibly zero-length) range of integers (sync periods).
+type periodRange struct {
+	Start, End uint64
+}
+
+// isEmpty returns true if the length of the range is zero.
+func (a periodRange) isEmpty() bool {
+	return a.End == a.Start
+}
+
+// contains returns true if the range includes the given period.
+func (a periodRange) contains(period uint64) bool {
+	return period >= a.Start && period < a.End
+}
+
+// canExpand returns true if the range includes or can be expanded with the given
+// period (either the range is empty or the given period is inside, right before or
+// right after the range).
+func (a periodRange) canExpand(period uint64) bool {
+	return a.isEmpty() || (period+1 >= a.Start && period <= a.End)
+}
+
+// expand expands the range with the given period.
+// This method assumes that canExpand returned true: otherwise this is a no-op.
+func (a *periodRange) expand(period uint64) {
+	if a.isEmpty() {
+		a.Start, a.End = period, period+1
+		return
+	}
+	if a.Start == period+1 {
+		a.Start--
+	}
+	if a.End == period {
+		a.End++
+	}
+}
+
+// split splits the range into two ranges. The 'fromPeriod' will be the first
+// element in the second range (if present).
+// The original range is unchanged by this operation
+func (a *periodRange) split(fromPeriod uint64) (periodRange, periodRange) {
+	if fromPeriod <= a.Start {
+		// First range empty, everything in second range,
+		return periodRange{}, *a
+	}
+	if fromPeriod >= a.End {
+		// Second range empty, everything in first range,
+		return *a, periodRange{}
+	}
+	x := periodRange{a.Start, fromPeriod}
+	y := periodRange{fromPeriod, a.End}
+	return x, y
+}
+
+// each invokes the supplied function fn once per period in range
+func (a *periodRange) each(fn func(uint64)) {
+	for p := a.Start; p < a.End; p++ {
+		fn(p)
+	}
+}

beacon/light/test_helpers.go

@@ -0,0 +1,152 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package light
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	mrand "math/rand"
+
+	"github.com/ethereum/go-ethereum/beacon/merkle"
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/beacon/types"
+	"github.com/ethereum/go-ethereum/common"
+)
+
+func GenerateTestCommittee() *types.SerializedSyncCommittee {
+	s := new(types.SerializedSyncCommittee)
+	rand.Read(s[:32])
+	return s
+}
+
+func GenerateTestUpdate(config *types.ChainConfig, period uint64, committee, nextCommittee *types.SerializedSyncCommittee, signerCount int, finalizedHeader bool) *types.LightClientUpdate {
+	update := new(types.LightClientUpdate)
+	update.NextSyncCommitteeRoot = nextCommittee.Root()
+	var attestedHeader types.Header
+	if finalizedHeader {
+		update.FinalizedHeader = new(types.Header)
+		*update.FinalizedHeader, update.NextSyncCommitteeBranch = makeTestHeaderWithMerkleProof(types.SyncPeriodStart(period)+100, params.StateIndexNextSyncCommittee, merkle.Value(update.NextSyncCommitteeRoot))
+		attestedHeader, update.FinalityBranch = makeTestHeaderWithMerkleProof(types.SyncPeriodStart(period)+200, params.StateIndexFinalBlock, merkle.Value(update.FinalizedHeader.Hash()))
+	} else {
+		attestedHeader, update.NextSyncCommitteeBranch = makeTestHeaderWithMerkleProof(types.SyncPeriodStart(period)+2000, params.StateIndexNextSyncCommittee, merkle.Value(update.NextSyncCommitteeRoot))
+	}
+	update.AttestedHeader = GenerateTestSignedHeader(attestedHeader, config, committee, attestedHeader.Slot+1, signerCount)
+	return update
+}
+
+func GenerateTestSignedHeader(header types.Header, config *types.ChainConfig, committee *types.SerializedSyncCommittee, signatureSlot uint64, signerCount int) types.SignedHeader {
+	bitmask := makeBitmask(signerCount)
+	signingRoot, _ := config.Forks.SigningRoot(header)
+	c, _ := dummyVerifier{}.deserializeSyncCommittee(committee)
+	return types.SignedHeader{
+		Header: header,
+		Signature: types.SyncAggregate{
+			Signers:   bitmask,
+			Signature: makeDummySignature(c.(dummySyncCommittee), signingRoot, bitmask),
+		},
+		SignatureSlot: signatureSlot,
+	}
+}
+
+func GenerateTestCheckpoint(period uint64, committee *types.SerializedSyncCommittee) *types.BootstrapData {
+	header, branch := makeTestHeaderWithMerkleProof(types.SyncPeriodStart(period)+200, params.StateIndexSyncCommittee, merkle.Value(committee.Root()))
+	return &types.BootstrapData{
+		Header:          header,
+		Committee:       committee,
+		CommitteeRoot:   committee.Root(),
+		CommitteeBranch: branch,
+	}
+}
+
+func makeBitmask(signerCount int) (bitmask [params.SyncCommitteeBitmaskSize]byte) {
+	for i := 0; i < params.SyncCommitteeSize; i++ {
+		if mrand.Intn(params.SyncCommitteeSize-i) < signerCount {
+			bitmask[i/8] += byte(1) << (i & 7)
+			signerCount--
+		}
+	}
+	return
+}
+
+func makeTestHeaderWithMerkleProof(slot, index uint64, value merkle.Value) (types.Header, merkle.Values) {
+	var branch merkle.Values
+	hasher := sha256.New()
+	for index > 1 {
+		var proofHash merkle.Value
+		rand.Read(proofHash[:])
+		hasher.Reset()
+		if index&1 == 0 {
+			hasher.Write(value[:])
+			hasher.Write(proofHash[:])
+		} else {
+			hasher.Write(proofHash[:])
+			hasher.Write(value[:])
+		}
+		hasher.Sum(value[:0])
+		index >>= 1
+		branch = append(branch, proofHash)
+	}
+	return types.Header{Slot: slot, StateRoot: common.Hash(value)}, branch
+}
+
+// syncCommittee holds either a blsSyncCommittee or a fake dummySyncCommittee used for testing
+type syncCommittee interface{}
+
+// committeeSigVerifier verifies sync committee signatures (either proper BLS
+// signatures or fake signatures used for testing)
+type committeeSigVerifier interface {
+	deserializeSyncCommittee(s *types.SerializedSyncCommittee) (syncCommittee, error)
+	verifySignature(committee syncCommittee, signedRoot common.Hash, aggregate *types.SyncAggregate) bool
+}
+
+// blsVerifier implements committeeSigVerifier
+type blsVerifier struct{}
+
+// deserializeSyncCommittee implements committeeSigVerifier
+func (blsVerifier) deserializeSyncCommittee(s *types.SerializedSyncCommittee) (syncCommittee, error) {
+	return s.Deserialize()
+}
+
+// verifySignature implements committeeSigVerifier
+func (blsVerifier) verifySignature(committee syncCommittee, signingRoot common.Hash, aggregate *types.SyncAggregate) bool {
+	return committee.(*types.SyncCommittee).VerifySignature(signingRoot, aggregate)
+}
+
+type dummySyncCommittee [32]byte
+
+// dummyVerifier implements committeeSigVerifier
+type dummyVerifier struct{}
+
+// deserializeSyncCommittee implements committeeSigVerifier
+func (dummyVerifier) deserializeSyncCommittee(s *types.SerializedSyncCommittee) (syncCommittee, error) {
+	var sc dummySyncCommittee
+	copy(sc[:], s[:32])
+	return sc, nil
+}
+
+// verifySignature implements committeeSigVerifier
+func (dummyVerifier) verifySignature(committee syncCommittee, signingRoot common.Hash, aggregate *types.SyncAggregate) bool {
+	return aggregate.Signature == makeDummySignature(committee.(dummySyncCommittee), signingRoot, aggregate.Signers)
+}
+
+func makeDummySignature(committee dummySyncCommittee, signingRoot common.Hash, bitmask [params.SyncCommitteeBitmaskSize]byte) (sig [params.BLSSignatureSize]byte) {
+	for i, b := range committee[:] {
+		sig[i] = b ^ signingRoot[i]
+	}
+	copy(sig[32:], bitmask[:])
+	return
+}

beacon/merkle/merkle.go

@@ -0,0 +1,67 @@
+// Copyright 2022 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+// Package merkle implements proof verifications in binary merkle trees.
+package merkle
+
+import (
+	"crypto/sha256"
+	"errors"
+	"reflect"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+)
+
+// Value represents either a 32 byte leaf value or hash node in a binary merkle tree/partial proof.
+type Value [32]byte
+
+// Values represent a series of merkle tree leaves/nodes.
+type Values []Value
+
+var valueT = reflect.TypeOf(Value{})
+
+// UnmarshalJSON parses a merkle value in hex syntax.
+func (m *Value) UnmarshalJSON(input []byte) error {
+	return hexutil.UnmarshalFixedJSON(valueT, input, m[:])
+}
+
+// VerifyProof verifies a Merkle proof branch for a single value in a
+// binary Merkle tree (index is a generalized tree index).
+func VerifyProof(root common.Hash, index uint64, branch Values, value Value) error {
+	hasher := sha256.New()
+	for _, sibling := range branch {
+		hasher.Reset()
+		if index&1 == 0 {
+			hasher.Write(value[:])
+			hasher.Write(sibling[:])
+		} else {
+			hasher.Write(sibling[:])
+			hasher.Write(value[:])
+		}
+		hasher.Sum(value[:0])
+		if index >>= 1; index == 0 {
+			return errors.New("branch has extra items")
+		}
+	}
+	if index != 1 {
+		return errors.New("branch is missing items")
+	}
+	if common.Hash(value) != root {
+		return errors.New("root mismatch")
+	}
+	return nil
+}

beacon/params/params.go

@@ -1,4 +1,4 @@
-// Copyright 2021 The go-ethereum Authors
+// Copyright 2022 The go-ethereum Authors
 // This file is part of the go-ethereum library.
 //
 // The go-ethereum library is free software: you can redistribute it and/or modify
@@ -14,22 +14,31 @@
 // You should have received a copy of the GNU Lesser General Public License
 // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
 
-//go:build linux
-// +build linux
+package params
 
-package ethash
+const (
+	EpochLength      = 32
+	SyncPeriodLength = 8192
 
-import (
-	"os"
+	BLSSignatureSize = 96
+	BLSPubkeySize    = 48
 
-	"golang.org/x/sys/unix"
+	SyncCommitteeSize          = 512
+	SyncCommitteeBitmaskSize   = SyncCommitteeSize / 8
+	SyncCommitteeSupermajority = (SyncCommitteeSize*2 + 2) / 3
 )
 
-// ensureSize expands the file to the given size. This is to prevent runtime
-// errors later on, if the underlying file expands beyond the disk capacity,
-// even though it ostensibly is already expanded, but due to being sparse
-// does not actually occupy the full declared size on disk.
-func ensureSize(f *os.File, size int64) error {
-	// Docs: https://www.man7.org/linux/man-pages/man2/fallocate.2.html
-	return unix.Fallocate(int(f.Fd()), 0, 0, size)
-}
+const (
+	StateIndexGenesisTime       = 32
+	StateIndexGenesisValidators = 33
+	StateIndexForkVersion       = 141
+	StateIndexLatestHeader      = 36
+	StateIndexBlockRoots        = 37
+	StateIndexStateRoots        = 38
+	StateIndexHistoricRoots     = 39
+	StateIndexFinalBlock        = 105
+	StateIndexSyncCommittee     = 54
+	StateIndexNextSyncCommittee = 55
+	StateIndexExecPayload       = 56
+	StateIndexExecHead          = 908
+)

beacon/types/committee.go

@@ -0,0 +1,191 @@
+// Copyright 2023 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package types
+
+import (
+	"crypto/sha256"
+	"encoding/json"
+	"fmt"
+	"math/bits"
+
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	bls "github.com/protolambda/bls12-381-util"
+)
+
+// SerializedSyncCommitteeSize is the size of the sync committee plus the
+// aggregate public key.
+const SerializedSyncCommitteeSize = (params.SyncCommitteeSize + 1) * params.BLSPubkeySize
+
+// SerializedSyncCommittee is the serialized version of a sync committee
+// plus the aggregate public key.
+type SerializedSyncCommittee [SerializedSyncCommitteeSize]byte
+
+// jsonSyncCommittee is the JSON representation of a sync committee.
+//
+// See data structure definition here:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/beacon-chain.md#syncaggregate
+type jsonSyncCommittee struct {
+	Pubkeys   []hexutil.Bytes `json:"pubkeys"`
+	Aggregate hexutil.Bytes   `json:"aggregate_pubkey"`
+}
+
+// MarshalJSON implements json.Marshaler.
+func (s *SerializedSyncCommittee) MarshalJSON() ([]byte, error) {
+	sc := jsonSyncCommittee{Pubkeys: make([]hexutil.Bytes, params.SyncCommitteeSize)}
+	for i := range sc.Pubkeys {
+		sc.Pubkeys[i] = make(hexutil.Bytes, params.BLSPubkeySize)
+		copy(sc.Pubkeys[i][:], s[i*params.BLSPubkeySize:(i+1)*params.BLSPubkeySize])
+	}
+	sc.Aggregate = make(hexutil.Bytes, params.BLSPubkeySize)
+	copy(sc.Aggregate[:], s[params.SyncCommitteeSize*params.BLSPubkeySize:])
+	return json.Marshal(&sc)
+}
+
+// UnmarshalJSON implements json.Marshaler.
+func (s *SerializedSyncCommittee) UnmarshalJSON(input []byte) error {
+	var sc jsonSyncCommittee
+	if err := json.Unmarshal(input, &sc); err != nil {
+		return err
+	}
+	if len(sc.Pubkeys) != params.SyncCommitteeSize {
+		return fmt.Errorf("invalid number of pubkeys %d", len(sc.Pubkeys))
+	}
+	for i, key := range sc.Pubkeys {
+		if len(key) != params.BLSPubkeySize {
+			return fmt.Errorf("pubkey %d has invalid size %d", i, len(key))
+		}
+		copy(s[i*params.BLSPubkeySize:], key[:])
+	}
+	if len(sc.Aggregate) != params.BLSPubkeySize {
+		return fmt.Errorf("invalid aggregate pubkey size %d", len(sc.Aggregate))
+	}
+	copy(s[params.SyncCommitteeSize*params.BLSPubkeySize:], sc.Aggregate[:])
+	return nil
+}
+
+// Root calculates the root hash of the binary tree representation of a sync
+// committee provided in serialized format.
+//
+// TODO(zsfelfoldi): Get rid of this when SSZ encoding lands.
+func (s *SerializedSyncCommittee) Root() common.Hash {
+	var (
+		hasher  = sha256.New()
+		padding [64 - params.BLSPubkeySize]byte
+		data    [params.SyncCommitteeSize]common.Hash
+		l       = params.SyncCommitteeSize
+	)
+	for i := range data {
+		hasher.Reset()
+		hasher.Write(s[i*params.BLSPubkeySize : (i+1)*params.BLSPubkeySize])
+		hasher.Write(padding[:])
+		hasher.Sum(data[i][:0])
+	}
+	for l > 1 {
+		for i := 0; i < l/2; i++ {
+			hasher.Reset()
+			hasher.Write(data[i*2][:])
+			hasher.Write(data[i*2+1][:])
+			hasher.Sum(data[i][:0])
+		}
+		l /= 2
+	}
+	hasher.Reset()
+	hasher.Write(s[SerializedSyncCommitteeSize-params.BLSPubkeySize : SerializedSyncCommitteeSize])
+	hasher.Write(padding[:])
+	hasher.Sum(data[1][:0])
+	hasher.Reset()
+	hasher.Write(data[0][:])
+	hasher.Write(data[1][:])
+	hasher.Sum(data[0][:0])
+	return data[0]
+}
+
+// Deserialize splits open the pubkeys into proper BLS key types.
+func (s *SerializedSyncCommittee) Deserialize() (*SyncCommittee, error) {
+	sc := new(SyncCommittee)
+	for i := 0; i <= params.SyncCommitteeSize; i++ {
+		key := new(bls.Pubkey)
+
+		var bytes [params.BLSPubkeySize]byte
+		copy(bytes[:], s[i*params.BLSPubkeySize:(i+1)*params.BLSPubkeySize])
+
+		if err := key.Deserialize(&bytes); err != nil {
+			return nil, err
+		}
+		if i < params.SyncCommitteeSize {
+			sc.keys[i] = key
+		} else {
+			sc.aggregate = key
+		}
+	}
+	return sc, nil
+}
+
+// SyncCommittee is a set of sync committee signer pubkeys and the aggregate key.
+//
+// See data structure definition here:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/beacon-chain.md#syncaggregate
+type SyncCommittee struct {
+	keys      [params.SyncCommitteeSize]*bls.Pubkey
+	aggregate *bls.Pubkey
+}
+
+// VerifySignature returns true if the given sync aggregate is a valid signature
+// or the given hash.
+func (sc *SyncCommittee) VerifySignature(signingRoot common.Hash, signature *SyncAggregate) bool {
+	var (
+		sig  bls.Signature
+		keys = make([]*bls.Pubkey, 0, params.SyncCommitteeSize)
+	)
+	if err := sig.Deserialize(&signature.Signature); err != nil {
+		return false
+	}
+	for i, key := range sc.keys {
+		if signature.Signers[i/8]&(byte(1)<<(i%8)) != 0 {
+			keys = append(keys, key)
+		}
+	}
+	return bls.FastAggregateVerify(keys, signingRoot[:], &sig)
+}
+
+//go:generate go run github.com/fjl/gencodec -type SyncAggregate -field-override syncAggregateMarshaling -out gen_syncaggregate_json.go
+
+// SyncAggregate represents an aggregated BLS signature with Signers referring
+// to a subset of the corresponding sync committee.
+//
+// See data structure definition here:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/beacon-chain.md#syncaggregate
+type SyncAggregate struct {
+	Signers   [params.SyncCommitteeBitmaskSize]byte `gencodec:"required" json:"sync_committee_bits"`
+	Signature [params.BLSSignatureSize]byte         `gencodec:"required" json:"sync_committee_signature"`
+}
+
+type syncAggregateMarshaling struct {
+	Signers   hexutil.Bytes
+	Signature hexutil.Bytes
+}
+
+// SignerCount returns the number of signers in the aggregate signature.
+func (s *SyncAggregate) SignerCount() int {
+	var count int
+	for _, v := range s.Signers {
+		count += bits.OnesCount8(v)
+	}
+	return count
+}

