Update changelog for release v0.35.2. (#8024 )

p2p: update shim to transfer information about peers (#8047 )
statesync: avoid compounding retry logic for fetching consensus parameters (backport #8032 ) (#8041 )
2026-01-12 15:52:50 +00:00 · 2022-03-02 08:37:33 -08:00 · 2022-03-02 08:43:47 -05:00 · 2022-03-01 18:59:29 -05:00 · 2022-02-28 20:51:47 -08:00 · 2022-02-25 16:03:15 -08:00
576 changed files with 21523 additions and 25139 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -7,4 +7,4 @@
 # global owners are only requested if there isn't a more specific
 # codeowner specified below. For this reason, the global codeowners
 # are often repeated in package-level definitions.
-*       @alexanderbez @ebuchman @cmwaters @tessr @tychoish @williambanfield @creachadair
+*      @ebuchman @cmwaters @tychoish @williambanfield @creachadair
--- a/.github/auto-comment.yml
+++ b/.github/auto-comment.yml
@@ -1,16 +1,16 @@
 pullRequestOpened: |
-  :wave: Thanks for creating a PR!   
+  :wave: Thanks for creating a PR!

-  Before we can merge this PR, please make sure that all the following items have been 
+  Before we can merge this PR, please make sure that all the following items have been
  checked off. If any of the checklist items are not applicable, please leave them but
-  write a little note why.   
+  write a little note why.

-  - [ ] Wrote tests  
-  - [ ] Updated CHANGELOG_PENDING.md   
-  - [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work.  
-  - [ ] Updated relevant documentation (`docs/`) and code comments  
-  - [ ] Re-reviewed `Files changed` in the Github PR explorer  
-  - [ ] Applied Appropriate Labels  
+  - [ ] Wrote tests
+  - [ ] Updated CHANGELOG_PENDING.md
+  - [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
+  - [ ] Updated relevant documentation (`docs/`) and code comments
+  - [ ] Re-reviewed `Files changed` in the Github PR explorer
+  - [ ] Applied Appropriate Labels


-  Thank you for your contribution to Tendermint! :rocket:   
+  Thank you for your contribution to Tendermint! :rocket:
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@@ -5,19 +5,14 @@ coverage:
  status:
    project:
      default:
-        threshold: 1%
-    patch: on
+        threshold: 20%
+    patch: off
    changes: off

 github_checks:
  annotations: false

-comment:
-  layout: "diff, files"
-  behavior: default
-  require_changes: no
-  require_base: no
-  require_head: yes
+comment: false

