diff --git a/pkg/core/server/manage_entity.go b/pkg/core/server/manage_entity.go
index 54042f20..8c9e21b5 100644
--- a/pkg/core/server/manage_entity.go
+++ b/pkg/core/server/manage_entity.go
@@ -101,7 +101,7 @@ func (s *Server) processTrackManageEntity(ctx context.Context, me *v1.ManageEnti
 	for _, addr := range signers {
 		if err := q.InsertManagementKey(ctx, db.InsertManagementKeyParams{
 			TrackID: trackID,
-			Address: addr,
+			Address: strings.ToLower(addr),
 		}); err != nil {
 			return fmt.Errorf("insert management_key: %w", err)
 		}
diff --git a/pkg/etl/go.mod b/pkg/etl/go.mod
index bf8fb186..abfb5f42 100644
--- a/pkg/etl/go.mod
+++ b/pkg/etl/go.mod
@@ -31,14 +31,10 @@ require (
 	github.com/jackc/puddle/v2 v2.2.1 // indirect
 	github.com/lib/pq v1.10.9 // indirect
 	github.com/mmcloughlin/addchain v0.4.0 // indirect
-	github.com/stretchr/testify v1.11.1 // indirect
 	github.com/supranational/blst v0.3.13 // indirect
-	go.opentelemetry.io/otel/metric v1.40.0 // indirect
-	go.opentelemetry.io/otel/trace v1.40.0 // indirect
 	go.uber.org/atomic v1.7.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.44.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
 	golang.org/x/sys v0.40.0 // indirect
 	golang.org/x/text v0.31.0 // indirect
 	rsc.io/tmplfunc v0.0.3 // indirect
diff --git a/pkg/etl/go.sum b/pkg/etl/go.sum
index e6aca549..e019d9d9 100644
--- a/pkg/etl/go.sum
+++ b/pkg/etl/go.sum
@@ -146,8 +146,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
 github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
 github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
-github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/shirou/gopsutil v3.21.4-0.20210419000835-c7a38de76ee5+incompatible h1:Bn1aCHHRnjv4Bl16T8rcaFjYSrGrIZvpiGO6P3Q4GpU=
 github.com/shirou/gopsutil v3.21.4-0.20210419000835-c7a38de76ee5+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
diff --git a/pkg/mediorum/server/serve_blob.go b/pkg/mediorum/server/serve_blob.go
index 6f6d789b..58a4b5ce 100644
--- a/pkg/mediorum/server/serve_blob.go
+++ b/pkg/mediorum/server/serve_blob.go
@@ -526,7 +526,8 @@ func (s *MediorumServer) requireRegisteredSignature(next echo.HandlerFunc) echo.
 			// If track has access_authorities (management_keys), ONLY those signers may authorize - not validator keys
 			if trackID != "" && managementKeyCount > 0 {
 				var count int
-				s.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackID, sig.SignerWallet).Scan(&count)
+				normalizedSignerWallet := strings.ToLower(sig.SignerWallet)
+				s.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackID, normalizedSignerWallet).Scan(&count)
 				if count == 0 {
 					s.logger.Debug("sig no match (access_authorities)", zap.String("signed by", sig.SignerWallet), zap.String("track_id", trackID))
 					return c.JSON(401, map[string]string{
@@ -685,7 +686,8 @@ func (ss *MediorumServer) serveTrack(c echo.Context) error {
 	}
 
 	var count int
-	ss.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackId, sig.SignerWallet).Scan(&count)
+	normalizedSignerWallet := strings.ToLower(sig.SignerWallet)
+	ss.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackId, normalizedSignerWallet).Scan(&count)
 	if count == 0 {
 		ss.logger.Debug("sig no match", zap.String("signed by", sig.SignerWallet))
 		return c.JSON(401, map[string]string{
diff --git a/pkg/mediorum/server/serve_blob_grpc.go b/pkg/mediorum/server/serve_blob_grpc.go
index 4b9f192b..399db19f 100644
--- a/pkg/mediorum/server/serve_blob_grpc.go
+++ b/pkg/mediorum/server/serve_blob_grpc.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"io"
+	"strings"
 	"time"
 
 	"connectrpc.com/connect"
@@ -44,7 +45,8 @@ func (s *MediorumServer) streamTrackGRPC(ctx context.Context, req *v1storage.Str
 	}
 
 	var count int
-	s.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackId, ethAddress).Scan(&count)
+	normalizedEthAddress := strings.ToLower(ethAddress)
+	s.crud.DB.Raw("SELECT COUNT(*) FROM management_keys WHERE track_id = ? AND address = ?", trackId, normalizedEthAddress).Scan(&count)
 	if count == 0 {
 		s.logger.Debug("sig no match", zap.String("signed by", ethAddress))
 		return connect.NewError(connect.CodePermissionDenied, errors.New("signer not authorized to access"))