beacon/types/config.go

@@ -0,0 +1,176 @@
+// Copyright 2022 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package types
+
+import (
+	"crypto/sha256"
+	"fmt"
+	"os"
+	"sort"
+	"strconv"
+	"strings"
+
+	"github.com/ethereum/go-ethereum/beacon/merkle"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"gopkg.in/yaml.v3"
+)
+
+// syncCommitteeDomain specifies the signatures specific use to avoid clashes
+// across signing different data structures.
+const syncCommitteeDomain = 7
+
+// Fork describes a single beacon chain fork and also stores the calculated
+// signature domain used after this fork.
+type Fork struct {
+	// Name of the fork in the chain config (config.yaml) file{
+	Name string
+
+	// Epoch when given fork version is activated
+	Epoch uint64
+
+	// Fork version, see https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#custom-types
+	Version []byte
+
+	// calculated by computeDomain, based on fork version and genesis validators root
+	domain merkle.Value
+}
+
+// computeDomain returns the signature domain based on the given fork version
+// and genesis validator set root.
+func (f *Fork) computeDomain(genesisValidatorsRoot common.Hash) {
+	var (
+		hasher        = sha256.New()
+		forkVersion32 merkle.Value
+		forkDataRoot  merkle.Value
+	)
+	copy(forkVersion32[:], f.Version)
+	hasher.Write(forkVersion32[:])
+	hasher.Write(genesisValidatorsRoot[:])
+	hasher.Sum(forkDataRoot[:0])
+
+	f.domain[0] = syncCommitteeDomain
+	copy(f.domain[4:], forkDataRoot[:28])
+}
+
+// Forks is the list of all beacon chain forks in the chain configuration.
+type Forks []*Fork
+
+// domain returns the signature domain for the given epoch (assumes that domains
+// have already been calculated).
+func (f Forks) domain(epoch uint64) (merkle.Value, error) {
+	for i := len(f) - 1; i >= 0; i-- {
+		if epoch >= f[i].Epoch {
+			return f[i].domain, nil
+		}
+	}
+	return merkle.Value{}, fmt.Errorf("unknown fork for epoch %d", epoch)
+}
+
+// SigningRoot calculates the signing root of the given header.
+func (f Forks) SigningRoot(header Header) (common.Hash, error) {
+	domain, err := f.domain(header.Epoch())
+	if err != nil {
+		return common.Hash{}, err
+	}
+	var (
+		signingRoot common.Hash
+		headerHash  = header.Hash()
+		hasher      = sha256.New()
+	)
+	hasher.Write(headerHash[:])
+	hasher.Write(domain[:])
+	hasher.Sum(signingRoot[:0])
+
+	return signingRoot, nil
+}
+
+func (f Forks) Len() int           { return len(f) }
+func (f Forks) Swap(i, j int)      { f[i], f[j] = f[j], f[i] }
+func (f Forks) Less(i, j int) bool { return f[i].Epoch < f[j].Epoch }
+
+// ChainConfig contains the beacon chain configuration.
+type ChainConfig struct {
+	GenesisTime           uint64      // Unix timestamp of slot 0
+	GenesisValidatorsRoot common.Hash // Root hash of the genesis validator set, used for signature domain calculation
+	Forks                 Forks
+}
+
+// AddFork adds a new item to the list of forks.
+func (c *ChainConfig) AddFork(name string, epoch uint64, version []byte) *ChainConfig {
+	fork := &Fork{
+		Name:    name,
+		Epoch:   epoch,
+		Version: version,
+	}
+	fork.computeDomain(c.GenesisValidatorsRoot)
+
+	c.Forks = append(c.Forks, fork)
+	sort.Sort(c.Forks)
+
+	return c
+}
+
+// LoadForks parses the beacon chain configuration file (config.yaml) and extracts
+// the list of forks.
+func (c *ChainConfig) LoadForks(path string) error {
+	file, err := os.ReadFile(path)
+	if err != nil {
+		return fmt.Errorf("failed to read beacon chain config file: %v", err)
+	}
+	config := make(map[string]string)
+	if err := yaml.Unmarshal(file, &config); err != nil {
+		return fmt.Errorf("failed to parse beacon chain config file: %v", err)
+	}
+	var (
+		versions = make(map[string][]byte)
+		epochs   = make(map[string]uint64)
+	)
+	epochs["GENESIS"] = 0
+
+	for key, value := range config {
+		if strings.HasSuffix(key, "_FORK_VERSION") {
+			name := key[:len(key)-len("_FORK_VERSION")]
+			if v, err := hexutil.Decode(value); err == nil {
+				versions[name] = v
+			} else {
+				return fmt.Errorf("failed to decode hex fork id %q in beacon chain config file: %v", value, err)
+			}
+		}
+		if strings.HasSuffix(key, "_FORK_EPOCH") {
+			name := key[:len(key)-len("_FORK_EPOCH")]
+			if v, err := strconv.ParseUint(value, 10, 64); err == nil {
+				epochs[name] = v
+			} else {
+				return fmt.Errorf("failed to parse epoch number %q in beacon chain config file: %v", value, err)
+			}
+		}
+	}
+	for name, epoch := range epochs {
+		if version, ok := versions[name]; ok {
+			delete(versions, name)
+			c.AddFork(name, epoch, version)
+		} else {
+			return fmt.Errorf("fork id missing for %q in beacon chain config file", name)
+		}
+	}
+	for name := range versions {
+		return fmt.Errorf("epoch number missing for fork %q in beacon chain config file", name)
+	}
+	sort.Sort(c.Forks)
+	return nil
+}

beacon/types/gen_header_json.go

@@ -0,0 +1,66 @@
+// Code generated by github.com/fjl/gencodec. DO NOT EDIT.
+
+package types
+
+import (
+	"encoding/json"
+	"errors"
+
+	"github.com/ethereum/go-ethereum/common"
+)
+
+var _ = (*headerMarshaling)(nil)
+
+// MarshalJSON marshals as JSON.
+func (h Header) MarshalJSON() ([]byte, error) {
+	type Header struct {
+		Slot          common.Decimal `gencodec:"required" json:"slot"`
+		ProposerIndex common.Decimal `gencodec:"required" json:"proposer_index"`
+		ParentRoot    common.Hash    `gencodec:"required" json:"parent_root"`
+		StateRoot     common.Hash    `gencodec:"required" json:"state_root"`
+		BodyRoot      common.Hash    `gencodec:"required" json:"body_root"`
+	}
+	var enc Header
+	enc.Slot = common.Decimal(h.Slot)
+	enc.ProposerIndex = common.Decimal(h.ProposerIndex)
+	enc.ParentRoot = h.ParentRoot
+	enc.StateRoot = h.StateRoot
+	enc.BodyRoot = h.BodyRoot
+	return json.Marshal(&enc)
+}
+
+// UnmarshalJSON unmarshals from JSON.
+func (h *Header) UnmarshalJSON(input []byte) error {
+	type Header struct {
+		Slot          *common.Decimal `gencodec:"required" json:"slot"`
+		ProposerIndex *common.Decimal `gencodec:"required" json:"proposer_index"`
+		ParentRoot    *common.Hash    `gencodec:"required" json:"parent_root"`
+		StateRoot     *common.Hash    `gencodec:"required" json:"state_root"`
+		BodyRoot      *common.Hash    `gencodec:"required" json:"body_root"`
+	}
+	var dec Header
+	if err := json.Unmarshal(input, &dec); err != nil {
+		return err
+	}
+	if dec.Slot == nil {
+		return errors.New("missing required field 'slot' for Header")
+	}
+	h.Slot = uint64(*dec.Slot)
+	if dec.ProposerIndex == nil {
+		return errors.New("missing required field 'proposer_index' for Header")
+	}
+	h.ProposerIndex = uint64(*dec.ProposerIndex)
+	if dec.ParentRoot == nil {
+		return errors.New("missing required field 'parent_root' for Header")
+	}
+	h.ParentRoot = *dec.ParentRoot
+	if dec.StateRoot == nil {
+		return errors.New("missing required field 'state_root' for Header")
+	}
+	h.StateRoot = *dec.StateRoot
+	if dec.BodyRoot == nil {
+		return errors.New("missing required field 'body_root' for Header")
+	}
+	h.BodyRoot = *dec.BodyRoot
+	return nil
+}

beacon/types/gen_syncaggregate_json.go

@@ -0,0 +1,51 @@
+// Code generated by github.com/fjl/gencodec. DO NOT EDIT.
+
+package types
+
+import (
+	"encoding/json"
+	"errors"
+
+	"github.com/ethereum/go-ethereum/common/hexutil"
+)
+
+var _ = (*syncAggregateMarshaling)(nil)
+
+// MarshalJSON marshals as JSON.
+func (s SyncAggregate) MarshalJSON() ([]byte, error) {
+	type SyncAggregate struct {
+		Signers   hexutil.Bytes `gencodec:"required" json:"sync_committee_bits"`
+		Signature hexutil.Bytes `gencodec:"required" json:"sync_committee_signature"`
+	}
+	var enc SyncAggregate
+	enc.Signers = s.Signers[:]
+	enc.Signature = s.Signature[:]
+	return json.Marshal(&enc)
+}
+
+// UnmarshalJSON unmarshals from JSON.
+func (s *SyncAggregate) UnmarshalJSON(input []byte) error {
+	type SyncAggregate struct {
+		Signers   *hexutil.Bytes `gencodec:"required" json:"sync_committee_bits"`
+		Signature *hexutil.Bytes `gencodec:"required" json:"sync_committee_signature"`
+	}
+	var dec SyncAggregate
+	if err := json.Unmarshal(input, &dec); err != nil {
+		return err
+	}
+	if dec.Signers == nil {
+		return errors.New("missing required field 'sync_committee_bits' for SyncAggregate")
+	}
+	if len(*dec.Signers) != len(s.Signers) {
+		return errors.New("field 'sync_committee_bits' has wrong length, need 64 items")
+	}
+	copy(s.Signers[:], *dec.Signers)
+	if dec.Signature == nil {
+		return errors.New("missing required field 'sync_committee_signature' for SyncAggregate")
+	}
+	if len(*dec.Signature) != len(s.Signature) {
+		return errors.New("field 'sync_committee_signature' has wrong length, need 96 items")
+	}
+	copy(s.Signature[:], *dec.Signature)
+	return nil
+}

beacon/types/header.go

@@ -0,0 +1,121 @@
+// Copyright 2022 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+// Package types implements a few types of the beacon chain for light client usage.
+package types
+
+import (
+	"crypto/sha256"
+	"encoding/binary"
+
+	"github.com/ethereum/go-ethereum/beacon/merkle"
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/common"
+)
+
+//go:generate go run github.com/fjl/gencodec -type Header -field-override headerMarshaling -out gen_header_json.go
+
+const (
+	headerIndexSlot          = 8
+	headerIndexProposerIndex = 9
+	headerIndexParentRoot    = 10
+	headerIndexStateRoot     = 11
+	headerIndexBodyRoot      = 12
+)
+
+// Header defines a beacon header.
+//
+// See data structure definition here:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader
+type Header struct {
+	// Monotonically increasing slot number for the beacon block (may be gapped)
+	Slot uint64 `gencodec:"required" json:"slot"`
+
+	// Index into the validator table who created the beacon block
+	ProposerIndex uint64 `gencodec:"required" json:"proposer_index"`
+
+	// SSZ hash of the parent beacon header
+	ParentRoot common.Hash `gencodec:"required" json:"parent_root"`
+
+	// SSZ hash of the beacon state (https://github.com/ethereum/consensus-specs/blob/dev/specs/bellatrix/beacon-chain.md#beacon-state)
+	StateRoot common.Hash `gencodec:"required" json:"state_root"`
+
+	// SSZ hash of the beacon block body (https://github.com/ethereum/consensus-specs/blob/dev/specs/bellatrix/beacon-chain.md#beaconblockbody)
+	BodyRoot common.Hash `gencodec:"required" json:"body_root"`
+}
+
+// headerMarshaling is a field type overrides for gencodec.
+type headerMarshaling struct {
+	Slot          common.Decimal
+	ProposerIndex common.Decimal
+}
+
+// Hash calculates the block root of the header.
+//
+// TODO(zsfelfoldi): Remove this when an SSZ encoder lands.
+func (h *Header) Hash() common.Hash {
+	var values [16]merkle.Value // values corresponding to indices 8 to 15 of the beacon header tree
+	binary.LittleEndian.PutUint64(values[headerIndexSlot][:8], h.Slot)
+	binary.LittleEndian.PutUint64(values[headerIndexProposerIndex][:8], h.ProposerIndex)
+	values[headerIndexParentRoot] = merkle.Value(h.ParentRoot)
+	values[headerIndexStateRoot] = merkle.Value(h.StateRoot)
+	values[headerIndexBodyRoot] = merkle.Value(h.BodyRoot)
+	hasher := sha256.New()
+	for i := 7; i > 0; i-- {
+		hasher.Reset()
+		hasher.Write(values[i*2][:])
+		hasher.Write(values[i*2+1][:])
+		hasher.Sum(values[i][:0])
+	}
+	return common.Hash(values[1])
+}
+
+// Epoch returns the epoch the header belongs to.
+func (h *Header) Epoch() uint64 {
+	return h.Slot / params.EpochLength
+}
+
+// SyncPeriod returns the sync period the header belongs to.
+func (h *Header) SyncPeriod() uint64 {
+	return SyncPeriod(h.Slot)
+}
+
+// SyncPeriodStart returns the first slot of the given period.
+func SyncPeriodStart(period uint64) uint64 {
+	return period * params.SyncPeriodLength
+}
+
+// SyncPeriod returns the sync period that the given slot belongs to.
+func SyncPeriod(slot uint64) uint64 {
+	return slot / params.SyncPeriodLength
+}
+
+// SignedHeader represents a beacon header signed by a sync committee.
+//
+// This structure is created from either an optimistic update or an instant update:
+//   - https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/light-client/sync-protocol.md#lightclientoptimisticupdate
+//   - https://github.com/zsfelfoldi/beacon-APIs/blob/instant_update/apis/beacon/light_client/instant_update.yaml
+type SignedHeader struct {
+	// Beacon header being signed
+	Header Header
+
+	// Sync committee BLS signature aggregate
+	Signature SyncAggregate
+
+	// Slot in which the signature has been created (newer than Header.Slot,
+	// determines the signing sync committee)
+	SignatureSlot uint64
+}

