hemilabs · marcopeereboom · Mar 5, 2026 · Mar 13, 2026 · Mar 13, 2026 · Mar 13, 2026
@@ -0,0 +1,78 @@
+# Copyright (c) 2024-2026 Hemi Labs, Inc.
+# Use of this source code is governed by the MIT License,
+# which can be found in the LICENSE file.
+
+# GitHub Actions workflow to lint, build and test.
+name: "Go"
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+concurrency:
+  group: "go-${{ github.workflow }}-${{ github.event.number || github.ref }}"
+  cancel-in-progress: "${{ github.event_name == 'pull_request' }}"
+
+env:
+  # renovate: datasource=github-releases depName=golangci/golangci-lint versioning=semver
+  GOLANGCI_LINT_VERSION: "v2.11.3"
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: "Test"
+    runs-on: "ubuntu-latest"
+    timeout-minutes: 150
+    strategy:
+      fail-fast: false # if one of these fails, still run the others
+      matrix:
+        module:
+          - eth-trie
+          - merkle
+          - tss-lib
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: "Setup Go"
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+        with:
+          go-version-file: "${{ matrix.module }}/go.mod"
+
+      - name: "go get"
+        working-directory: ${{ matrix.module }}
+        run: go mod download && go mod verify
+
+      - name: "go test"
+        working-directory: ${{ matrix.module }}
+        run: go test -tags tssexamples -timeout 120m -v -cover ./...
+
+  lint:
+    name: "Lint"
+    runs-on: "ubuntu-latest"
+    strategy:
+      fail-fast: false
+      matrix:
+        module:
+          - tss-lib
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: "Setup Go"
+        uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+        with:
+          go-version-file: "${{ matrix.module }}/go.mod"
+
+      - name: "golangci-lint"
+        uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
+        with:
+          working-directory: "${{ matrix.module }}"
+          version: "${{ env.GOLANGCI_LINT_VERSION }}"
+
+      - name: "golangci-lint fmt"
+        working-directory: "${{ matrix.module }}"
+        run: golangci-lint fmt --diff ./...
@@ -25,13 +25,15 @@ import (
 	"github.com/hemilabs/x/eth-trie/triedb/pathdb"
 )
 
+// TestZKTrie is a basic example of how one could use the eth-trie for
+// alternative data storage. It is a prototype for ZKTrie.
 func TestZKTrie(t *testing.T) {
 	const (
-		blockCount uint64 = 1000000 // num of blocks
+		blockCount uint64 = 10 // num of blocks
 		// newOutsCount >= inCount + outCount
-		newOutsCount uint64 = 1500 // num of outs with new scripts
-		inCount      uint64 = 1000 // num of ins
-		outCount     uint64 = 500  // num of outs with previous scripts
+		newOutsCount uint64 = 10 // num of outs with new scripts
+		inCount      uint64 = 0  // num of ins
+		outCount     uint64 = 0  // num of outs with previous scripts
 	)
 
 	datadir := t.TempDir()

@@ -0,0 +1,6 @@
+bin/
+.gocache/
+pkg/
+coverage.out
+test.log
+*.swp
@@ -0,0 +1,74 @@
+version: "2"
+run:
+  tests: true
+
+issues:
+  max-issues-per-linter: 0
+  max-same-issues: 0
+
+linters:
+  enable:
+    - "asasalint" # Check for pass []any as any in variadic func(...any).
+    - "dupword" # Checks for duplicate words in the source code.
+    - "errcheck" # Checks for unchecked errors.
+    - "errorlint" # Verifies errors are properly wrapped.
+    - "errname" # Checks that sentinel errors are prefixed with the Err.
+    - "gocheckcompilerdirectives" # Checks that go compiler directives are valid.
+    - "gochecksumtype" # Run exhaustiveness checks on Go "sum types".
+    - "gomoddirectives" # Manages 'replace', 'retract' and 'excludes' directives.
+    - "gosmopolitan" # Report certain i18n/l10n anti-patterns.
+    - "govet" # Runs go vet.
+    - "ineffassign" # Detects when assignments to variables are not used.
+    - "makezero" # Finds slice declarations with non-zero initial length.
+    - "misspell" # Finds common typing mistakes.
+    - "nilerr" # Finds code that returns nil even if it checks error is not nil.
+    - "nolintlint" # Reports ill-formed or insufficient nolint directives.
+    - "prealloc" # Finds slice declarations that could be pre-allocated.
+    - "predeclared" # Find code that shadows predeclared identifiers.
+    - "staticcheck" # Runs staticcheck.
+    - "unconvert" # Checks for unnecessary type conversions.
+    - "usestdlibvars" # Detects the possibility to use stdlib vars/constants.
+    - "usetesting" # Reports use of functions with replacements in testing.
+    - "unused" # Checks for unused constants, variables, functions, types.
+    - "whitespace" # Checks for unnecessary newlines.
+  settings:
+    gomoddirectives:
+      replace-local: true # tss-lib fork not yet pushed.
+    nolintlint:
+      require-explanation: true
+  exclusions:
+    generated: "strict"
+    presets:
+      - "comments"
+      - "common-false-positives"
+      - "legacy"
+      - "std-error-handling"
+    rules:
+      - linters: [ "staticcheck" ]
+        text: "QF1001:" # "could apply De Morgan's law"
+      - linters: [ "staticcheck" ]
+        text: "QF1007:" # "could merge conditional assignment"
+      - linters: [ "staticcheck" ]
+        text: "SA1019:.*elliptic\\." # tss-lib requires raw curve arithmetic (Add, ScalarMult, etc.)
+      - linters: [ "staticcheck" ]
+        text: "SA1019:.*\\.Add has been deprecated" # elliptic.Curve.Add
+      - linters: [ "staticcheck" ]
+        text: "SA1019:.*\\.ScalarMult has been deprecated" # elliptic.Curve.ScalarMult
+      - linters: [ "staticcheck" ]
+        text: "SA1019:.*\\.ScalarBaseMult has been deprecated" # elliptic.Curve.ScalarBaseMult
+      - linters: [ "staticcheck" ]
+        text: "SA1019:.*\\.IsOnCurve has been deprecated" # elliptic.Curve.IsOnCurve
+
+formatters:
+  enable:
+    - "gci" # Enforces package import order.
+    - "gofumpt" # Extended go fmt.
+  settings:
+    gci:
+      sections:
+        - "standard"
+        - "default"
+        - "blank"
+        - "dot"
+        - "localmodule"
+      custom-order: true
@@ -1,6 +1,7 @@
 MIT License
 