 ignore:
  - "docs"
@@ -25,3 +20,6 @@ ignore:
  - "scripts"
  - "**/*.pb.go"
  - "libs/pubsub/query/query.peg.go"
+  - "*.md"
+  - "*.rst"
+  - "*.yml"
--- a/.github/linter/markdownlint.yml
+++ b/.github/linter/markdownlint.yml
@@ -1,8 +0,0 @@
-default: true,
-MD007: { "indent": 4 }
-MD013: false
-MD024: { siblings_only: true }
-MD025: false
-MD033: { no-inline-html: false }
-no-hard-tabs: false
-whitespace: false
--- a/.github/linters/markdownlint.yml
+++ b/.github/linters/markdownlint.yml
@@ -0,0 +1,8 @@
+default: true,
+MD007: {"indent": 4}
+MD013: false
+MD024: {siblings_only: true}
+MD025: false
+MD033: {no-inline-html: false}
+no-hard-tabs: false
+whitespace: false
--- a/.github/linters/yaml-lint.yml
+++ b/.github/linters/yaml-lint.yml
@@ -0,0 +1,9 @@
+---
+# Default rules for YAML linting from super-linter.
+# See: See https://yamllint.readthedocs.io/en/stable/rules.html
+extends: default
+rules:
+  document-end: disable
+  document-start: disable
+  line-length: disable
+  truthy: disable
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -1,18 +1,19 @@
-pull_request_rules:
-  - name: Automerge to master
+queue_rules:
+  - name: default
    conditions:
-      - base=master
+      - base=v0.35.x
+      - label=S:automerge
+
+pull_request_rules:
+  - name: Automerge to v0.35.x
+    conditions:
+      - base=v0.35.x
      - label=S:automerge
    actions:
-      merge:
+      queue:
        method: squash
-        strict: true
-        commit_message: title+body
-  - name: backport patches to v0.34.x branch
-    conditions:
-      - base=master
-      - label=S:backport-to-v0.34.x
-    actions:
-      backport:
-        branches:
-          - v0.34.x
+        name: default
+        commit_message_template: |
+          {{ title }} (#{{ number }})
+
+          {{ body }}
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -0,0 +1,82 @@
+name: Build
+# Tests runs different tests (test_abci_apps, test_abci_cli, test_apps)
+# This workflow runs on every push to master or release branch and  every pull requests
+# All jobs will pass without running if no *{.go, .mod, .sum} files have been modified
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+      - release/**
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        goarch: ["arm", "amd64"]
+        goos: ["linux"]
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "1.17"
+      - uses: actions/checkout@v2.4.0
+      - uses: technote-space/get-diff-action@v5
+        with:
+          PATTERNS: |
+            **/**.go
+            "!test/"
+            go.mod
+            go.sum
+            Makefile
+      - name: install
+        run: GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} make build
+        if: "env.GIT_DIFF != ''"
+
+  test_abci_cli:
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "1.17"
+      - uses: actions/checkout@v2.4.0
+      - uses: technote-space/get-diff-action@v5
+        with:
+          PATTERNS: |
+            **/**.go
+            go.mod
+            go.sum
+      - name: install
+        run: make install_abci
+        if: "env.GIT_DIFF != ''"
+      - run: abci/tests/test_cli/test.sh
+        shell: bash
+        if: "env.GIT_DIFF != ''"
+
+  test_apps:
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "1.17"
+      - uses: actions/checkout@v2.4.0
+      - uses: technote-space/get-diff-action@v5
+        with:
+          PATTERNS: |
+            **/**.go
+            go.mod
+            go.sum
+      - name: install
+        run: make install install_abci
+        if: "env.GIT_DIFF != ''"
+      - name: test_apps
+        run: test/app/test.sh
+        shell: bash
+        if: "env.GIT_DIFF != ''"
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -1,127 +0,0 @@
-name: Test Coverage
-on:
-  pull_request:
-  push:
-    branches:
-      - master
-      - release/**
-
-jobs:
-  split-test-files:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2.3.4
-      - name: Create a file with all the pkgs
-        run: go list ./... > pkgs.txt
-      - name: Split pkgs into 4 files
-        run: split -d -n l/4 pkgs.txt pkgs.txt.part.
-      # cache multiple
-      - uses: actions/upload-artifact@v2
-        with:
-          name: "${{ github.sha }}-00"
-          path: ./pkgs.txt.part.00
-      - uses: actions/upload-artifact@v2
-        with:
-          name: "${{ github.sha }}-01"
-          path: ./pkgs.txt.part.01
-      - uses: actions/upload-artifact@v2
-        with:
-          name: "${{ github.sha }}-02"
-          path: ./pkgs.txt.part.02
-      - uses: actions/upload-artifact@v2
-        with:
-          name: "${{ github.sha }}-03"
-          path: ./pkgs.txt.part.03
-
-  build-linux:
-    name: Build
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        goarch: ["arm", "amd64"]
-    timeout-minutes: 5
-    steps:
-      - uses: actions/setup-go@v2
-        with:
-          go-version: "1.16"
-      - uses: actions/checkout@v2.3.4
-      - uses: technote-space/get-diff-action@v5
-        with:
-          PATTERNS: |
-            **/**.go
-            go.mod
-            go.sum
-      - name: install
-        run: GOOS=linux GOARCH=${{ matrix.goarch }} make build
-        if: "env.GIT_DIFF != ''"
-
-  tests:
-    runs-on: ubuntu-latest
-    needs: split-test-files
-    strategy:
-      fail-fast: false
-      matrix:
-        part: ["00", "01", "02", "03"]
-    steps:
-      - uses: actions/setup-go@v2
-        with:
-          go-version: "1.16"
-      - uses: actions/checkout@v2.3.4
-      - uses: technote-space/get-diff-action@v5
-        with:
-          PATTERNS: |
-            **/**.go
-            go.mod
-            go.sum
-      - uses: actions/download-artifact@v2
-        with:
-          name: "${{ github.sha }}-${{ matrix.part }}"
-        if: env.GIT_DIFF
-      - name: Set up Go
-        uses: actions/setup-go@v2
-        with:
-          go-version: 1.16
-      - name: test & coverage report creation
-        run: |
-          cat pkgs.txt.part.${{ matrix.part }} | xargs go test -mod=readonly -timeout 8m -race -coverprofile=${{ matrix.part }}profile.out -covermode=atomic
-        if: env.GIT_DIFF
-      - uses: actions/upload-artifact@v2
-        with:
-          name: "${{ github.sha }}-${{ matrix.part }}-coverage"
-          path: ./${{ matrix.part }}profile.out
-
-  upload-coverage-report:
-    runs-on: ubuntu-latest
-    needs: tests
-    steps:
-      - uses: actions/checkout@v2.3.4
-      - uses: technote-space/get-diff-action@v5
-        with:
-          PATTERNS: |
-            **/**.go
-            go.mod
-            go.sum
-      - uses: actions/download-artifact@v2
-        with:
-          name: "${{ github.sha }}-00-coverage"
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v2
-        with:
-          name: "${{ github.sha }}-01-coverage"
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v2
-        with:
-          name: "${{ github.sha }}-02-coverage"
-        if: env.GIT_DIFF
-      - uses: actions/download-artifact@v2
-        with:
-          name: "${{ github.sha }}-03-coverage"
-        if: env.GIT_DIFF
-      - run: |
-          cat ./*profile.out | grep -v "mode: atomic" >> coverage.txt
-        if: env.GIT_DIFF
-      - uses: codecov/codecov-action@v2.0.2
-        with:
-          file: ./coverage.txt
-        if: env.GIT_DIFF
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,14 +1,13 @@
-name: Build & Push
-#  Build & Push rebuilds the tendermint docker image on every push to master and creation of tags
+name: Docker
+# Build & Push rebuilds the tendermint docker image on every push to master and creation of tags
 # and pushes the image to https://hub.docker.com/r/interchainio/simapp/tags
 on:
-  pull_request:
  push:
    branches:
      - master
    tags:
-      - "v[0-9]+.[0-9]+.[0-9]+" # Push events to matching v*, i.e. v1.0, v20.15.10
-      - "v[0-9]+.[0-9]+.[0-9]+-rc*" # Push events to matching v*, i.e. v1.0-rc1, v20.15.10-rc5
+      - "v[0-9]+.[0-9]+.[0-9]+"  # Push events to matching v*, i.e. v1.0, v20.15.10
+      - "v[0-9]+.[0-9]+.[0-9]+-rc*"  # Push events to matching v*, i.e. v1.0-rc1, v20.15.10-rc5