beacon/types/light_sync.go

@@ -0,0 +1,136 @@
+// Copyright 2022 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package types
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/ethereum/go-ethereum/beacon/merkle"
+	"github.com/ethereum/go-ethereum/beacon/params"
+	"github.com/ethereum/go-ethereum/common"
+)
+
+// BootstrapData contains a sync committee where light sync can be started,
+// together with a proof through a beacon header and corresponding state.
+// Note: BootstrapData is fetched from a server based on a known checkpoint hash.
+type BootstrapData struct {
+	Header          Header
+	CommitteeRoot   common.Hash
+	Committee       *SerializedSyncCommittee `rlp:"-"`
+	CommitteeBranch merkle.Values
+}
+
+// Validate verifies the proof included in BootstrapData.
+func (c *BootstrapData) Validate() error {
+	if c.CommitteeRoot != c.Committee.Root() {
+		return errors.New("wrong committee root")
+	}
+	return merkle.VerifyProof(c.Header.StateRoot, params.StateIndexSyncCommittee, c.CommitteeBranch, merkle.Value(c.CommitteeRoot))
+}
+
+// LightClientUpdate is a proof of the next sync committee root based on a header
+// signed by the sync committee of the given period. Optionally, the update can
+// prove quasi-finality by the signed header referring to a previous, finalized
+// header from the same period, and the finalized header referring to the next
+// sync committee root.
+//
+// See data structure definition here:
+// https://github.com/ethereum/consensus-specs/blob/dev/specs/altair/light-client/sync-protocol.md#lightclientupdate
+type LightClientUpdate struct {
+	AttestedHeader          SignedHeader  // Arbitrary header out of the period signed by the sync committee
+	NextSyncCommitteeRoot   common.Hash   // Sync committee of the next period advertised in the current one
+	NextSyncCommitteeBranch merkle.Values // Proof for the next period's sync committee
+
+	FinalizedHeader *Header       `rlp:"nil"` // Optional header to announce a point of finality
+	FinalityBranch  merkle.Values // Proof for the announced finality
+
+	score *UpdateScore // Weight of the update to compare between competing ones
+}
+
+// Validate verifies the validity of the update.
+func (update *LightClientUpdate) Validate() error {
+	period := update.AttestedHeader.Header.SyncPeriod()
+	if SyncPeriod(update.AttestedHeader.SignatureSlot) != period {
+		return errors.New("signature slot and signed header are from different periods")
+	}
+	if update.FinalizedHeader != nil {
+		if update.FinalizedHeader.SyncPeriod() != period {
+			return errors.New("finalized header is from different period")
+		}
+		if err := merkle.VerifyProof(update.AttestedHeader.Header.StateRoot, params.StateIndexFinalBlock, update.FinalityBranch, merkle.Value(update.FinalizedHeader.Hash())); err != nil {
+			return fmt.Errorf("invalid finalized header proof: %w", err)
+		}
+	}
+	if err := merkle.VerifyProof(update.AttestedHeader.Header.StateRoot, params.StateIndexNextSyncCommittee, update.NextSyncCommitteeBranch, merkle.Value(update.NextSyncCommitteeRoot)); err != nil {
+		return fmt.Errorf("invalid next sync committee proof: %w", err)
+	}
+	return nil
+}
+
+// Score returns the UpdateScore describing the proof strength of the update
+// Note: thread safety can be ensured by always calling Score on a newly received
+// or decoded update before making it potentially available for other threads
+func (update *LightClientUpdate) Score() UpdateScore {
+	if update.score == nil {
+		update.score = &UpdateScore{
+			SignerCount:     uint32(update.AttestedHeader.Signature.SignerCount()),
+			SubPeriodIndex:  uint32(update.AttestedHeader.Header.Slot & 0x1fff),
+			FinalizedHeader: update.FinalizedHeader != nil,
+		}
+	}
+	return *update.score
+}
+
+// UpdateScore allows the comparison between updates at the same period in order
+// to find the best update chain that provides the strongest proof of being canonical.
+//
+// UpdateScores have a tightly packed binary encoding format for efficient p2p
+// protocol transmission. Each UpdateScore is encoded in 3 bytes.
+// When interpreted as a 24 bit little indian unsigned integer:
+//   - the lowest 10 bits contain the number of signers in the header signature aggregate
+//   - the next 13 bits contain the "sub-period index" which is he signed header's
+//     slot modulo params.SyncPeriodLength (which is correlated with the risk of the chain being
+//     re-orged before the previous period boundary in case of non-finalized updates)
+//   - the highest bit is set when the update is finalized (meaning that the finality
+//     header referenced by the signed header is in the same period as the signed
+//     header, making reorgs before the period boundary impossible
+type UpdateScore struct {
+	SignerCount     uint32 // number of signers in the header signature aggregate
+	SubPeriodIndex  uint32 // signed header's slot modulo params.SyncPeriodLength
+	FinalizedHeader bool   // update is considered finalized if has finalized header from the same period and 2/3 signatures
+}
+
+// finalized returns true if the update has a header signed by at least 2/3 of
+// the committee, referring to a finalized header that refers to the next sync
+// committee. This condition is a close approximation of the actual finality
+// condition that can only be verified by full beacon nodes.
+func (u *UpdateScore) finalized() bool {
+	return u.FinalizedHeader && u.SignerCount >= params.SyncCommitteeSupermajority
+}
+
+// BetterThan returns true if update u is considered better than w.
+func (u UpdateScore) BetterThan(w UpdateScore) bool {
+	var (
+		uFinalized = u.finalized()
+		wFinalized = w.finalized()
+	)
+	if uFinalized != wFinalized {
+		return uFinalized
+	}
+	return u.SignerCount > w.SignerCount
+}

build/checksums.txt

@@ -1,20 +1,30 @@
 # This file contains sha256 checksums of optional build dependencies.
 
-8e486e8e85a281fc5ce3f0bedc5b9d2dbf6276d7db0b25d3ec034f313da0375f  go1.19.5.src.tar.gz
-23d22bb6571bbd60197bee8aaa10e702f9802786c2e2ddce5c84527e86b66aa0  go1.19.5.darwin-amd64.tar.gz
-4a67f2bf0601afe2177eb58f825adf83509511d77ab79174db0712dc9efa16c8  go1.19.5.darwin-arm64.tar.gz
-b18a5e1e60130003896e1d1c8a9e142c7cccf6f5063d52c55dd42006434419c1  go1.19.5.freebsd-386.tar.gz
-317996f7427691ff3a7ffd1b6aa089b9c66cd76f32e9107443f2f6aad1bb568a  go1.19.5.freebsd-amd64.tar.gz
-f68331aa7458a3598060595f5601d5731fd452bb2c62ff23095ddad68854e510  go1.19.5.linux-386.tar.gz
-36519702ae2fd573c9869461990ae550c8c0d955cd28d2827a6b159fda81ff95  go1.19.5.linux-amd64.tar.gz
-fc0aa29c933cec8d76f5435d859aaf42249aa08c74eb2d154689ae44c08d23b3  go1.19.5.linux-arm64.tar.gz
-ec14f04bdaf4a62bdcf8b55b9b6434cc27c2df7d214d0bb7076a7597283b026a  go1.19.5.linux-armv6l.tar.gz
-e4032e7c52ebc48bad5c58ba8de0759b6091d9b1e59581a8a521c8c9d88dbe93  go1.19.5.linux-ppc64le.tar.gz
-764871cbca841a99a24e239b63c68a4aaff4104658e3165e9ca450cac1fcbea3  go1.19.5.linux-s390x.tar.gz
-8873f5871d996106b701febd979c5af022e6ea58bdbbb3817a28ab948b22c286  go1.19.5.windows-386.zip
-167db91a2e40aeb453d3e59d213ecab06f62e1c4a84d13a06ccda1d999961caa  go1.19.5.windows-amd64.zip
-85a75555e82d8aa6f486d8d29491c593389682acce9f0c270090d5938eee30ef  go1.19.5.windows-arm64.zip
+# version:spec-tests 1.0.6
+# https://github.com/ethereum/execution-spec-tests/releases
+# https://github.com/ethereum/execution-spec-tests/releases/download/v1.0.6/
+485af7b66cf41eb3a8c1bd46632913b8eb95995df867cf665617bbc9b4beedd1  fixtures_develop.tar.gz
 
+# version:golang 1.21.5
+# https://go.dev/dl/
+285cbbdf4b6e6e62ed58f370f3f6d8c30825d6e56c5853c66d3c23bcdb09db19  go1.21.5.src.tar.gz
+a2e1d5743e896e5fe1e7d96479c0a769254aed18cf216cf8f4c3a2300a9b3923  go1.21.5.darwin-amd64.tar.gz
+d0f8ac0c4fb3efc223a833010901d02954e3923cfe2c9a2ff0e4254a777cc9cc  go1.21.5.darwin-arm64.tar.gz
+2c05bbe0dc62456b90b7ddd354a54f373b7c377a98f8b22f52ab694b4f6cca58  go1.21.5.freebsd-386.tar.gz
+30b6c64e9a77129605bc12f836422bf09eec577a8c899ee46130aeff81567003  go1.21.5.freebsd-amd64.tar.gz
+8f4dba9cf5c61757bbd7e9ebdb93b6a30a1b03f4a636a1ba0cc2f27b907ab8e1  go1.21.5.linux-386.tar.gz
+e2bc0b3e4b64111ec117295c088bde5f00eeed1567999ff77bc859d7df70078e  go1.21.5.linux-amd64.tar.gz
+841cced7ecda9b2014f139f5bab5ae31785f35399f236b8b3e75dff2a2978d96  go1.21.5.linux-arm64.tar.gz
+837f4bf4e22fcdf920ffeaa4abf3d02d1314e03725431065f4d44c46a01b42fe  go1.21.5.linux-armv6l.tar.gz
+907b8c6ec4be9b184952e5d3493be66b1746442394a8bc78556c56834cd7c38b  go1.21.5.linux-ppc64le.tar.gz
+9c4a81b72ebe44368813cd03684e1080a818bf915d84163abae2ed325a1b2dc0  go1.21.5.linux-s390x.tar.gz
+6da2418889dfb37763d0eb149c4a8d728c029e12f0cd54fbca0a31ae547e2d34  go1.21.5.windows-386.zip
+bbe603cde7c9dee658f45164b4d06de1eff6e6e6b800100824e7c00d56a9a92f  go1.21.5.windows-amd64.zip
+9b7acca50e674294e43202df4fbc26d5af4d8bc3170a3342a1514f09a2dab5e9  go1.21.5.windows-arm64.zip
+
+# version:golangci 1.51.1
+# https://github.com/golangci/golangci-lint/releases/
+# https://github.com/golangci/golangci-lint/releases/download/v1.51.1/
 fba08acc4027f69f07cef48fbff70b8a7ecdfaa1c2aba9ad3fb31d60d9f5d4bc  golangci-lint-1.51.1-darwin-amd64.tar.gz
 75b8f0ff3a4e68147156be4161a49d4576f1be37a0b506473f8c482140c1e7f2  golangci-lint-1.51.1-darwin-arm64.tar.gz
 e06b3459aaed356e1667580be00b05f41f3b2e29685d12cdee571c23e1edb414  golangci-lint-1.51.1-freebsd-386.tar.gz
@@ -41,3 +51,14 @@ c4f58b7e227b9fd41f0e9310dc83f4a4e7d026598e2f6e95b78761081a6d9bd2  golangci-lint-
 eb57f9bcb56646f2e3d6ccaf02ec227815fb05077b2e0b1bf9e755805acdc2b9  golangci-lint-1.51.1-windows-arm64.zip
 bce02f7232723cb727755ee11f168a700a00896a25d37f87c4b173bce55596b4  golangci-lint-1.51.1-windows-armv6.zip
 cf6403f84707ce8c98664736772271bc8874f2e760c2fd0f00cf3e85963507e9  golangci-lint-1.51.1-windows-armv7.zip
+
+# This is the builder on PPA that will build Go itself (inception-y), don't modify!
+#
+# This version is fine to be old and full of security holes, we just use it
+# to build the latest Go. Don't change it. If it ever becomes insufficient,
+# we need to switch over to a recursive builder to jump across supported
+# versions.
+#
+# version:ppa-builder 1.19.6
+# https://go.dev/dl/
+d7f0013f82e6d7f862cc6cb5c8cdb48eef5f2e239b35baa97e2f1a7466043767  go1.19.6.src.tar.gz

build/ci.go

@@ -120,15 +120,15 @@ var (
 	// Distros for which packages are created.
 	// Note: vivid is unsupported because there is no golang-1.6 package for it.
 	// Note: the following Ubuntu releases have been officially deprecated on Launchpad:
-	//   wily, yakkety, zesty, artful, cosmic, disco, eoan, groovy, hirsuite, impish
+	//   wily, yakkety, zesty, artful, cosmic, disco, eoan, groovy, hirsuite, impish,
+	//   kinetic
 	debDistroGoBoots = map[string]string{
-		"trusty":  "golang-1.11", // EOL: 04/2024
-		"xenial":  "golang-go",   // EOL: 04/2026
-		"bionic":  "golang-go",   // EOL: 04/2028
-		"focal":   "golang-go",   // EOL: 04/2030
-		"jammy":   "golang-go",   // EOL: 04/2032
-		"kinetic": "golang-go",   // EOL: 07/2023
-		//"lunar": "golang-go",  // EOL: 01/2024
+		"trusty": "golang-1.11", // EOL: 04/2024
+		"xenial": "golang-go",   // EOL: 04/2026
+		"bionic": "golang-go",   // EOL: 04/2028
+		"focal":  "golang-go",   // EOL: 04/2030
+		"jammy":  "golang-go",   // EOL: 04/2032
+		"lunar":  "golang-go",   // EOL: 01/2024
 	}
 
 	debGoBootPaths = map[string]string{
@@ -136,10 +136,8 @@ var (
 		"golang-go":   "/usr/lib/go",
 	}
 
-	// This is the version of go that will be downloaded by
-	//
-	//     go run ci.go install -dlgo
-	dlgoVersion = "1.19.5"
+	// This is where the tests should be unpacked.
+	executionSpecTestsDir = "tests/spec-tests"
 )
 
 var GOBIN, _ = filepath.Abs(filepath.Join("build", "bin"))
@@ -177,6 +175,8 @@ func main() {
 		doWindowsInstaller(os.Args[2:])
 	case "purge":
 		doPurge(os.Args[2:])
+	case "sanitycheck":
+		doSanityCheck()
 	default:
 		log.Fatal("unknown command ", os.Args[1])
 	}
@@ -192,19 +192,23 @@ func doInstall(cmdline []string) {
 		staticlink = flag.Bool("static", false, "Create statically-linked executable")
 	)
 	flag.CommandLine.Parse(cmdline)
+	env := build.Env()
 
 	// Configure the toolchain.
 	tc := build.GoToolchain{GOARCH: *arch, CC: *cc}
 	if *dlgo {
 		csdb := build.MustLoadChecksums("build/checksums.txt")
-		tc.Root = build.DownloadGo(csdb, dlgoVersion)
+		tc.Root = build.DownloadGo(csdb)
 	}
-
 	// Disable CLI markdown doc generation in release builds.
 	buildTags := []string{"urfave_cli_no_docs"}
 
+	// Enable linking the CKZG library since we can make it work with additional flags.
+	if env.UbuntuVersion != "trusty" {
+		buildTags = append(buildTags, "ckzg")
+	}
+
 	// Configure the build.
-	env := build.Env()
 	gobuild := tc.Go("build", buildFlags(env, *staticlink, buildTags)...)
 