 Copyright (c) 2019 Binance
+Copyright (c) 2026 Hemi Labs, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

@@ -1,48 +1,64 @@
-MODULE = github.com/bnb-chain/tss-lib/v2
-PACKAGES = $(shell go list ./... | grep -v '/vendor/')
+# Copyright (c) 2026 Hemi Labs, Inc.
+# Use of this source code is governed by the MIT License,
+# which can be found in the LICENSE file.
 
-all: protob test
+PROJECTPATH = $(abspath $(dir $(realpath $(firstword $(MAKEFILE_LIST)))))
 
-########################################
-### Protocol Buffers
+export GOBIN=$(PROJECTPATH)/bin
+export GOCACHE=$(PROJECTPATH)/.gocache
+export GOPKG=$(PROJECTPATH)/pkg
 
-protob:
-	@echo "--> Building Protocol Buffers"
-	@for protocol in message signature ecdsa-keygen ecdsa-signing ecdsa-resharing eddsa-keygen eddsa-signing eddsa-resharing; do \
-		echo "Generating $$protocol.pb.go" ; \
-		protoc --go_out=. ./protob/$$protocol.proto ; \
-	done
+# renovate: datasource=github-releases depName=golangci/golangci-lint versioning=semver
+GOLANGCI_LINT_VERSION="v2.11.3"
+# renovate: datasource=github-releases depName=joshuasing/golicenser versioning=semver
+GOLICENSER_VERSION="v0.3.1"
+# renovate: datasource=github-releases depName=mvdan/gofumpt versioning=semver
+GOFUMPT_VERSION="v0.9.2"
 
-build: protob
-	go fmt ./...
+cmds = \
+	tss-ecdsa-demo	\
+	tss-eddsa-demo	\
 
-########################################
-### Testing
+.PHONY: all clean deps go-deps $(cmds) build lint lint-deps tidy race test vulncheck vulncheck-deps
 
-test_unit:
-	@echo "--> Running Unit Tests"
-	@echo "!!! WARNING: This will take a long time :)"
-	go clean -testcache
-	go test -timeout 60m $(PACKAGES)
+all: tidy build lint test
 
-test_unit_race:
-	@echo "--> Running Unit Tests (with Race Detection)"
-	@echo "!!! WARNING: This will take a long time :)"
-	go clean -testcache
-	go test -timeout 60m -race $(PACKAGES)
+clean:
+	rm -rf $(GOBIN) $(GOCACHE) $(GOPKG)
 
-test:
-	make test_unit
+deps: lint-deps vulncheck-deps go-deps
+
+go-deps:
+	go mod download
+	go mod tidy
+	go mod verify
+
+$(cmds):
+	go build -trimpath -ldflags "$(GO_LDFLAGS)" -o $(GOBIN)/$@ ./cmd/$@
+
+build:
+	go build ./...
 
-########################################
-### Pre Commit
+lint:
+	$(shell go env GOPATH)/bin/golangci-lint fmt ./...
+	$(shell go env GOPATH)/bin/golangci-lint run --fix ./...
 
-pre_commit: build test
+lint-deps:
+	@echo "Installing with $(shell go env GOVERSION)"
+	GOBIN=$(shell go env GOPATH)/bin go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@$(GOLANGCI_LINT_VERSION)
+	GOBIN=$(shell go env GOPATH)/bin go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION)
 
-########################################
+tidy:
+	go mod tidy
+
+race:
+	go test -v -race -timeout 60m ./...
+
+test:
+	go test -timeout 30m -coverprofile=$(PROJECTPATH)/coverage.out -covermode=atomic ./...
 
-# To avoid unintended conflicts with file names, always add to .PHONY
-# # unless there is a reason not to.
-# # https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
-.PHONY: protob build test_unit test_unit_race test
+vulncheck:
+	$(shell go env GOPATH)/bin/govulncheck ./...
 
+vulncheck-deps:
+	GOBIN=$(shell go env GOPATH)/bin go install golang.org/x/vuln/cmd/govulncheck@latest