 jobs:
  build:
@@ -39,8 +38,8 @@ jobs:
        with:
          platforms: all

-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1.5.0
+      - name: Set up Docker Build
+        uses: docker/setup-buildx-action@v1.6.0

      - name: Login to DockerHub
        if: ${{ github.event_name != 'pull_request' }}
--- a/.github/workflows/e2e-manual.yml
+++ b/.github/workflows/e2e-manual.yml
@@ -0,0 +1,36 @@
+# Manually run randomly generated E2E testnets (as nightly).
+name: e2e-manual
+on:
+  workflow_dispatch:
+
+jobs:
+  e2e-nightly-test:
+    # Run parallel jobs for the listed testnet groups (must match the
+    # ./build/generator -g flag)
+    strategy:
+      fail-fast: false
+      matrix:
+        p2p: ['legacy', 'new', 'hybrid']
+        group: ['00', '01', '02', '03']
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/setup-go@v2
+        with:
+          go-version: '1.17'
+
+      - uses: actions/checkout@v2.4.0
+
+      - name: Build
+        working-directory: test/e2e
+        # Run make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker generator runner tests
+
+      - name: Generate testnets
+        working-directory: test/e2e
+        # When changing -g, also change the matrix groups above
+        run: ./build/generator -g 4 -d networks/nightly/${{ matrix.p2p }} -p ${{ matrix.p2p }}
+
+      - name: Run ${{ matrix.p2p }} p2p testnets
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/nightly/${{ matrix.p2p }}/*-group${{ matrix.group }}-*.toml
--- a/.github/workflows/e2e-nightly-34x.yml
+++ b/.github/workflows/e2e-nightly-34x.yml
@@ -6,7 +6,7 @@

 name: e2e-nightly-34x
 on:
-  workflow_dispatch: # allow running workflow manually, in theory
+  workflow_dispatch:  # allow running workflow manually, in theory
  schedule:
    - cron: '0 2 * * *'

@@ -17,13 +17,13 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        group: ['00', '01', '02', '03']
+        group: ['00', '01']
    runs-on: ubuntu-latest
    timeout-minutes: 60
    steps:
      - uses: actions/setup-go@v2
        with:
-          go-version: '1.16'
+          go-version: '1.17'

      - uses: actions/checkout@v2.3.4
        with:
@@ -37,7 +37,7 @@ jobs:
      - name: Generate testnets
        working-directory: test/e2e
        # When changing -g, also change the matrix groups above
-        run: ./build/generator -g 4 -d networks/nightly
+        run: ./build/generator -g 2 -d networks/nightly