 	// arm64 CI builders are memory-constrained and can't handle concurrent builds,
@@ -213,7 +217,6 @@ func doInstall(cmdline []string) {
 	if env.CI && runtime.GOARCH == "arm64" {
 		gobuild.Args = append(gobuild.Args, "-p", "1")
 	}
-
 	// We use -trimpath to avoid leaking local paths into the built executables.
 	gobuild.Args = append(gobuild.Args, "-trimpath")
 
@@ -282,17 +285,31 @@ func doTest(cmdline []string) {
 		coverage = flag.Bool("coverage", false, "Whether to record code coverage")
 		verbose  = flag.Bool("v", false, "Whether to log verbosely")
 		race     = flag.Bool("race", false, "Execute the race detector")
+		short     = flag.Bool("short", false, "Pass the 'short'-flag to go test")
+		cachedir = flag.String("cachedir", "./build/cache", "directory for caching downloads")
 	)
 	flag.CommandLine.Parse(cmdline)
 
+	// Get test fixtures.
+	csdb := build.MustLoadChecksums("build/checksums.txt")
+	downloadSpecTestFixtures(csdb, *cachedir)
+
 	// Configure the toolchain.
 	tc := build.GoToolchain{GOARCH: *arch, CC: *cc}
 	if *dlgo {
-		csdb := build.MustLoadChecksums("build/checksums.txt")
-		tc.Root = build.DownloadGo(csdb, dlgoVersion)
+		tc.Root = build.DownloadGo(csdb)
 	}
 	gotest := tc.Go("test")
 
+	// CI needs a bit more time for the statetests (default 10m).
+	gotest.Args = append(gotest.Args, "-timeout=20m")
+
+	// Enable CKZG backend in CI.
+	gotest.Args = append(gotest.Args, "-tags=ckzg")
+
+	// Enable integration-tests
+	gotest.Args = append(gotest.Args, "-tags=integrationtests")
+
 	// Test a single package at a time. CI builders are slow
 	// and some tests run into timeouts under load.
 	gotest.Args = append(gotest.Args, "-p", "1")
@@ -305,6 +322,9 @@ func doTest(cmdline []string) {
 	if *race {
 		gotest.Args = append(gotest.Args, "-race")
 	}
+	if *short {
+		gotest.Args = append(gotest.Args, "-short")
+	}
 
 	packages := []string{"./..."}
 	if len(flag.CommandLine.Args()) > 0 {
@@ -314,6 +334,25 @@ func doTest(cmdline []string) {
 	build.MustRun(gotest)
 }
 
+// downloadSpecTestFixtures downloads and extracts the execution-spec-tests fixtures.
+func downloadSpecTestFixtures(csdb *build.ChecksumDB, cachedir string) string {
+	executionSpecTestsVersion, err := build.Version(csdb, "spec-tests")
+	if err != nil {
+		log.Fatal(err)
+	}
+	ext := ".tar.gz"
+	base := "fixtures_develop" // TODO(MariusVanDerWijden) rename once the version becomes part of the filename
+	url := fmt.Sprintf("https://github.com/ethereum/execution-spec-tests/releases/download/v%s/%s%s", executionSpecTestsVersion, base, ext)
+	archivePath := filepath.Join(cachedir, base+ext)
+	if err := csdb.DownloadFile(url, archivePath); err != nil {
+		log.Fatal(err)
+	}
+	if err := build.ExtractArchive(archivePath, executionSpecTestsDir); err != nil {
+		log.Fatal(err)
+	}
+	return filepath.Join(cachedir, base)
+}
+
 // doLint runs golangci-lint on requested packages.
 func doLint(cmdline []string) {
 	var (
@@ -327,15 +366,17 @@ func doLint(cmdline []string) {
 
 	linter := downloadLinter(*cachedir)
 	lflags := []string{"run", "--config", ".golangci.yml"}
-	build.MustRunCommand(linter, append(lflags, packages...)...)
+	build.MustRunCommandWithOutput(linter, append(lflags, packages...)...)
 	fmt.Println("You have achieved perfection.")
 }
 
 // downloadLinter downloads and unpacks golangci-lint.
 func downloadLinter(cachedir string) string {
-	const version = "1.51.1"
-
 	csdb := build.MustLoadChecksums("build/checksums.txt")
+	version, err := build.Version(csdb, "golangci")
+	if err != nil {
+		log.Fatal(err)
+	}
 	arch := runtime.GOARCH
 	ext := ".tar.gz"
 
@@ -457,10 +498,6 @@ func maybeSkipArchive(env build.Environment) {
 		log.Printf("skipping archive creation because this is a PR build")
 		os.Exit(0)
 	}
-	if env.IsCronJob {
-		log.Printf("skipping archive creation because this is a cron job")
-		os.Exit(0)
-	}
 	if env.Branch != "master" && !strings.HasPrefix(env.Tag, "v1.") {
 		log.Printf("skipping archive creation because branch %q, tag %q is not on the inclusion list", env.Branch, env.Tag)
 		os.Exit(0)
@@ -655,10 +692,11 @@ func doDebianSource(cmdline []string) {
 		gpg.Stdin = bytes.NewReader(key)
 		build.MustRun(gpg)
 	}
-
-	// Download and verify the Go source package.
-	gobundle := downloadGoSources(*cachedir)
-
+	// Download and verify the Go source packages.
+	var (
+		gobootbundle = downloadGoBootstrapSources(*cachedir)
+		gobundle     = downloadGoSources(*cachedir)
+	)
 	// Download all the dependencies needed to build the sources and run the ci script
 	srcdepfetch := tc.Go("mod", "download")
 	srcdepfetch.Env = append(srcdepfetch.Env, "GOPATH="+filepath.Join(*workdir, "modgopath"))
@@ -675,12 +713,19 @@ func doDebianSource(cmdline []string) {
 			meta := newDebMetadata(distro, goboot, *signer, env, now, pkg.Name, pkg.Version, pkg.Executables)
 			pkgdir := stageDebianSource(*workdir, meta)
 
-			// Add Go source code
+			// Add bootstrapper Go source code
+			if err := build.ExtractArchive(gobootbundle, pkgdir); err != nil {
+				log.Fatalf("Failed to extract bootstrapper Go sources: %v", err)
+			}
+			if err := os.Rename(filepath.Join(pkgdir, "go"), filepath.Join(pkgdir, ".goboot")); err != nil {
+				log.Fatalf("Failed to rename bootstrapper Go source folder: %v", err)
+			}
+			// Add builder Go source code
 			if err := build.ExtractArchive(gobundle, pkgdir); err != nil {
-				log.Fatalf("Failed to extract Go sources: %v", err)
+				log.Fatalf("Failed to extract builder Go sources: %v", err)
 			}
 			if err := os.Rename(filepath.Join(pkgdir, "go"), filepath.Join(pkgdir, ".go")); err != nil {
-				log.Fatalf("Failed to rename Go source folder: %v", err)
+				log.Fatalf("Failed to rename builder Go source folder: %v", err)
 			}
 			// Add all dependency modules in compressed form
 			os.MkdirAll(filepath.Join(pkgdir, ".mod", "cache"), 0755)
@@ -709,9 +754,30 @@ func doDebianSource(cmdline []string) {
 	}
 }
 
+// downloadGoBootstrapSources downloads the Go source tarball that will be used
+// to bootstrap the builder Go.
+func downloadGoBootstrapSources(cachedir string) string {
+	csdb := build.MustLoadChecksums("build/checksums.txt")
+	gobootVersion, err := build.Version(csdb, "ppa-builder")
+	if err != nil {
+		log.Fatal(err)
+	}
+	file := fmt.Sprintf("go%s.src.tar.gz", gobootVersion)
+	url := "https://dl.google.com/go/" + file
+	dst := filepath.Join(cachedir, file)
+	if err := csdb.DownloadFile(url, dst); err != nil {
+		log.Fatal(err)
+	}
+	return dst
+}
+
 // downloadGoSources downloads the Go source tarball.
 func downloadGoSources(cachedir string) string {
 	csdb := build.MustLoadChecksums("build/checksums.txt")
+	dlgoVersion, err := build.Version(csdb, "golang")
+	if err != nil {
+		log.Fatal(err)
+	}
 	file := fmt.Sprintf("go%s.src.tar.gz", dlgoVersion)
 	url := "https://dl.google.com/go/" + file
 	dst := filepath.Join(cachedir, file)
@@ -1038,3 +1104,7 @@ func doPurge(cmdline []string) {
 		log.Fatal(err)
 	}
 }
+
+func doSanityCheck() {
+	build.DownloadAndVerifyChecksums(build.MustLoadChecksums("build/checksums.txt"))
+}

build/deb/ethereum/deb.rules

@@ -16,7 +16,11 @@ override_dh_auto_build:
 	# We can't download a fresh Go within Launchpad, so we're shipping and building
 	# one on the fly. However, we can't build it inside the go-ethereum folder as
 	# bootstrapping clashes with go modules, so build in a sibling folder.
-	(mv .go ../ && cd ../.go/src && ./make.bash)
+	#
+	# We're also shipping the bootstrapper as of Go 1.20 as it had minimum version
+	# requirements opposed to older versions of Go.
+	(mv .goboot ../ && cd ../.goboot/src && ./make.bash)
+	(mv .go ../ && cd ../.go/src && GOROOT_BOOTSTRAP=`pwd`/../../.goboot ./make.bash)
 
 	# We can't download external go modules within Launchpad, so we're shipping the
 	# entire dependency source cache with go-ethereum.
@@ -24,7 +28,7 @@ override_dh_auto_build:
 	mv .mod $(GOPATH)/pkg/mod
 
 	# A fresh Go was built, all dependency downloads faked, hope build works now
-	../.go/bin/go run build/ci.go install -git-commit={{.Env.Commit}} -git-branch={{.Env.Branch}} -git-tag={{.Env.Tag}} -buildnum={{.Env.Buildnum}} -pull-request={{.Env.IsPullRequest}}
+	../.go/bin/go run build/ci.go install -git-commit={{.Env.Commit}} -git-branch={{.Env.Branch}} -git-tag={{.Env.Tag}} -buildnum={{.Env.Buildnum}} -pull-request={{.Env.IsPullRequest}} -ubuntu {{.Distro}}
 
 override_dh_auto_test:
 

build/update-license.go

@@ -46,12 +46,13 @@ import (
 	"path/filepath"
 	"regexp"
 	"runtime"
-	"sort"
 	"strconv"
 	"strings"
 	"sync"
 	"text/template"
 	"time"
+
+	"golang.org/x/exp/slices"
 )
 
 var (
@@ -64,10 +65,8 @@ var (
 		"vendor/", "tests/testdata/", "build/",
 
 		// don't relicense vendored sources
-		"cmd/internal/browser",
 		"common/bitutil/bitutil",
 		"common/prque/",
-		"consensus/ethash/xor.go",
 		"crypto/blake2b/",
 		"crypto/bn256/",
 		"crypto/bls12381/",
@@ -77,6 +76,7 @@ var (
 		"log/",
 		"metrics/",
 		"signer/rules/deps",
+		"internal/reexec",
 
 		// skip special licenses
 		"crypto/secp256k1", // Relicensed to BSD-3 via https://github.com/ethereum/go-ethereum/pull/17225
@@ -152,13 +152,6 @@ func (i info) gpl() bool {
 	return false
 }
 
-// authors implements the sort.Interface for strings in case-insensitive mode.
-type authors []string
-
-func (as authors) Len() int           { return len(as) }
-func (as authors) Less(i, j int) bool { return strings.ToLower(as[i]) < strings.ToLower(as[j]) }
-func (as authors) Swap(i, j int)      { as[i], as[j] = as[j], as[i] }
-
 func main() {
 	var (
 		files = getFiles()
@@ -299,7 +292,9 @@ func writeAuthors(files []string) {
 		}
 	}
 	// Write sorted list of authors back to the file.
-	sort.Sort(authors(list))
+	slices.SortFunc(list, func(a, b string) bool {
+		return strings.ToLower(a) < strings.ToLower(b)
+	})
 	content := new(bytes.Buffer)
 	content.WriteString(authorsFileHeader)
 	for _, a := range list {

cmd/abigen/main.go

@@ -232,7 +232,7 @@ func abigen(c *cli.Context) error {
 }
 
 func main() {
-	log.Root().SetHandler(log.LvlFilterHandler(log.LvlInfo, log.StreamHandler(os.Stderr, log.TerminalFormat(true))))
+	log.SetDefault(log.NewLogger(log.NewTerminalHandlerWithLevel(os.Stderr, log.LevelInfo, true)))
 
 	if err := app.Run(os.Args); err != nil {
 		fmt.Fprintln(os.Stderr, err)

cmd/abigen/namefilter_test.go

@@ -8,6 +8,7 @@ import (
 )
 
 func TestNameFilter(t *testing.T) {
+	t.Parallel()
 	_, err := newNameFilter("Foo")
 	require.Error(t, err)
 	_, err = newNameFilter("too/many:colons:Foo")

cmd/bootnode/main.go

@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"net"
 	"os"
+	"time"
 
 	"github.com/ethereum/go-ethereum/cmd/utils"
 	"github.com/ethereum/go-ethereum/crypto"
@@ -43,7 +44,7 @@ func main() {
 		natdesc     = flag.String("nat", "none", "port mapping mechanism (any|none|upnp|pmp|pmp:<IP>|extip:<IP>)")
 		netrestrict = flag.String("netrestrict", "", "restrict network communication to the given IP networks (CIDR masks)")
 		runv5       = flag.Bool("v5", false, "run a v5 topic discovery bootnode")
-		verbosity   = flag.Int("verbosity", int(log.LvlInfo), "log verbosity (0-5)")
+		verbosity   = flag.Int("verbosity", 3, "log verbosity (0-5)")
 		vmodule     = flag.String("vmodule", "", "log verbosity pattern")
 
 		nodeKey *ecdsa.PrivateKey
@@ -51,10 +52,11 @@ func main() {
 	)
 	flag.Parse()
 
-	glogger := log.NewGlogHandler(log.StreamHandler(os.Stderr, log.TerminalFormat(false)))
-	glogger.Verbosity(log.Lvl(*verbosity))
+	glogger := log.NewGlogHandler(log.NewTerminalHandler(os.Stderr, false))
+	slogVerbosity := log.FromLegacyLevel(*verbosity)
+	glogger.Verbosity(slogVerbosity)
 	glogger.Vmodule(*vmodule)
-	log.Root().SetHandler(glogger)
+	log.SetDefault(log.NewLogger(glogger))
 
 	natm, err := nat.Parse(*natdesc)
 	if err != nil {
@@ -107,21 +109,20 @@ func main() {
 	if err != nil {
 		utils.Fatalf("-ListenUDP: %v", err)
 	}
-
-	realaddr := conn.LocalAddr().(*net.UDPAddr)
-	if natm != nil {
-		if !realaddr.IP.IsLoopback() {
-			go nat.Map(natm, nil, "udp", realaddr.Port, realaddr.Port, "ethereum discovery")
-		}
-		if ext, err := natm.ExternalIP(); err == nil {
-			realaddr = &net.UDPAddr{IP: ext, Port: realaddr.Port}
-		}
-	}
-
-	printNotice(&nodeKey.PublicKey, *realaddr)
+	defer conn.Close()
 
 	db, _ := enode.OpenDB("")
 	ln := enode.NewLocalNode(db, nodeKey)
+
+	listenerAddr := conn.LocalAddr().(*net.UDPAddr)
+	if natm != nil && !listenerAddr.IP.IsLoopback() {
+		natAddr := doPortMapping(natm, ln, listenerAddr)
+		if natAddr != nil {
+			listenerAddr = natAddr
+		}
+	}
+
+	printNotice(&nodeKey.PublicKey, *listenerAddr)
 	cfg := discover.Config{
 		PrivateKey:  nodeKey,
 		NetRestrict: restrictList,
@@ -148,3 +149,61 @@ func printNotice(nodeKey *ecdsa.PublicKey, addr net.UDPAddr) {
 	fmt.Println("Note: you're using cmd/bootnode, a developer tool.")
 	fmt.Println("We recommend using a regular node as bootstrap node for production deployments.")
 }
+
+func doPortMapping(natm nat.Interface, ln *enode.LocalNode, addr *net.UDPAddr) *net.UDPAddr {
+	const (
+		protocol = "udp"
+		name     = "ethereum discovery"
+	)
+	newLogger := func(external int, internal int) log.Logger {
+		return log.New("proto", protocol, "extport", external, "intport", internal, "interface", natm)
+	}
+
+	var (
+		intport    = addr.Port
+		extaddr    = &net.UDPAddr{IP: addr.IP, Port: addr.Port}
+		mapTimeout = nat.DefaultMapTimeout
+		log        = newLogger(addr.Port, intport)
+	)
+	addMapping := func() {
+		// Get the external address.
+		var err error
+		extaddr.IP, err = natm.ExternalIP()
+		if err != nil {
+			log.Debug("Couldn't get external IP", "err", err)
+			return
+		}
+		// Create the mapping.
+		p, err := natm.AddMapping(protocol, extaddr.Port, intport, name, mapTimeout)
+		if err != nil {
+			log.Debug("Couldn't add port mapping", "err", err)
+			return
+		}
+		if p != uint16(extaddr.Port) {
+			extaddr.Port = int(p)
+			log = newLogger(extaddr.Port, intport)
+			log.Info("NAT mapped alternative port")
+		} else {
+			log.Info("NAT mapped port")
+		}
+		// Update IP/port information of the local node.
+		ln.SetStaticIP(extaddr.IP)
+		ln.SetFallbackUDP(extaddr.Port)
+	}
+
+	// Perform mapping once, synchronously.
+	log.Info("Attempting port mapping")
+	addMapping()
+
+	// Refresh the mapping periodically.
+	go func() {
+		refresh := time.NewTimer(mapTimeout)
+		defer refresh.Stop()
+		for range refresh.C {
+			addMapping()
+			refresh.Reset(mapTimeout)
+		}
+	}()
+
+	return extaddr
+}

cmd/checkpoint-admin/README.md

@@ -1,103 +0,0 @@
-## Checkpoint-admin
-
-Checkpoint-admin is a tool for updating checkpoint oracle status. It provides a series of functions including deploying checkpoint oracle contract, signing for new checkpoints, and updating checkpoints in the checkpoint oracle contract.
-
-### Checkpoint
-
-In the LES protocol, there is an important concept called checkpoint. In simple terms, whenever a certain number of blocks are generated on the blockchain, a new checkpoint is generated which contains some important information such as
-
-* Block hash at checkpoint
-* Canonical hash trie root at checkpoint
-* Bloom trie root at checkpoint
-
-*For a more detailed introduction to checkpoint, please see the LES [spec](https://github.com/ethereum/devp2p/blob/master/caps/les.md).*
-
-Using this information, light clients can skip all historical block headers when synchronizing data and start synchronization from this checkpoint. Therefore, as long as the light client can obtain some latest and correct checkpoints, the amount of data and time for synchronization will be greatly reduced.
-
-However, from a security perspective, the most critical step in a synchronization algorithm based on checkpoints is to determine whether the checkpoint used by the light client is correct. Otherwise, all blockchain data synchronized based on this checkpoint may be wrong. For this we provide two different ways to ensure the correctness of the checkpoint used by the light client.
-
-#### Hardcoded checkpoint
-
-There are several hardcoded checkpoints in the [source code](https://github.com/ethereum/go-ethereum/blob/master/params/config.go#L38) of the go-ethereum project. These checkpoints are updated by go-ethereum developers when new versions of software are released. Because light client users trust Geth developers to some extent, hardcoded checkpoints in the code can also be considered correct.
-
-#### Checkpoint oracle
-
-Hardcoded checkpoints can solve the problem of verifying the correctness of checkpoints (although this is a more centralized solution). But the pain point of this solution is that developers can only update checkpoints when a new version of software is released. In addition, light client users usually do not keep the Geth version they use always up to date. So hardcoded checkpoints used by users are generally stale. Therefore, it still needs to download a large amount of blockchain data during synchronization.
-
-Checkpoint oracle is a more flexible solution. In simple terms, this is a smart contract that is deployed on the blockchain. The smart contract records several designated trusted signers. Whenever enough trusted signers have issued their signatures for the same checkpoint, it can be considered that the checkpoint has been authenticated by the signers. Checkpoints authenticated by trusted signers can be considered correct.
-
-So this way, even without updating the software version, as long as the trusted signers regularly update the checkpoint in oracle on time, the light client can always use the latest and verified checkpoint for data synchronization.
-
-### Usage
-
-Checkpoint-admin is a command line tool designed for checkpoint oracle. Users can easily deploy contracts and update checkpoints through this tool.
-
-#### Install
-
-```shell
-go get github.com/ethereum/go-ethereum/cmd/checkpoint-admin
-```
-
-#### Deploy
-
-Deploy checkpoint oracle contract. `--signers` indicates the specified trusted signer, and `--threshold` indicates the minimum number of signatures required by trusted signers to update a checkpoint.
-
-```shell
-checkpoint-admin deploy --rpc <NODE_RPC_ENDPOINT> --clef <CLEF_ENDPOINT> --signer <SIGNER_TO_SIGN_TX> --signers <TRUSTED_SIGNER_LIST> --threshold 1
-```
-
-It is worth noting that checkpoint-admin only supports clef as a signer for transactions and plain text(checkpoint). For more clef usage, please see the clef [tutorial](https://geth.ethereum.org/docs/clef/tutorial) .
-
-#### Sign
-
-Checkpoint-admin provides two different modes of signing. You can automatically obtain the current stable checkpoint and sign it interactively, and you can also use the information provided by the command line flags to sign checkpoint offline.
-
-**Interactive mode**
-
-```shell
-checkpoint-admin sign --clef <CLEF_ENDPOINT> --signer <SIGNER_TO_SIGN_CHECKPOINT> --rpc <NODE_RPC_ENDPOINT>
-```
-
-*It is worth noting that the connected Geth node can be a fullnode or a light client. If it is fullnode, you must enable the LES protocol. E.G. add `--light.serv 50` to the startup command line flags*.
-
-**Offline mode**
-
-```shell
-checkpoint-admin sign --clef <CLEF_ENDPOINT> --signer <SIGNER_TO_SIGN_CHECKPOINT> --index <CHECKPOINT_INDEX> --hash <CHECKPOINT_HASH> --oracle <CHECKPOINT_ORACLE_ADDRESS>
-```
-
-*CHECKPOINT_HASH is obtained based on this [calculation method](https://github.com/ethereum/go-ethereum/blob/master/params/config.go#L251).*
-
-#### Publish
-
-Collect enough signatures from different trusted signers for the same checkpoint and submit them to oracle to update the "authenticated" checkpoint in the contract.
-
-```shell
-checkpoint-admin publish --clef <CLEF_ENDPOINT> --rpc <NODE_RPC_ENDPOINT> --signer <SIGNER_TO_SIGN_TX> --index <CHECKPOINT_INDEX> --signatures <CHECKPOINT_SIGNATURE_LIST>
-```
-
-#### Status query
-
-Check the latest status of checkpoint oracle.
-
-```shell
-checkpoint-admin status --rpc <NODE_RPC_ENDPOINT>
-```
-
-### Enable checkpoint oracle in your private network
-
-Currently, only the Ethereum mainnet and the default supported test networks (rinkeby, goerli) activate this feature. If you want to activate this feature in your private network, you can overwrite the relevant checkpoint oracle settings through the configuration file after deploying the oracle contract.
-
-* Get your node configuration file `geth dumpconfig OTHER_COMMAND_LINE_OPTIONS > config.toml`
-* Edit the configuration file and add the following information
-
-```toml
-[Eth.CheckpointOracle]
-Address = CHECKPOINT_ORACLE_ADDRESS
-Signers = [TRUSTED_SIGNER_1, ..., TRUSTED_SIGNER_N]
-Threshold = THRESHOLD
-```
-
-* Start geth with the modified configuration file
-
-*In the private network, all fullnodes and light clients need to be started using the same checkpoint oracle settings.*

cmd/checkpoint-admin/common.go

@@ -1,120 +0,0 @@
-// Copyright 2019 The go-ethereum Authors
-// This file is part of go-ethereum.
-//
-// go-ethereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// go-ethereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"strconv"
-
-	"github.com/ethereum/go-ethereum/accounts"
-	"github.com/ethereum/go-ethereum/accounts/abi/bind"
-	"github.com/ethereum/go-ethereum/accounts/external"
-	"github.com/ethereum/go-ethereum/cmd/utils"
-	"github.com/ethereum/go-ethereum/common"
-	"github.com/ethereum/go-ethereum/contracts/checkpointoracle"
-	"github.com/ethereum/go-ethereum/ethclient"
-	"github.com/ethereum/go-ethereum/params"
-	"github.com/ethereum/go-ethereum/rpc"
-	"github.com/urfave/cli/v2"
-)
-
-// newClient creates a client with specified remote URL.
-func newClient(ctx *cli.Context) *ethclient.Client {
-	client, err := ethclient.Dial(ctx.String(nodeURLFlag.Name))
-	if err != nil {
-		utils.Fatalf("Failed to connect to Ethereum node: %v", err)
-	}
-	return client
-}
-
-// newRPCClient creates a rpc client with specified node URL.
-func newRPCClient(url string) *rpc.Client {
-	client, err := rpc.Dial(url)
-	if err != nil {
-		utils.Fatalf("Failed to connect to Ethereum node: %v", err)
-	}
-	return client
-}
-
-// getContractAddr retrieves the register contract address through
-// rpc request.
-func getContractAddr(client *rpc.Client) common.Address {
-	var addr string
-	if err := client.Call(&addr, "les_getCheckpointContractAddress"); err != nil {
-		utils.Fatalf("Failed to fetch checkpoint oracle address: %v", err)
-	}
-	return common.HexToAddress(addr)
-}
-
-// getCheckpoint retrieves the specified checkpoint or the latest one
-// through rpc request.
-func getCheckpoint(ctx *cli.Context, client *rpc.Client) *params.TrustedCheckpoint {
-	var checkpoint *params.TrustedCheckpoint
-
-	if ctx.IsSet(indexFlag.Name) {
-		var result [3]string
-		index := uint64(ctx.Int64(indexFlag.Name))
-		if err := client.Call(&result, "les_getCheckpoint", index); err != nil {
-			utils.Fatalf("Failed to get local checkpoint %v, please ensure the les API is exposed", err)
-		}
-		checkpoint = &params.TrustedCheckpoint{
-			SectionIndex: index,
-			SectionHead:  common.HexToHash(result[0]),
-			CHTRoot:      common.HexToHash(result[1]),
-			BloomRoot:    common.HexToHash(result[2]),
-		}
-	} else {
-		var result [4]string
-		err := client.Call(&result, "les_latestCheckpoint")
-		if err != nil {
-			utils.Fatalf("Failed to get local checkpoint %v, please ensure the les API is exposed", err)
-		}
-		index, err := strconv.ParseUint(result[0], 0, 64)
-		if err != nil {
-			utils.Fatalf("Failed to parse checkpoint index %v", err)
-		}
-		checkpoint = &params.TrustedCheckpoint{
-			SectionIndex: index,
-			SectionHead:  common.HexToHash(result[1]),
-			CHTRoot:      common.HexToHash(result[2]),
-			BloomRoot:    common.HexToHash(result[3]),
-		}
-	}
-	return checkpoint
-}
-
-// newContract creates a registrar contract instance with specified
-// contract address or the default contracts for mainnet or testnet.
-func newContract(client *rpc.Client) (common.Address, *checkpointoracle.CheckpointOracle) {
-	addr := getContractAddr(client)
-	if addr == (common.Address{}) {
-		utils.Fatalf("No specified registrar contract address")
-	}
-	contract, err := checkpointoracle.NewCheckpointOracle(addr, ethclient.NewClient(client))
-	if err != nil {
-		utils.Fatalf("Failed to setup registrar contract %s: %v", addr, err)
-	}
-	return addr, contract
-}
-
-// newClefSigner sets up a clef backend and returns a clef transaction signer.
-func newClefSigner(ctx *cli.Context) *bind.TransactOpts {
-	clef, err := external.NewExternalSigner(ctx.String(clefURLFlag.Name))
-	if err != nil {
-		utils.Fatalf("Failed to create clef signer %v", err)
-	}
-	return bind.NewClefTransactor(clef, accounts.Account{Address: common.HexToAddress(ctx.String(signerFlag.Name))})
-}