      - name: Run testnets in group ${{ matrix.group }}
        working-directory: test/e2e
@@ -59,7 +59,7 @@ jobs:
          SLACK_MESSAGE: Nightly E2E tests failed on v0.34.x
          SLACK_FOOTER: ''

-  e2e-nightly-success: # may turn this off once they seem to pass consistently
+  e2e-nightly-success:  # may turn this off once they seem to pass consistently
    needs: e2e-nightly-test
    if: ${{ success() }}
    runs-on: ubuntu-latest
--- a/.github/workflows/e2e-nightly-master.yml
+++ b/.github/workflows/e2e-nightly-master.yml
@@ -5,7 +5,7 @@

 name: e2e-nightly-master
 on:
-  workflow_dispatch: # allow running workflow manually
+  workflow_dispatch:  # allow running workflow manually
  schedule:
    - cron: '0 2 * * *'

@@ -17,25 +17,25 @@ jobs:
      fail-fast: false
      matrix:
        p2p: ['legacy', 'new', 'hybrid']
-        group: ['00', '01']
+        group: ['00', '01', '02', '03']
    runs-on: ubuntu-latest
    timeout-minutes: 60
    steps:
      - uses: actions/setup-go@v2
        with:
-          go-version: '1.16'
+          go-version: '1.17'

      - uses: actions/checkout@v2.3.4

      - name: Build
        working-directory: test/e2e
        # Run make jobs in parallel, since we can't run steps in parallel.
-        run: make -j2 docker generator runner
+        run: make -j2 docker generator runner tests

      - name: Generate testnets
        working-directory: test/e2e
        # When changing -g, also change the matrix groups above
-        run: ./build/generator -g 2 -d networks/nightly/${{ matrix.p2p }} -p ${{ matrix.p2p }}
+        run: ./build/generator -g 4 -d networks/nightly/${{ matrix.p2p }} -p ${{ matrix.p2p }}

      - name: Run ${{ matrix.p2p }} p2p testnets in group ${{ matrix.group }}
        working-directory: test/e2e
@@ -57,8 +57,8 @@ jobs:
          SLACK_MESSAGE: Nightly E2E tests failed on master
          SLACK_FOOTER: ''

-  e2e-nightly-success: # may turn this off once they seem to pass consistently
-    needs: e2e-nightly-test-2
+  e2e-nightly-success:  # may turn this off once they seem to pass consistently
+    needs: e2e-nightly-test
    if: ${{ success() }}
    runs-on: ubuntu-latest
    steps:
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -2,7 +2,7 @@ name: e2e
 # Runs the CI end-to-end test network on all pushes to master or release branches
 # and every pull request, but only if any Go files have been changed.
 on:
-  workflow_dispatch: # allow running workflow manually
+  workflow_dispatch:  # allow running workflow manually
  pull_request:
  push:
    branches:
@@ -16,7 +16,7 @@ jobs:
    steps:
      - uses: actions/setup-go@v2
        with:
-          go-version: '1.16'
+          go-version: '1.17'
      - uses: actions/checkout@v2.3.4
      - uses: technote-space/get-diff-action@v5
        with:
@@ -28,7 +28,7 @@ jobs:
      - name: Build
        working-directory: test/e2e
        # Run two make jobs in parallel, since we can't run steps in parallel.
-        run: make -j2 docker runner
+        run: make -j2 docker runner tests
        if: "env.GIT_DIFF != ''"

      - name: Run CI testnet
--- a/.github/workflows/fuzz-nightly.yml
+++ b/.github/workflows/fuzz-nightly.yml
@@ -1,7 +1,7 @@
 # Runs fuzzing nightly.
-name: fuzz-nightly
+name: Fuzz Tests
 on:
-  workflow_dispatch: # allow running workflow manually
+  workflow_dispatch:  # allow running workflow manually
  schedule:
    - cron: '0 3 * * *'
  pull_request:
@@ -15,7 +15,7 @@ jobs:
    steps:
      - uses: actions/setup-go@v2
        with:
-          go-version: '1.16'
+          go-version: '1.17'

      - uses: actions/checkout@v2.3.4

--- a/.github/workflows/linkchecker.yml
+++ b/.github/workflows/linkchecker.yml
@@ -1,5 +1,5 @@
 name: Check Markdown links
-on: 
+on:
  schedule:
    - cron: '* */24 * * *'
 jobs:
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest
    timeout-minutes: 8
    steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v2.4.0
      - uses: technote-space/get-diff-action@v5
        with:
          PATTERNS: |
@@ -23,7 +23,7 @@ jobs:
      - uses: golangci/golangci-lint-action@v2.5.2
        with:
          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
-          version: v1.38
+          version: v1.42.1
          args: --timeout 10m
          github-token: ${{ secrets.github_token }}
        if: env.GIT_DIFF
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -19,14 +19,14 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v2.4.0
      - name: Lint Code Base
-        uses: docker://github/super-linter:v3
+        uses: docker://github/super-linter:v4
        env:
-          LINTER_RULES_PATH: .
          VALIDATE_ALL_CODEBASE: true
          DEFAULT_BRANCH: master
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          VALIDATE_MD: true
          VALIDATE_OPENAPI: true
          VALIDATE_YAML: true
+          YAML_CONFIG_FILE: yaml-lint.yml
--- a/.github/workflows/proto-docker.yml
+++ b/.github/workflows/proto-docker.yml
@@ -34,7 +34,7 @@ jobs:
          echo ::set-output name=tags::${TAGS}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1.5.0
+        uses: docker/setup-buildx-action@v1.6.0

      - name: Login to DockerHub
        uses: docker/login-action@v1.10.0
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -2,10 +2,10 @@ name: "Release"

 on:
  push:
-    branches: 
+    branches:
      - "RC[0-9]/**"
    tags:
-      - "v[0-9]+.[0-9]+.[0-9]+" # Push events to matching v*, i.e. v1.0, v20.15.10
+      - "v[0-9]+.[0-9]+.[0-9]+"  # Push events to matching v*, i.e. v1.0, v20.15.10

 jobs:
  goreleaser:
@@ -18,10 +18,7 @@ jobs:

      - uses: actions/setup-go@v2
        with:
-          go-version: '1.16'
-
-      - run: echo https://github.com/tendermint/tendermint/blob/${GITHUB_REF#refs/tags/}/CHANGELOG.md#${GITHUB_REF#refs/tags/} > ../release_notes.md 
-        if: startsWith(github.ref, 'refs/tags/')
+          go-version: '1.17'

      - name: Build
        uses: goreleaser/goreleaser-action@v2
@@ -35,6 +32,6 @@ jobs:
        if: startsWith(github.ref, 'refs/tags/')
        with:
          version: latest
-          args: release --rm-dist --release-notes=../release_notes.md
+          args: release --rm-dist
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -1,106 +1,75 @@
-name: Tests
-# Tests runs different tests (test_abci_apps, test_abci_cli, test_apps)
-# This workflow runs on every push to master or release branch and  every pull requests
-# All jobs will pass without running if no *{.go, .mod, .sum} files have been modified
+name: Test
 on:
  pull_request:
  push:
+    paths:
+      - "**.go"
    branches:
      - master
      - release/**

 jobs:
-  build:
-    name: Build
+  tests:
    runs-on: ubuntu-latest
-    timeout-minutes: 5
+    strategy:
+      fail-fast: false
+      matrix:
+        part: ["00", "01", "02", "03", "04", "05"]
    steps:
      - uses: actions/setup-go@v2
        with:
-          go-version: "1.16"
+          go-version: "1.17"
      - uses: actions/checkout@v2.3.4
      - uses: technote-space/get-diff-action@v5
        with:
          PATTERNS: |
            **/**.go
+            "!test/"
            go.mod
            go.sum
-      - name: install
-        run: make install install_abci
-        if: "env.GIT_DIFF != ''"
-      - uses: actions/cache@v2.1.6
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ runner.os }}-go-
+            Makefile
+      - name: Run Go Tests
+        run: |
+          make test-group-${{ matrix.part }} NUM_SPLIT=6
        if: env.GIT_DIFF
-      # Cache binaries for use by other jobs
-      - uses: actions/cache@v2.1.6
+      - uses: actions/upload-artifact@v2
        with:
-          path: ~/go/bin
-          key: ${{ runner.os }}-${{ github.sha }}-tm-binary
-        if: env.GIT_DIFF
+          name: "${{ github.sha }}-${{ matrix.part }}-coverage"
+          path: ./build/${{ matrix.part }}.profile.out