cmd/checkpoint-admin/exec.go

@@ -1,311 +0,0 @@
-// Copyright 2019 The go-ethereum Authors
-// This file is part of go-ethereum.
-//
-// go-ethereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// go-ethereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"bytes"
-	"context"
-	"encoding/binary"
-	"fmt"
-	"math/big"
-	"strings"
-	"time"
-
-	"github.com/ethereum/go-ethereum/accounts"
-	"github.com/ethereum/go-ethereum/cmd/utils"
-	"github.com/ethereum/go-ethereum/common"
-	"github.com/ethereum/go-ethereum/common/hexutil"
-	"github.com/ethereum/go-ethereum/contracts/checkpointoracle"
-	"github.com/ethereum/go-ethereum/contracts/checkpointoracle/contract"
-	"github.com/ethereum/go-ethereum/crypto"
-	"github.com/ethereum/go-ethereum/ethclient"
-	"github.com/ethereum/go-ethereum/log"
-	"github.com/ethereum/go-ethereum/params"
-	"github.com/ethereum/go-ethereum/rpc"
-	"github.com/urfave/cli/v2"
-)
-
-var commandDeploy = &cli.Command{
-	Name:  "deploy",
-	Usage: "Deploy a new checkpoint oracle contract",
-	Flags: []cli.Flag{
-		nodeURLFlag,
-		clefURLFlag,
-		signerFlag,
-		signersFlag,
-		thresholdFlag,
-	},
-	Action: deploy,
-}
-
-var commandSign = &cli.Command{
-	Name:  "sign",
-	Usage: "Sign the checkpoint with the specified key",
-	Flags: []cli.Flag{
-		nodeURLFlag,
-		clefURLFlag,
-		signerFlag,
-		indexFlag,
-		hashFlag,
-		oracleFlag,
-	},
-	Action: sign,
-}
-
-var commandPublish = &cli.Command{
-	Name:  "publish",
-	Usage: "Publish a checkpoint into the oracle",
-	Flags: []cli.Flag{
-		nodeURLFlag,
-		clefURLFlag,
-		signerFlag,
-		indexFlag,
-		signaturesFlag,
-	},
-	Action: publish,
-}
-
-// deploy deploys the checkpoint registrar contract.
-//
-// Note the network where the contract is deployed depends on
-// the network where the connected node is located.
-func deploy(ctx *cli.Context) error {
-	// Gather all the addresses that should be permitted to sign
-	var addrs []common.Address
-	for _, account := range strings.Split(ctx.String(signersFlag.Name), ",") {
-		if trimmed := strings.TrimSpace(account); !common.IsHexAddress(trimmed) {
-			utils.Fatalf("Invalid account in --signers: '%s'", trimmed)
-		}
-		addrs = append(addrs, common.HexToAddress(account))
-	}
-	// Retrieve and validate the signing threshold
-	needed := ctx.Int(thresholdFlag.Name)
-	if needed == 0 || needed > len(addrs) {
-		utils.Fatalf("Invalid signature threshold %d", needed)
-	}
-	// Print a summary to ensure the user understands what they're signing
-	fmt.Printf("Deploying new checkpoint oracle:\n\n")
-	for i, addr := range addrs {
-		fmt.Printf("Admin %d => %s\n", i+1, addr.Hex())
-	}
-	fmt.Printf("\nSignatures needed to publish: %d\n", needed)
-
-	// setup clef signer, create an abigen transactor and an RPC client
-	transactor, client := newClefSigner(ctx), newClient(ctx)
-
-	// Deploy the checkpoint oracle
-	fmt.Println("Sending deploy request to Clef...")
-	oracle, tx, _, err := contract.DeployCheckpointOracle(transactor, client, addrs, big.NewInt(int64(params.CheckpointFrequency)),
-		big.NewInt(int64(params.CheckpointProcessConfirmations)), big.NewInt(int64(needed)))
-	if err != nil {
-		utils.Fatalf("Failed to deploy checkpoint oracle %v", err)
-	}
-	log.Info("Deployed checkpoint oracle", "address", oracle, "tx", tx.Hash().Hex())
-
-	return nil
-}
-
-// sign creates the signature for specific checkpoint
-// with local key. Only contract admins have the permission to
-// sign checkpoint.
-func sign(ctx *cli.Context) error {
-	var (
-		offline bool // The indicator whether we sign checkpoint by offline.
-		chash   common.Hash
-		cindex  uint64
-		address common.Address
-
-		node   *rpc.Client
-		oracle *checkpointoracle.CheckpointOracle
-	)
-	if !ctx.IsSet(nodeURLFlag.Name) {
-		// Offline mode signing
-		offline = true
-		if !ctx.IsSet(hashFlag.Name) {
-			utils.Fatalf("Please specify the checkpoint hash (--hash) to sign in offline mode")
-		}
-		chash = common.HexToHash(ctx.String(hashFlag.Name))
-
-		if !ctx.IsSet(indexFlag.Name) {
-			utils.Fatalf("Please specify checkpoint index (--index) to sign in offline mode")
-		}
-		cindex = ctx.Uint64(indexFlag.Name)
-
-		if !ctx.IsSet(oracleFlag.Name) {
-			utils.Fatalf("Please specify oracle address (--oracle) to sign in offline mode")
-		}
-		address = common.HexToAddress(ctx.String(oracleFlag.Name))
-	} else {
-		// Interactive mode signing, retrieve the data from the remote node
-		node = newRPCClient(ctx.String(nodeURLFlag.Name))
-
-		checkpoint := getCheckpoint(ctx, node)
-		chash, cindex, address = checkpoint.Hash(), checkpoint.SectionIndex, getContractAddr(node)
-
-		// Check the validity of checkpoint
-		reqCtx, cancelFn := context.WithTimeout(context.Background(), 10*time.Second)
-		defer cancelFn()
-
-		head, err := ethclient.NewClient(node).HeaderByNumber(reqCtx, nil)
-		if err != nil {
-			return err
-		}
-		num := head.Number.Uint64()
-		if num < ((cindex+1)*params.CheckpointFrequency + params.CheckpointProcessConfirmations) {
-			utils.Fatalf("Invalid future checkpoint")
-		}
-		_, oracle = newContract(node)
-		latest, _, h, err := oracle.Contract().GetLatestCheckpoint(nil)
-		if err != nil {
-			return err
-		}
-		if cindex < latest {
-			utils.Fatalf("Checkpoint is too old")
-		}
-		if cindex == latest && (latest != 0 || h.Uint64() != 0) {
-			utils.Fatalf("Stale checkpoint, latest registered %d, given %d", latest, cindex)
-		}
-	}
-	var (
-		signature string
-		signer    string
-	)
-	// isAdmin checks whether the specified signer is admin.
-	isAdmin := func(addr common.Address) error {
-		signers, err := oracle.Contract().GetAllAdmin(nil)
-		if err != nil {
-			return err
-		}
-		for _, s := range signers {
-			if s == addr {
-				return nil
-			}
-		}
-		return fmt.Errorf("signer %v is not the admin", addr.Hex())
-	}
-	// Print to the user the data thy are about to sign
-	fmt.Printf("Oracle     => %s\n", address.Hex())
-	fmt.Printf("Index %4d => %s\n", cindex, chash.Hex())
-
-	// Sign checkpoint in clef mode.
-	signer = ctx.String(signerFlag.Name)
-
-	if !offline {
-		if err := isAdmin(common.HexToAddress(signer)); err != nil {
-			return err
-		}
-	}
-	clef := newRPCClient(ctx.String(clefURLFlag.Name))
-	p := make(map[string]string)
-	buf := make([]byte, 8)
-	binary.BigEndian.PutUint64(buf, cindex)
-	p["address"] = address.Hex()
-	p["message"] = hexutil.Encode(append(buf, chash.Bytes()...))
-
-	fmt.Println("Sending signing request to Clef...")
-	if err := clef.Call(&signature, "account_signData", accounts.MimetypeDataWithValidator, signer, p); err != nil {
-		utils.Fatalf("Failed to sign checkpoint, err %v", err)
-	}
-	fmt.Printf("Signer     => %s\n", signer)
-	fmt.Printf("Signature  => %s\n", signature)
-	return nil
-}
-
-// sighash calculates the hash of the data to sign for the checkpoint oracle.
-func sighash(index uint64, oracle common.Address, hash common.Hash) []byte {
-	buf := make([]byte, 8)
-	binary.BigEndian.PutUint64(buf, index)
-
-	data := append([]byte{0x19, 0x00}, append(oracle[:], append(buf, hash[:]...)...)...)
-	return crypto.Keccak256(data)
-}
-
-// ecrecover calculates the sender address from a sighash and signature combo.
-func ecrecover(sighash []byte, sig []byte) common.Address {
-	sig[64] -= 27
-	defer func() { sig[64] += 27 }()
-
-	signer, err := crypto.SigToPub(sighash, sig)
-	if err != nil {
-		utils.Fatalf("Failed to recover sender from signature %x: %v", sig, err)
-	}
-	return crypto.PubkeyToAddress(*signer)
-}
-
-// publish registers the specified checkpoint which generated by connected node
-// with a authorised private key.
-func publish(ctx *cli.Context) error {
-	// Print the checkpoint oracle's current status to make sure we're interacting
-	// with the correct network and contract.
-	status(ctx)
-
-	// Gather the signatures from the CLI
-	var sigs [][]byte
-	for _, sig := range strings.Split(ctx.String(signaturesFlag.Name), ",") {
-		trimmed := strings.TrimPrefix(strings.TrimSpace(sig), "0x")
-		if len(trimmed) != 130 {
-			utils.Fatalf("Invalid signature in --signature: '%s'", trimmed)
-		} else {
-			sigs = append(sigs, common.Hex2Bytes(trimmed))
-		}
-	}
-	// Retrieve the checkpoint we want to sign to sort the signatures
-	var (
-		client       = newRPCClient(ctx.String(nodeURLFlag.Name))
-		addr, oracle = newContract(client)
-		checkpoint   = getCheckpoint(ctx, client)
-		sighash      = sighash(checkpoint.SectionIndex, addr, checkpoint.Hash())
-	)
-	for i := 0; i < len(sigs); i++ {
-		for j := i + 1; j < len(sigs); j++ {
-			signerA := ecrecover(sighash, sigs[i])
-			signerB := ecrecover(sighash, sigs[j])
-			if bytes.Compare(signerA.Bytes(), signerB.Bytes()) > 0 {
-				sigs[i], sigs[j] = sigs[j], sigs[i]
-			}
-		}
-	}
-	// Retrieve recent header info to protect replay attack
-	reqCtx, cancelFn := context.WithTimeout(context.Background(), 10*time.Second)
-	defer cancelFn()
-
-	head, err := ethclient.NewClient(client).HeaderByNumber(reqCtx, nil)
-	if err != nil {
-		return err
-	}
-	num := head.Number.Uint64()
-	recent, err := ethclient.NewClient(client).HeaderByNumber(reqCtx, big.NewInt(int64(num-128)))
-	if err != nil {
-		return err
-	}
-	// Print a summary of the operation that's going to be performed
-	fmt.Printf("Publishing %d => %s:\n\n", checkpoint.SectionIndex, checkpoint.Hash().Hex())
-	for i, sig := range sigs {
-		fmt.Printf("Signer %d => %s\n", i+1, ecrecover(sighash, sig).Hex())
-	}
-	fmt.Println()
-	fmt.Printf("Sentry number => %d\nSentry hash   => %s\n", recent.Number, recent.Hash().Hex())
-
-	// Publish the checkpoint into the oracle
-	fmt.Println("Sending publish request to Clef...")
-	tx, err := oracle.RegisterCheckpoint(newClefSigner(ctx), checkpoint.SectionIndex, checkpoint.Hash().Bytes(), recent.Number, recent.Hash(), sigs)
-	if err != nil {
-		utils.Fatalf("Register contract failed %v", err)
-	}
-	log.Info("Successfully registered checkpoint", "tx", tx.Hash().Hex())
-	return nil
-}

cmd/checkpoint-admin/main.go

@@ -1,96 +0,0 @@
-// Copyright 2019 The go-ethereum Authors
-// This file is part of go-ethereum.
-//
-// go-ethereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// go-ethereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
-
-// checkpoint-admin is a utility that can be used to query checkpoint information
-// and register stable checkpoints into an oracle contract.
-package main
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/ethereum/go-ethereum/common/fdlimit"
-	"github.com/ethereum/go-ethereum/internal/flags"
-	"github.com/ethereum/go-ethereum/log"
-	"github.com/urfave/cli/v2"
-)
-
-var app = flags.NewApp("ethereum checkpoint helper tool")
-
-func init() {
-	app.Commands = []*cli.Command{
-		commandStatus,
-		commandDeploy,
-		commandSign,
-		commandPublish,
-	}
-	app.Flags = []cli.Flag{
-		oracleFlag,
-		nodeURLFlag,
-	}
-}
-
-// Commonly used command line flags.
-var (
-	indexFlag = &cli.Int64Flag{
-		Name:  "index",
-		Usage: "Checkpoint index (query latest from remote node if not specified)",
-	}
-	hashFlag = &cli.StringFlag{
-		Name:  "hash",
-		Usage: "Checkpoint hash (query latest from remote node if not specified)",
-	}
-	oracleFlag = &cli.StringFlag{
-		Name:  "oracle",
-		Usage: "Checkpoint oracle address (query from remote node if not specified)",
-	}
-	thresholdFlag = &cli.Int64Flag{
-		Name:  "threshold",
-		Usage: "Minimal number of signatures required to approve a checkpoint",
-	}
-	nodeURLFlag = &cli.StringFlag{
-		Name:  "rpc",
-		Value: "http://localhost:8545",
-		Usage: "The rpc endpoint of a local or remote geth node",
-	}
-	clefURLFlag = &cli.StringFlag{
-		Name:  "clef",
-		Value: "http://localhost:8550",
-		Usage: "The rpc endpoint of clef",
-	}
-	signerFlag = &cli.StringFlag{
-		Name:  "signer",
-		Usage: "Signer address for clef signing",
-	}
-	signersFlag = &cli.StringFlag{
-		Name:  "signers",
-		Usage: "Comma separated accounts of trusted checkpoint signers",
-	}
-	signaturesFlag = &cli.StringFlag{
-		Name:  "signatures",
-		Usage: "Comma separated checkpoint signatures to submit",
-	}
-)
-
-func main() {
-	log.Root().SetHandler(log.LvlFilterHandler(log.LvlInfo, log.StreamHandler(os.Stderr, log.TerminalFormat(true))))
-	fdlimit.Raise(2048)
-
-	if err := app.Run(os.Args); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-}

cmd/checkpoint-admin/status.go

@@ -1,60 +0,0 @@
-// Copyright 2019 The go-ethereum Authors
-// This file is part of go-ethereum.
-//
-// go-ethereum is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// go-ethereum is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
-
-package main
-
-import (
-	"fmt"
-
-	"github.com/ethereum/go-ethereum/common"
-	"github.com/urfave/cli/v2"
-)
-
-var commandStatus = &cli.Command{
-	Name:  "status",
-	Usage: "Fetches the signers and checkpoint status of the oracle contract",
-	Flags: []cli.Flag{
-		nodeURLFlag,
-	},
-	Action: status,
-}
-
-// status fetches the admin list of specified registrar contract.
-func status(ctx *cli.Context) error {
-	// Create a wrapper around the checkpoint oracle contract
-	addr, oracle := newContract(newRPCClient(ctx.String(nodeURLFlag.Name)))
-	fmt.Printf("Oracle => %s\n", addr.Hex())
-	fmt.Println()
-
-	// Retrieve the list of authorized signers (admins)
-	admins, err := oracle.Contract().GetAllAdmin(nil)
-	if err != nil {
-		return err
-	}
-	for i, admin := range admins {
-		fmt.Printf("Admin %d => %s\n", i+1, admin.Hex())
-	}
-	fmt.Println()
-
-	// Retrieve the latest checkpoint
-	index, checkpoint, height, err := oracle.Contract().GetLatestCheckpoint(nil)
-	if err != nil {
-		return err
-	}
-	fmt.Printf("Checkpoint (published at #%d) %d => %s\n", height, index, common.Hash(checkpoint).Hex())
-
-	return nil
-}

cmd/clef/README.md

@@ -2,7 +2,7 @@
 
 Clef can be used to sign transactions and data and is meant as a(n eventual) replacement for Geth's account management. This allows DApps to not depend on Geth's account management. When a DApp wants to sign data (or a transaction), it can send the content to Clef, which will then provide the user with context and asks for permission to sign the content. If the users grants the signing request, Clef will send the signature back to the DApp.
 
-This setup allows a DApp to connect to a remote Ethereum node and send transactions that are locally signed. This can help in situations when a DApp is connected to an untrusted remote Ethereum node, because a local one is not available, not synchronised with the chain, or is a node that has no built-in (or limited) account management.
+This setup allows a DApp to connect to a remote Ethereum node and send transactions that are locally signed. This can help in situations when a DApp is connected to an untrusted remote Ethereum node, because a local one is not available, not synchronized with the chain, or is a node that has no built-in (or limited) account management.
 
 Clef can run as a daemon on the same machine, off a usb-stick like [USB armory](https://inversepath.com/usbarmory), or even a separate VM in a [QubesOS](https://www.qubes-os.org/) type setup.
 
@@ -29,7 +29,7 @@ GLOBAL OPTIONS:
    --loglevel value        log level to emit to the screen (default: 4)
    --keystore value        Directory for the keystore (default: "$HOME/.ethereum/keystore")
    --configdir value       Directory for Clef configuration (default: "$HOME/.clef")
-   --chainid value         Chain id to use for signing (1=mainnet, 4=Rinkeby, 5=Goerli) (default: 1)
+   --chainid value         Chain id to use for signing (1=mainnet, 5=Goerli) (default: 1)
    --lightkdf              Reduce key-derivation RAM & CPU usage at some expense of KDF strength
    --nousb                 Disables monitoring for and managing USB hardware wallets
    --pcscdpath value       Path to the smartcard daemon (pcscd) socket file (default: "/run/pcscd/pcscd.comm")

cmd/clef/consolecmd_test.go

@@ -26,12 +26,13 @@ import (
 
 // TestImportRaw tests clef --importraw
 func TestImportRaw(t *testing.T) {
+	t.Parallel()
 	keyPath := filepath.Join(os.TempDir(), fmt.Sprintf("%v-tempkey.test", t.Name()))
 	os.WriteFile(keyPath, []byte("0102030405060708090a0102030405060708090a0102030405060708090a0102"), 0777)
 	t.Cleanup(func() { os.Remove(keyPath) })
 
-	t.Parallel()
 	t.Run("happy-path", func(t *testing.T) {
+		t.Parallel()
 		// Run clef importraw
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "importraw", keyPath)
 		clef.input("myverylongpassword").input("myverylongpassword")
@@ -43,6 +44,7 @@ func TestImportRaw(t *testing.T) {
 	})
 	// tests clef --importraw with mismatched passwords.
 	t.Run("pw-mismatch", func(t *testing.T) {
+		t.Parallel()
 		// Run clef importraw
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "importraw", keyPath)
 		clef.input("myverylongpassword1").input("myverylongpassword2").WaitExit()
@@ -52,6 +54,7 @@ func TestImportRaw(t *testing.T) {
 	})
 	// tests clef --importraw with a too short password.
 	t.Run("short-pw", func(t *testing.T) {
+		t.Parallel()
 		// Run clef importraw
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "importraw", keyPath)
 		clef.input("shorty").input("shorty").WaitExit()
@@ -64,12 +67,13 @@ func TestImportRaw(t *testing.T) {
 
 // TestListAccounts tests clef --list-accounts
 func TestListAccounts(t *testing.T) {
+	t.Parallel()
 	keyPath := filepath.Join(os.TempDir(), fmt.Sprintf("%v-tempkey.test", t.Name()))
 	os.WriteFile(keyPath, []byte("0102030405060708090a0102030405060708090a0102030405060708090a0102"), 0777)
 	t.Cleanup(func() { os.Remove(keyPath) })
 
-	t.Parallel()
 	t.Run("no-accounts", func(t *testing.T) {
+		t.Parallel()
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "list-accounts")
 		if out := string(clef.Output()); !strings.Contains(out, "The keystore is empty.") {
 			t.Logf("Output\n%v", out)
@@ -77,6 +81,7 @@ func TestListAccounts(t *testing.T) {
 		}
 	})
 	t.Run("one-account", func(t *testing.T) {
+		t.Parallel()
 		// First, we need to import
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "importraw", keyPath)
 		clef.input("myverylongpassword").input("myverylongpassword").WaitExit()
@@ -91,12 +96,13 @@ func TestListAccounts(t *testing.T) {
 