-  test_abci_cli:
+  upload-coverage-report:
    runs-on: ubuntu-latest
-    needs: build
-    timeout-minutes: 5
+    needs: tests
    steps:
-      - uses: actions/setup-go@v2
-        with:
-          go-version: "1.16"
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v2.4.0
      - uses: technote-space/get-diff-action@v5
        with:
          PATTERNS: |
            **/**.go
+            "!test/"
            go.mod
            go.sum
-      - uses: actions/cache@v2.1.6
+            Makefile
+      - uses: actions/download-artifact@v2
        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ runner.os }}-go-
+          name: "${{ github.sha }}-00-coverage"
        if: env.GIT_DIFF
-      - uses: actions/cache@v2.1.6
+      - uses: actions/download-artifact@v2
        with:
-          path: ~/go/bin
-          key: ${{ runner.os }}-${{ github.sha }}-tm-binary
+          name: "${{ github.sha }}-01-coverage"
        if: env.GIT_DIFF
-      - run: abci/tests/test_cli/test.sh
-        shell: bash
-        if: env.GIT_DIFF
-
-  test_apps:
-    runs-on: ubuntu-latest
-    needs: build
-    timeout-minutes: 5
-    steps:
-      - uses: actions/setup-go@v2
+      - uses: actions/download-artifact@v2
        with:
-          go-version: "1.16"
-      - uses: actions/checkout@v2.3.4
-      - uses: technote-space/get-diff-action@v5
-        with:
-          PATTERNS: |
-            **/**.go
-            go.mod
-            go.sum
-      - uses: actions/cache@v2.1.6
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-            ${{ runner.os }}-go-
+          name: "${{ github.sha }}-02-coverage"
        if: env.GIT_DIFF
-      - uses: actions/cache@v2.1.6
+      - uses: actions/download-artifact@v2
        with:
-          path: ~/go/bin
-          key: ${{ runner.os }}-${{ github.sha }}-tm-binary
+          name: "${{ github.sha }}-03-coverage"
        if: env.GIT_DIFF
-      - name: test_apps
-        run: test/app/test.sh
-        shell: bash
+      - run: |
+          cat ./*profile.out | grep -v "mode: set" >> coverage.txt
+        if: env.GIT_DIFF
+      - uses: codecov/codecov-action@v2.1.0
+        with:
+          file: ./coverage.txt
        if: env.GIT_DIFF
--- a/.gitignore
+++ b/.gitignore
@@ -25,6 +25,7 @@ docs/_build
 docs/dist
 docs/node_modules/
 docs/spec
+docs/.vuepress/public/rpc
 index.html.md
 libs/pubsub/query/fuzz_test/output
 profile\.out
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,54 +1,51 @@
 linters:
  enable:
+    - asciicheck
    - bodyclose
    - deadcode
    - depguard
    - dogsled
    - dupl
    - errcheck
+    - exportloopref
    # - funlen
    # - gochecknoglobals
    # - gochecknoinits
+    # - gocognit
    - goconst
-    - gocritic
+    # - gocritic
    # - gocyclo
    # - godox
    - gofmt
    - goimports
-    - golint
+    - revive
    - gosec
    - gosimple
    - govet
    - ineffassign
    # - interfacer
-    - lll
-    - misspell
+    # - lll
    # - maligned
+    - misspell
    - nakedret
+    - nolintlint
    - prealloc
-    - scopelint
    - staticcheck
    - structcheck
    - stylecheck
-    - typecheck
+    # - typecheck
    - unconvert
    # - unparam
    - unused
    - varcheck
    # - whitespace
    # - wsl
-    # - gocognit
-    - nolintlint
-    - asciicheck

 issues:
  exclude-rules:
    - path: _test\.go
      linters:
        - gosec
-    - linters:
-        - lll
-      source: "https://"
  max-same-issues: 50

 linters-settings:
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -29,8 +29,8 @@ release:

 archives:
  - files:
-    - LICENSE
-    - README.md
-    - UPGRADING.md
-    - SECURITY.md
-    - CHANGELOG.md
+      - LICENSE
+      - README.md
+      - UPGRADING.md
+      - SECURITY.md
+      - CHANGELOG.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,247 @@
 # Changelog

-Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint).
+Friendly reminder: We have a [bug bounty program](https://hackerone.com/cosmos).
+
+## v0.35.2
+
+February 28, 2022
+
+Special thanks to external contributors on this release: @ashcherbakov, @yihuang, @waelsy123
+
+### IMPROVEMENTS
+
+- [consensus] [\#7875](https://github.com/tendermint/tendermint/pull/7875) additional timing metrics. (@williambanfield)
+
+### BUG FIXES
+
+- [abci] [\#7990](https://github.com/tendermint/tendermint/pull/7990) revert buffer limit change. (@williambanfield)
+- [cli] [#7837](https://github.com/tendermint/tendermint/pull/7837) fix app hash in state rollback. (@yihuang)
+- [cli] [\#7869](https://github.com/tendermint/tendermint/pull/7869) Update unsafe-reset-all command to match release v35. (waelsy123)
+- [light] [\#7640](https://github.com/tendermint/tendermint/pull/7640) Light Client: fix absence proof verification (@ashcherbakov)
+- [light] [\#7641](https://github.com/tendermint/tendermint/pull/7641) Light Client: fix querying against the latest height (@ashcherbakov)
+- [mempool] [\#7718](https://github.com/tendermint/tendermint/pull/7718) return duplicate tx errors more consistently. (@tychoish)
+- [rpc] [\#7744](https://github.com/tendermint/tendermint/pull/7744) fix layout of endpoint list. (@creachadair)
+- [statesync] [\#7886](https://github.com/tendermint/tendermint/pull/7886) assert app version matches. (@cmwaters)
+
+## v0.35.1
+
+January 26, 2022
+
+Special thanks to external contributors on this release: @altergui, @odeke-em,
+@thanethomson
+
+### BREAKING CHANGES
+
+- CLI/RPC/Config
+
+  - [config] [\#7276](https://github.com/tendermint/tendermint/pull/7276) rpc: Add experimental config params to allow for subscription buffer size control (@thanethomson).
+
+- P2P Protocol
+
+  - [p2p] [\#7265](https://github.com/tendermint/tendermint/pull/7265) Peer manager reduces peer score for each failed dial attempts for peers that have not successfully dialed. (@tychoish)
+  - [p2p] [\#7594](https://github.com/tendermint/tendermint/pull/7594) always advertise self, to enable mutual address discovery. (@altergui)
+
+### FEATURES
+
+- [rpc] [\#7270](https://github.com/tendermint/tendermint/pull/7270) Add `header` and `header_by_hash` RPC Client queries. (@fedekunze) (@cmwaters)
+
+### IMPROVEMENTS
+
+- [internal/protoio] [\#7325](https://github.com/tendermint/tendermint/pull/7325) Optimized `MarshalDelimited` by inlining the common case and using a `sync.Pool` in the worst case. (@odeke-em)
+- [\#7338](https://github.com/tendermint/tendermint/pull/7338) pubsub: Performance improvements for the event query API (backport of #7319) (@creachadair)
+- [\#7252](https://github.com/tendermint/tendermint/pull/7252) Add basic metrics to the indexer package. (@creachadair)
+- [\#7338](https://github.com/tendermint/tendermint/pull/7338) Performance improvements for the event query API. (@creachadair)
+
+### BUG FIXES
+
+- [\#7310](https://github.com/tendermint/tendermint/issues/7310) pubsub: Report a non-nil error when shutting down (fixes #7306).
+- [\#7355](https://github.com/tendermint/tendermint/pull/7355) Fix incorrect tests using the PSQL sink. (@creachadair)
+- [\#7683](https://github.com/tendermint/tendermint/pull/7683) rpc: check error code for broadcast_tx_commit. (@tychoish)
+
+## v0.35.0
+
+November 4, 2021
+
+Special thanks to external contributors on this release: @JayT106,
+@bipulprasad, @alessio, @Yawning, @silasdavis, @cuonglm, @tanyabouman,
+@JoeKash, @githubsands, @jeebster, @crypto-facs, @liamsi, and @gotjoshua
+
+### FEATURES
+
+- [cli] [#7033](https://github.com/tendermint/tendermint/pull/7033) Add a `rollback` command to rollback to the previous tendermint state in the event of an incorrect app hash. (@cmwaters)
+- [config] [\#7174](https://github.com/tendermint/tendermint/pull/7174) expose ability to write config to arbitrary paths. (@tychoish)
+- [mempool, rpc] [\#7065](https://github.com/tendermint/tendermint/pull/7065) add removetx rpc method (backport of #7047) (@tychoish).
+- [\#6982](https://github.com/tendermint/tendermint/pull/6982) tendermint binary has built-in suppport for running the e2e application (with state sync support) (@cmwaters).
+- [config] Add `--mode` flag and config variable. See [ADR-52](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-052-tendermint-mode.md) @dongsam
+- [rpc] [\#6329](https://github.com/tendermint/tendermint/pull/6329) Don't cap page size in unsafe mode (@gotjoshua, @cmwaters)