 // TestListWallets tests clef --list-wallets
 func TestListWallets(t *testing.T) {
+	t.Parallel()
 	keyPath := filepath.Join(os.TempDir(), fmt.Sprintf("%v-tempkey.test", t.Name()))
 	os.WriteFile(keyPath, []byte("0102030405060708090a0102030405060708090a0102030405060708090a0102"), 0777)
 	t.Cleanup(func() { os.Remove(keyPath) })
 
-	t.Parallel()
 	t.Run("no-accounts", func(t *testing.T) {
+		t.Parallel()
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "list-wallets")
 		if out := string(clef.Output()); !strings.Contains(out, "There are no wallets.") {
 			t.Logf("Output\n%v", out)
@@ -104,6 +110,7 @@ func TestListWallets(t *testing.T) {
 		}
 	})
 	t.Run("one-account", func(t *testing.T) {
+		t.Parallel()
 		// First, we need to import
 		clef := runClef(t, "--suppress-bootwarn", "--lightkdf", "importraw", keyPath)
 		clef.input("myverylongpassword").input("myverylongpassword").WaitExit()

cmd/clef/main.go

@@ -27,6 +27,7 @@ import (
 	"fmt"
 	"io"
 	"math/big"
+	"net"
 	"os"
 	"os/signal"
 	"path/filepath"
@@ -99,7 +100,7 @@ var (
 	chainIdFlag = &cli.Int64Flag{
 		Name:  "chainid",
 		Value: params.MainnetChainConfig.ChainID.Int64(),
-		Usage: "Chain id to use for signing (1=mainnet, 4=Rinkeby, 5=Goerli)",
+		Usage: "Chain id to use for signing (1=mainnet, 5=Goerli)",
 	}
 	rpcPortFlag = &cli.IntFlag{
 		Name:     "http.port",
@@ -326,7 +327,7 @@ func initializeSecrets(c *cli.Context) error {
 		return err
 	}
 	if num != len(masterSeed) {
-		return fmt.Errorf("failed to read enough random")
+		return errors.New("failed to read enough random")
 	}
 	n, p := keystore.StandardScryptN, keystore.StandardScryptP
 	if c.Bool(utils.LightKDFFlag.Name) {
@@ -482,7 +483,7 @@ func initialize(c *cli.Context) error {
 		}
 	} else if !c.Bool(acceptFlag.Name) {
 		if !confirm(legalWarning) {
-			return fmt.Errorf("aborted by user")
+			return errors.New("aborted by user")
 		}
 		fmt.Println()
 	}
@@ -491,7 +492,8 @@ func initialize(c *cli.Context) error {
 	if usecolor {
 		output = colorable.NewColorable(logOutput)
 	}
-	log.Root().SetHandler(log.LvlFilterHandler(log.Lvl(c.Int(logLevelFlag.Name)), log.StreamHandler(output, log.TerminalFormat(usecolor))))
+	verbosity := log.FromLegacyLevel(c.Int(logLevelFlag.Name))
+	log.SetDefault(log.NewLogger(log.NewTerminalHandlerWithLevel(output, verbosity, usecolor)))
 
 	return nil
 }
@@ -580,6 +582,7 @@ func accountImport(c *cli.Context) error {
 		return err
 	}
 	if first != second {
+		//lint:ignore ST1005 This is a message for the user
 		return errors.New("Passwords do not match")
 	}
 	acc, err := internalApi.ImportRawKey(hex.EncodeToString(crypto.FromECDSA(pKey)), first)
@@ -590,7 +593,7 @@ func accountImport(c *cli.Context) error {
   Address %v
   Keystore file: %v
 
-The key is now encrypted; losing the password will result in permanently losing 
+The key is now encrypted; losing the password will result in permanently losing
 access to the key and all associated funds!
 
 Make sure to backup keystore and passwords in a safe location.`,
@@ -732,6 +735,7 @@ func signer(c *cli.Context) error {
 		cors := utils.SplitAndTrim(c.String(utils.HTTPCORSDomainFlag.Name))
 
 		srv := rpc.NewServer()
+		srv.SetBatchLimits(node.DefaultConfig.BatchRequestLimit, node.DefaultConfig.BatchResponseMaxSize)
 		err := node.RegisterApis(rpcAPI, []string{"account"}, srv)
 		if err != nil {
 			utils.Fatalf("Could not register API: %w", err)
@@ -742,7 +746,7 @@ func signer(c *cli.Context) error {
 		port := c.Int(rpcPortFlag.Name)
 
 		// start http server
-		httpEndpoint := fmt.Sprintf("%s:%d", c.String(utils.HTTPListenAddrFlag.Name), port)
+		httpEndpoint := net.JoinHostPort(c.String(utils.HTTPListenAddrFlag.Name), fmt.Sprintf("%d", port))
 		httpServer, addr, err := node.StartHTTPEndpoint(httpEndpoint, rpc.DefaultHTTPTimeouts, handler)
 		if err != nil {
 			utils.Fatalf("Could not start RPC api: %v", err)
@@ -844,7 +848,7 @@ func readMasterKey(ctx *cli.Context, ui core.UIClientAPI) ([]byte, error) {
 	}
 	masterSeed, err := decryptSeed(cipherKey, password)
 	if err != nil {
-		return nil, fmt.Errorf("failed to decrypt the master seed of clef")
+		return nil, errors.New("failed to decrypt the master seed of clef")
 	}
 	if len(masterSeed) < 256 {
 		return nil, fmt.Errorf("master seed of insufficient length, expected >255 bytes, got %d", len(masterSeed))
@@ -1204,7 +1208,7 @@ func GenDoc(ctx *cli.Context) error {
 						URL:     accounts.URL{Path: ".. ignored .."},
 					},
 					{
-						Address: common.HexToAddress("0xffffffffffffffffffffffffffffffffffffffff"),
+						Address: common.MaxAddress,
 					},
 				}})
 	}

cmd/clef/pythonsigner.py

@@ -91,7 +91,7 @@ class StdIOHandler:
         {"jsonrpc":"2.0","id":20,"method":"ui_approveTx","params":[{"transaction":{"from":"0xDEADbEeF000000000000000000000000DeaDbeEf","to":"0xDEADbEeF000000000000000000000000DeaDbeEf","gas":"0x3e8","gasPrice":"0x5","maxFeePerGas":null,"maxPriorityFeePerGas":null,"value":"0x6","nonce":"0x1","data":"0x"},"call_info":null,"meta":{"remote":"clef binary","local":"main","scheme":"in-proc","User-Agent":"","Origin":""}}]}
 
         :param transaction: transaction info
-        :param call_info: info abou the call, e.g. if ABI info could not be
+        :param call_info: info about the call, e.g. if ABI info could not be
         :param meta: metadata about the request, e.g. where the call comes from
         :return:
         """  # noqa: E501

cmd/clef/run_test.go

@@ -21,8 +21,8 @@ import (
 	"os"
 	"testing"
 
-	"github.com/docker/docker/pkg/reexec"
 	"github.com/ethereum/go-ethereum/internal/cmdtest"
+	"github.com/ethereum/go-ethereum/internal/reexec"
 )
 
 const registeredName = "clef-test"

cmd/devp2p/README.md

@@ -44,7 +44,7 @@ set to standard output. The following filters are supported:
 - `-limit <N>` limits the output set to N entries, taking the top N nodes by score
 - `-ip <CIDR>` filters nodes by IP subnet
 - `-min-age <duration>` filters nodes by 'first seen' time
-- `-eth-network <mainnet/rinkeby/goerli/sepolia>` filters nodes by "eth" ENR entry
+- `-eth-network <mainnet/goerli/sepolia/holesky>` filters nodes by "eth" ENR entry
 - `-les-server` filters nodes by LES server support
 - `-snap` filters nodes by snap protocol support
 

cmd/devp2p/crawl.go

@@ -17,6 +17,9 @@
 package main
 
 import (
+	"errors"
+	"sync"
+	"sync/atomic"
 	"time"
 
 	"github.com/ethereum/go-ethereum/log"
@@ -34,6 +37,7 @@ type crawler struct {
 
 	// settings
 	revalidateInterval time.Duration
+	mu                 sync.RWMutex
 }
 
 const (
@@ -48,7 +52,14 @@ type resolver interface {
 	RequestENR(*enode.Node) (*enode.Node, error)
 }
 
-func newCrawler(input nodeSet, disc resolver, iters ...enode.Iterator) *crawler {
+func newCrawler(input nodeSet, bootnodes []*enode.Node, disc resolver, iters ...enode.Iterator) (*crawler, error) {
+	if len(input) == 0 {
+		input.add(bootnodes...)
+	}
+	if len(input) == 0 {
+		return nil, errors.New("no input nodes to start crawling")
+	}
+
 	c := &crawler{
 		input:     input,
 		output:    make(nodeSet, len(input)),
@@ -64,10 +75,10 @@ func newCrawler(input nodeSet, disc resolver, iters ...enode.Iterator) *crawler
 	for id, n := range input {
 		c.output[id] = n
 	}
-	return c
+	return c, nil
 }
 
-func (c *crawler) run(timeout time.Duration) nodeSet {
+func (c *crawler) run(timeout time.Duration, nthreads int) nodeSet {
 	var (
 		timeoutTimer = time.NewTimer(timeout)
 		timeoutCh    <-chan time.Time
@@ -75,35 +86,51 @@ func (c *crawler) run(timeout time.Duration) nodeSet {
 		doneCh       = make(chan enode.Iterator, len(c.iters))
 		liveIters    = len(c.iters)
 	)
+	if nthreads < 1 {
+		nthreads = 1
+	}
 	defer timeoutTimer.Stop()
 	defer statusTicker.Stop()
 	for _, it := range c.iters {
 		go c.runIterator(doneCh, it)
 	}
-
 	var (
-		added   int
-		updated int
-		skipped int
-		recent  int
-		removed int
+		added   atomic.Uint64
+		updated atomic.Uint64
+		skipped atomic.Uint64
+		recent  atomic.Uint64
+		removed atomic.Uint64
+		wg      sync.WaitGroup
 	)
+	wg.Add(nthreads)
+	for i := 0; i < nthreads; i++ {
+		go func() {
+			defer wg.Done()
+			for {
+				select {
+				case n := <-c.ch:
+					switch c.updateNode(n) {
+					case nodeSkipIncompat:
+						skipped.Add(1)
+					case nodeSkipRecent:
+						recent.Add(1)
+					case nodeRemoved:
+						removed.Add(1)
+					case nodeAdded:
+						added.Add(1)
+					default:
+						updated.Add(1)
+					}
+				case <-c.closed:
+					return
+				}
+			}
+		}()
+	}
+
 loop:
 	for {
 		select {
-		case n := <-c.ch:
-			switch c.updateNode(n) {
-			case nodeSkipIncompat:
-				skipped++
-			case nodeSkipRecent:
-				recent++
-			case nodeRemoved:
-				removed++
-			case nodeAdded:
-				added++
-			default:
-				updated++
-			}
 		case it := <-doneCh:
 			if it == c.inputIter {
 				// Enable timeout when we're done revalidating the input nodes.
@@ -119,8 +146,11 @@ loop:
 			break loop
 		case <-statusTicker.C:
 			log.Info("Crawling in progress",
-				"added", added, "updated", updated, "removed", removed,
-				"ignored(recent)", recent, "ignored(incompatible)", skipped)
+				"added", added.Load(),
+				"updated", updated.Load(),
+				"removed", removed.Load(),
+				"ignored(recent)", recent.Load(),
+				"ignored(incompatible)", skipped.Load())
 		}
 	}
 
@@ -131,6 +161,7 @@ loop:
 	for ; liveIters > 0; liveIters-- {
 		<-doneCh
 	}
+	wg.Wait()
 	return c.output
 }
 
@@ -148,7 +179,9 @@ func (c *crawler) runIterator(done chan<- enode.Iterator, it enode.Iterator) {
 // updateNode updates the info about the given node, and returns a status
 // about what changed
 func (c *crawler) updateNode(n *enode.Node) int {
+	c.mu.RLock()
 	node, ok := c.output[n.ID()]
+	c.mu.RUnlock()
 
 	// Skip validation of recently-seen nodes.
 	if ok && time.Since(node.LastCheck) < c.revalidateInterval {
@@ -156,10 +189,9 @@ func (c *crawler) updateNode(n *enode.Node) int {
 	}
 
 	// Request the node record.
-	nn, err := c.disc.RequestENR(n)
-	node.LastCheck = truncNow()
 	status := nodeUpdated
-	if err != nil {
+	node.LastCheck = truncNow()
+	if nn, err := c.disc.RequestENR(n); err != nil {
 		if node.Score == 0 {
 			// Node doesn't implement EIP-868.
 			log.Debug("Skipping node", "id", n.ID())
@@ -176,8 +208,9 @@ func (c *crawler) updateNode(n *enode.Node) int {
 		}
 		node.LastResponse = node.LastCheck
 	}
-
 	// Store/update node in output set.
+	c.mu.Lock()
+	defer c.mu.Unlock()
 	if node.Score <= 0 {
 		log.Debug("Removing node", "id", n.ID())
 		delete(c.output, n.ID())

cmd/devp2p/discv4cmd.go

@@ -17,6 +17,7 @@
 package main
 
 import (
+	"errors"
 	"fmt"
 	"net"
 	"strconv"
@@ -78,7 +79,7 @@ var (
 		Name:   "crawl",
 		Usage:  "Updates a nodes.json file with random nodes found in the DHT",
 		Action: discv4Crawl,
-		Flags:  flags.Merge(discoveryNodeFlags, []cli.Flag{crawlTimeoutFlag}),
+		Flags:  flags.Merge(discoveryNodeFlags, []cli.Flag{crawlTimeoutFlag, crawlParallelismFlag}),
 	}
 	discv4TestCommand = &cli.Command{
 		Name:   "test",
@@ -120,6 +121,11 @@ var (
 		Usage: "Time limit for the crawl.",
 		Value: 30 * time.Minute,
 	}
+	crawlParallelismFlag = &cli.IntFlag{
+		Name:  "parallel",
+		Usage: "How many parallel discoveries to attempt.",
+		Value: 16,
+	}
 	remoteEnodeFlag = &cli.StringFlag{
 		Name:    "remote",
 		Usage:   "Enode of the remote node under test",
@@ -137,7 +143,7 @@ var discoveryNodeFlags = []cli.Flag{
 
 func discv4Ping(ctx *cli.Context) error {
 	n := getNodeArg(ctx)
-	disc := startV4(ctx)
+	disc, _ := startV4(ctx)
 	defer disc.Close()
 
 	start := time.Now()
@@ -150,7 +156,7 @@ func discv4Ping(ctx *cli.Context) error {
 
 func discv4RequestRecord(ctx *cli.Context) error {
 	n := getNodeArg(ctx)
-	disc := startV4(ctx)
+	disc, _ := startV4(ctx)
 	defer disc.Close()
 
 	respN, err := disc.RequestENR(n)
@@ -163,7 +169,7 @@ func discv4RequestRecord(ctx *cli.Context) error {
 
 func discv4Resolve(ctx *cli.Context) error {
 	n := getNodeArg(ctx)
-	disc := startV4(ctx)
+	disc, _ := startV4(ctx)
 	defer disc.Close()
 
 	fmt.Println(disc.Resolve(n).String())
@@ -172,7 +178,7 @@ func discv4Resolve(ctx *cli.Context) error {
 
 func discv4ResolveJSON(ctx *cli.Context) error {
 	if ctx.NArg() < 1 {
-		return fmt.Errorf("need nodes file as argument")
+		return errors.New("need nodes file as argument")
 	}
 	nodesFile := ctx.Args().Get(0)
 	inputSet := make(nodeSet)
@@ -190,31 +196,38 @@ func discv4ResolveJSON(ctx *cli.Context) error {
 		nodeargs = append(nodeargs, n)
 	}
 
-	// Run the crawler.
-	disc := startV4(ctx)
+	disc, config := startV4(ctx)
 	defer disc.Close()
-	c := newCrawler(inputSet, disc, enode.IterNodes(nodeargs))
+
+	c, err := newCrawler(inputSet, config.Bootnodes, disc, enode.IterNodes(nodeargs))
+	if err != nil {
+		return err
+	}
 	c.revalidateInterval = 0
-	output := c.run(0)
+	output := c.run(0, 1)
 	writeNodesJSON(nodesFile, output)
 	return nil
 }
 
 func discv4Crawl(ctx *cli.Context) error {
 	if ctx.NArg() < 1 {
-		return fmt.Errorf("need nodes file as argument")
+		return errors.New("need nodes file as argument")
 	}
 	nodesFile := ctx.Args().First()
-	var inputSet nodeSet
+	inputSet := make(nodeSet)
 	if common.FileExist(nodesFile) {
 		inputSet = loadNodesJSON(nodesFile)
 	}
 
-	disc := startV4(ctx)
+	disc, config := startV4(ctx)
 	defer disc.Close()
-	c := newCrawler(inputSet, disc, disc.RandomNodes())
+
+	c, err := newCrawler(inputSet, config.Bootnodes, disc, disc.RandomNodes())
+	if err != nil {
+		return err
+	}
 	c.revalidateInterval = 10 * time.Minute
-	output := c.run(ctx.Duration(crawlTimeoutFlag.Name))
+	output := c.run(ctx.Duration(crawlTimeoutFlag.Name), ctx.Int(crawlParallelismFlag.Name))
 	writeNodesJSON(nodesFile, output)
 	return nil
 }
@@ -223,7 +236,7 @@ func discv4Crawl(ctx *cli.Context) error {
 func discv4Test(ctx *cli.Context) error {
 	// Configure test package globals.
 	if !ctx.IsSet(remoteEnodeFlag.Name) {
-		return fmt.Errorf("Missing -%v", remoteEnodeFlag.Name)
+		return fmt.Errorf("missing -%v", remoteEnodeFlag.Name)
 	}
 	v4test.Remote = ctx.String(remoteEnodeFlag.Name)
 	v4test.Listen1 = ctx.String(testListen1Flag.Name)
@@ -232,14 +245,14 @@ func discv4Test(ctx *cli.Context) error {
 }
 
 // startV4 starts an ephemeral discovery V4 node.
-func startV4(ctx *cli.Context) *discover.UDPv4 {
+func startV4(ctx *cli.Context) (*discover.UDPv4, discover.Config) {
 	ln, config := makeDiscoveryConfig(ctx)
 	socket := listen(ctx, ln)
 	disc, err := discover.ListenV4(socket, ln, config)
 	if err != nil {
 		exit(err)
 	}
-	return disc
+	return disc, config
 }
 
 func makeDiscoveryConfig(ctx *cli.Context) (*enode.LocalNode, discover.Config) {
@@ -331,7 +344,7 @@ func listen(ctx *cli.Context, ln *enode.LocalNode) *net.UDPConn {
 }
 
 func parseBootnodes(ctx *cli.Context) ([]*enode.Node, error) {
-	s := params.RinkebyBootnodes
+	s := params.MainnetBootnodes
 	if ctx.IsSet(bootnodesFlag.Name) {
 		input := ctx.String(bootnodesFlag.Name)
 		if input == "" {

cmd/devp2p/discv5cmd.go

@@ -17,6 +17,7 @@
 package main
 
 import (
+	"errors"
 	"fmt"
 	"time"
 
@@ -80,7 +81,7 @@ var (
 
 func discv5Ping(ctx *cli.Context) error {
 	n := getNodeArg(ctx)
-	disc := startV5(ctx)
+	disc, _ := startV5(ctx)
 	defer disc.Close()
 
 	fmt.Println(disc.Ping(n))
@@ -89,7 +90,7 @@ func discv5Ping(ctx *cli.Context) error {
 
 func discv5Resolve(ctx *cli.Context) error {
 	n := getNodeArg(ctx)
-	disc := startV5(ctx)
+	disc, _ := startV5(ctx)
 	defer disc.Close()
 
 	fmt.Println(disc.Resolve(n))
@@ -98,19 +99,23 @@ func discv5Resolve(ctx *cli.Context) error {
 
 func discv5Crawl(ctx *cli.Context) error {
 	if ctx.NArg() < 1 {
-		return fmt.Errorf("need nodes file as argument")
+		return errors.New("need nodes file as argument")
 	}
 	nodesFile := ctx.Args().First()
-	var inputSet nodeSet
+	inputSet := make(nodeSet)
 	if common.FileExist(nodesFile) {
 		inputSet = loadNodesJSON(nodesFile)
 	}
 
-	disc := startV5(ctx)
+	disc, config := startV5(ctx)
 	defer disc.Close()
-	c := newCrawler(inputSet, disc, disc.RandomNodes())
+
+	c, err := newCrawler(inputSet, config.Bootnodes, disc, disc.RandomNodes())
+	if err != nil {
+		return err
+	}
 	c.revalidateInterval = 10 * time.Minute
-	output := c.run(ctx.Duration(crawlTimeoutFlag.Name))
+	output := c.run(ctx.Duration(crawlTimeoutFlag.Name), ctx.Int(crawlParallelismFlag.Name))
 	writeNodesJSON(nodesFile, output)
 	return nil
 }
@@ -126,7 +131,7 @@ func discv5Test(ctx *cli.Context) error {
 }
 
 func discv5Listen(ctx *cli.Context) error {
-	disc := startV5(ctx)
+	disc, _ := startV5(ctx)
 	defer disc.Close()
 
 	fmt.Println(disc.Self())
@@ -134,12 +139,12 @@ func discv5Listen(ctx *cli.Context) error {
 }
 
 // startV5 starts an ephemeral discovery v5 node.
-func startV5(ctx *cli.Context) *discover.UDPv5 {
+func startV5(ctx *cli.Context) (*discover.UDPv5, discover.Config) {
 	ln, config := makeDiscoveryConfig(ctx)
 	socket := listen(ctx, ln)
 	disc, err := discover.ListenV5(socket, ln, config)
 	if err != nil {
 		exit(err)
 	}
-	return disc
+	return disc, config
 }

cmd/devp2p/dns_cloudflare.go

@@ -18,6 +18,7 @@ package main
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -48,7 +49,7 @@ type cloudflareClient struct {
 func newCloudflareClient(ctx *cli.Context) *cloudflareClient {
 	token := ctx.String(cloudflareTokenFlag.Name)
 	if token == "" {
-		exit(fmt.Errorf("need cloudflare API token to proceed"))
+		exit(errors.New("need cloudflare API token to proceed"))
 	}
 	api, err := cloudflare.NewWithAPIToken(token)
 	if err != nil {
@@ -113,7 +114,7 @@ func (c *cloudflareClient) uploadRecords(name string, records map[string]string)
 	records = lrecords
 
 	log.Info(fmt.Sprintf("Retrieving existing TXT records on %s", name))
-	entries, err := c.DNSRecords(context.Background(), c.zoneID, cloudflare.DNSRecord{Type: "TXT"})
+	entries, _, err := c.ListDNSRecords(context.Background(), cloudflare.ZoneIdentifier(c.zoneID), cloudflare.ListDNSRecordsParams{Type: "TXT"})
 	if err != nil {
 		return err
 	}
@@ -126,40 +127,62 @@ func (c *cloudflareClient) uploadRecords(name string, records map[string]string)
 	}
 
 	// Iterate over the new records and inject anything missing.
+	log.Info("Updating DNS entries")
+	created := 0
+	updated := 0
+	skipped := 0
 	for path, val := range records {
 		old, exists := existing[path]
 		if !exists {
 			// Entry is unknown, push a new one to Cloudflare.
-			log.Info(fmt.Sprintf("Creating %s = %q", path, val))
+			log.Debug(fmt.Sprintf("Creating %s = %q", path, val))
+			created++
 			ttl := rootTTL
 			if path != name {
 				ttl = treeNodeTTLCloudflare // Max TTL permitted by Cloudflare
 			}
-			record := cloudflare.DNSRecord{Type: "TXT", Name: path, Content: val, TTL: ttl}
-			_, err = c.CreateDNSRecord(context.Background(), c.zoneID, record)
+			record := cloudflare.CreateDNSRecordParams{Type: "TXT", Name: path, Content: val, TTL: ttl}
+			_, err = c.CreateDNSRecord(context.Background(), cloudflare.ZoneIdentifier(c.zoneID), record)
 		} else if old.Content != val {
 			// Entry already exists, only change its content.
 			log.Info(fmt.Sprintf("Updating %s from %q to %q", path, old.Content, val))
-			old.Content = val
-			err = c.UpdateDNSRecord(context.Background(), c.zoneID, old.ID, old)
+			updated++
+
+			record := cloudflare.UpdateDNSRecordParams{
+				Type:     old.Type,
+				Name:     old.Name,
+				Content:  val,
+				Data:     old.Data,
+				ID:       old.ID,
+				Priority: old.Priority,
+				TTL:      old.TTL,
+				Proxied:  old.Proxied,
+				Tags:     old.Tags,
+			}
+			_, err = c.UpdateDNSRecord(context.Background(), cloudflare.ZoneIdentifier(c.zoneID), record)
 		} else {
+			skipped++
 			log.Debug(fmt.Sprintf("Skipping %s = %q", path, val))
 		}
 		if err != nil {
 			return fmt.Errorf("failed to publish %s: %v", path, err)
 		}
 	}
-
+	log.Info("Updated DNS entries", "new", created, "updated", updated, "untouched", skipped)
 	// Iterate over the old records and delete anything stale.
+	deleted := 0
+	log.Info("Deleting stale DNS entries")
 	for path, entry := range existing {
 		if _, ok := records[path]; ok {
 			continue
 		}
 		// Stale entry, nuke it.
-		log.Info(fmt.Sprintf("Deleting %s = %q", path, entry.Content))
-		if err := c.DeleteDNSRecord(context.Background(), c.zoneID, entry.ID); err != nil {
+		log.Debug(fmt.Sprintf("Deleting %s = %q", path, entry.Content))
+		deleted++
+		if err := c.DeleteDNSRecord(context.Background(), cloudflare.ZoneIdentifier(c.zoneID), entry.ID); err != nil {
 			return fmt.Errorf("failed to delete %s: %v", path, err)
 		}
 	}
+	log.Info("Deleted stale DNS entries", "count", deleted)
 	return nil
 }

cmd/devp2p/dns_route53.go

@@ -20,7 +20,6 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"sort"
 	"strconv"
 	"strings"
 	"time"
@@ -33,6 +32,7 @@ import (
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/ethereum/go-ethereum/p2p/dnsdisc"
 	"github.com/urfave/cli/v2"
+	"golang.org/x/exp/slices"
 )
 
 const (
@@ -81,7 +81,7 @@ func newRoute53Client(ctx *cli.Context) *route53Client {
 	akey := ctx.String(route53AccessKeyFlag.Name)
 	asec := ctx.String(route53AccessSecretFlag.Name)
 	if akey == "" || asec == "" {
-		exit(fmt.Errorf("need Route53 Access Key ID and secret to proceed"))
+		exit(errors.New("need Route53 Access Key ID and secret to proceed"))
 	}
 	creds := aws.NewCredentialsCache(credentials.NewStaticCredentialsProvider(akey, asec, ""))
 	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithCredentialsProvider(creds))
@@ -221,7 +221,13 @@ func (c *route53Client) computeChanges(name string, records map[string]string, e
 	}
 	records = lrecords
 
-	var changes []types.Change
+	var (
+		changes []types.Change
+		inserts int
+		upserts int
+		skips   int
+	)
+
 	for path, newValue := range records {
 		prevRecords, exists := existing[path]
 		prevValue := strings.Join(prevRecords.values, "")
@@ -237,20 +243,30 @@ func (c *route53Client) computeChanges(name string, records map[string]string, e
 
 		if !exists {
 			// Entry is unknown, push a new one
-			log.Info(fmt.Sprintf("Creating %s = %s", path, newValue))
+			log.Debug(fmt.Sprintf("Creating %s = %s", path, newValue))
 			changes = append(changes, newTXTChange("CREATE", path, ttl, newValue))
+			inserts++
 		} else if prevValue != newValue || prevRecords.ttl != ttl {
 			// Entry already exists, only change its content.
 			log.Info(fmt.Sprintf("Updating %s from %s to %s", path, prevValue, newValue))
 			changes = append(changes, newTXTChange("UPSERT", path, ttl, newValue))
+			upserts++
 		} else {
 			log.Debug(fmt.Sprintf("Skipping %s = %s", path, newValue))
+			skips++
 		}
 	}
 
 	// Iterate over the old records and delete anything stale.
-	changes = append(changes, makeDeletionChanges(existing, records)...)
+	deletions := makeDeletionChanges(existing, records)
+	changes = append(changes, deletions...)
 
+	log.Info("Computed DNS changes",
+		"changes", len(changes),
+		"inserts", inserts,
+		"skips", skips,
+		"deleted", len(deletions),
+		"upserts", upserts)
 	// Ensure changes are in the correct order.
 	sortChanges(changes)
 	return changes
@@ -263,7 +279,7 @@ func makeDeletionChanges(records map[string]recordSet, keep map[string]string) [
 		if _, ok := keep[path]; ok {
 			continue
 		}
-		log.Info(fmt.Sprintf("Deleting %s = %s", path, strings.Join(set.values, "")))
+		log.Debug(fmt.Sprintf("Deleting %s = %s", path, strings.Join(set.values, "")))
 		changes = append(changes, newTXTChange("DELETE", path, set.ttl, set.values...))
 	}
 	return changes
@@ -272,11 +288,17 @@ func makeDeletionChanges(records map[string]recordSet, keep map[string]string) [
 // sortChanges ensures DNS changes are in leaf-added -> root-changed -> leaf-deleted order.
 func sortChanges(changes []types.Change) {
 	score := map[string]int{"CREATE": 1, "UPSERT": 2, "DELETE": 3}
-	sort.Slice(changes, func(i, j int) bool {
-		if changes[i].Action == changes[j].Action {
-			return *changes[i].ResourceRecordSet.Name < *changes[j].ResourceRecordSet.Name
+	slices.SortFunc(changes, func(a, b types.Change) int {
+		if a.Action == b.Action {
+			return strings.Compare(*a.ResourceRecordSet.Name, *b.ResourceRecordSet.Name)
 		}
-		return score[string(changes[i].Action)] < score[string(changes[j].Action)]
+		if score[string(a.Action)] < score[string(b.Action)] {
+			return -1
+		}
+		if score[string(a.Action)] > score[string(b.Action)] {
+			return 1
+		}
+		return 0
 	})
 }
 
@@ -329,8 +351,9 @@ func (c *route53Client) collectRecords(name string) (map[string]recordSet, error
 	var req route53.ListResourceRecordSetsInput
 	req.HostedZoneId = &c.zoneID
 	existing := make(map[string]recordSet)
+	log.Info("Loading existing TXT records", "name", name, "zone", c.zoneID)
 	for page := 0; ; page++ {
-		log.Info("Loading existing TXT records", "name", name, "zone", c.zoneID, "page", page)
+		log.Debug("Loading existing TXT records", "name", name, "zone", c.zoneID, "page", page)
 		resp, err := c.api.ListResourceRecordSets(context.TODO(), &req)
 		if err != nil {
 			return existing, err
@@ -360,7 +383,7 @@ func (c *route53Client) collectRecords(name string) (map[string]recordSet, error
 		req.StartRecordName = resp.NextRecordName
 		req.StartRecordType = resp.NextRecordType
 	}
-
+	log.Info("Loaded existing TXT records", "name", name, "zone", c.zoneID, "records", len(existing))
 	return existing, nil
 }
 

cmd/devp2p/dns_route53_test.go

@@ -26,6 +26,7 @@ import (
 // This test checks that computeChanges/splitChanges create DNS changes in
 // leaf-added -> root-changed -> leaf-deleted order.
 func TestRoute53ChangeSort(t *testing.T) {
+	t.Parallel()
 	testTree0 := map[string]recordSet{
 		"2kfjogvxdqtxxugbh7gs7naaai.n": {ttl: 3333, values: []string{
 			`"enr:-HW4QO1ml1DdXLeZLsUxewnthhUy8eROqkDyoMTyavfks9JlYQIlMFEUoM78PovJDPQrAkrb3LRJ-""vtrymDguKCOIAWAgmlkgnY0iXNlY3AyNTZrMaEDffaGfJzgGhUif1JqFruZlYmA31HzathLSWxfbq_QoQ4"`,
@@ -164,6 +165,7 @@ func TestRoute53ChangeSort(t *testing.T) {
 
 // This test checks that computeChanges compares the quoted value of the records correctly.
 func TestRoute53NoChange(t *testing.T) {
+	t.Parallel()
 	// Existing record set.
 	testTree0 := map[string]recordSet{
 		"n": {ttl: rootTTL, values: []string{