+- [pex] [\#6305](https://github.com/tendermint/tendermint/pull/6305) v2 pex reactor with backwards compatability. Introduces two new pex messages to
+  accomodate for the new p2p stack. Removes the notion of seeds and crawling. All peer
+  exchange reactors behave the same. (@cmwaters)
+- [crypto] [\#6376](https://github.com/tendermint/tendermint/pull/6376) Enable sr25519 as a validator key type
+- [mempool] [\#6466](https://github.com/tendermint/tendermint/pull/6466) Introduction of a prioritized mempool. (@alexanderbez)
+  - `Priority` and `Sender` have been introduced into the `ResponseCheckTx` type, where the `priority` will determine the prioritization of
+  the transaction when a proposer reaps transactions for a block proposal. The `sender` field acts as an index.
+  - Operators may toggle between the legacy mempool reactor, `v0`, and the new prioritized reactor, `v1`, by setting the
+  `mempool.version` configuration, where `v1` is the default configuration.
+  - Applications that do not specify a priority, i.e. zero, will have transactions reaped by the order in which they are received by the node.
+  - Transactions are gossiped in FIFO order as they are in `v0`.
+- [config/indexer] [\#6411](https://github.com/tendermint/tendermint/pull/6411) Introduce support for custom event indexing data sources, specifically PostgreSQL. (@JayT106)
+- [blocksync/event] [\#6619](https://github.com/tendermint/tendermint/pull/6619) Emit blocksync status event when switching consensus/blocksync (@JayT106)
+- [statesync/event] [\#6700](https://github.com/tendermint/tendermint/pull/6700) Emit statesync status start/end event (@JayT106)
+- [inspect] [\#6785](https://github.com/tendermint/tendermint/pull/6785) Add a new `inspect` command for introspecting the state and block store of a crashed tendermint node. (@williambanfield)
+
+### BUG FIXES
+
+- [\#7106](https://github.com/tendermint/tendermint/pull/7106) Revert mutex change to ABCI Clients (@tychoish).
+- [\#7142](https://github.com/tendermint/tendermint/pull/7142) mempool: remove panic when recheck-tx was not sent to ABCI application (@williambanfield).
+- [consensus]: [\#7060](https://github.com/tendermint/tendermint/pull/7060)
+  wait until peerUpdates channel is closed to close remaining peers (@williambanfield)
+- [privval] [\#5638](https://github.com/tendermint/tendermint/pull/5638) Increase read/write timeout to 5s and calculate ping interval based on it (@JoeKash)
+- [evidence] [\#6375](https://github.com/tendermint/tendermint/pull/6375) Fix bug with inconsistent LightClientAttackEvidence hashing (cmwaters)
+- [rpc] [\#6507](https://github.com/tendermint/tendermint/pull/6507) Ensure RPC client can handle URLs without ports (@JayT106)
+- [statesync] [\#6463](https://github.com/tendermint/tendermint/pull/6463) Adds Reverse Sync feature to fetch historical light blocks after state sync in order to verify any evidence (@cmwaters)
+- [blocksync] [\#6590](https://github.com/tendermint/tendermint/pull/6590) Update the metrics during blocksync (@JayT106)
+
+### BREAKING CHANGES
+
+- Go API
+
+  - [crypto/armor]: [\#6963](https://github.com/tendermint/tendermint/pull/6963) remove package which is unused, and based on
+    deprecated fundamentals. Downstream users should maintain this
+    library. (@tychoish)
+  - [state] [store] [proxy] [rpc/core]: [\#6937](https://github.com/tendermint/tendermint/pull/6937) move packages to
+    `internal` to prevent consumption of these internal APIs by
+    external users. (@tychoish)
+  - [pubsub] [\#6634](https://github.com/tendermint/tendermint/pull/6634) The `Query#Matches` method along with other pubsub methods, now accepts a `[]abci.Event` instead of `map[string][]string`. (@alexanderbez)
+  - [p2p] [\#6618](https://github.com/tendermint/tendermint/pull/6618) [\#6583](https://github.com/tendermint/tendermint/pull/6583) Move `p2p.NodeInfo`, `p2p.NodeID` and `p2p.NetAddress` into `types` to support use in external packages. (@tychoish)
+  - [node] [\#6540](https://github.com/tendermint/tendermint/pull/6540) Reduce surface area of the `node` package by making most of the implementation details private. (@tychoish)
+  - [p2p] [\#6547](https://github.com/tendermint/tendermint/pull/6547) Move the entire `p2p` package and all reactor implementations into `internal`.  (@tychoish)
+  - [libs/log] [\#6534](https://github.com/tendermint/tendermint/pull/6534) Remove the existing custom Tendermint logger backed by go-kit. The logging interface, `Logger`, remains. Tendermint still provides a default logger backed by the performant zerolog logger. (@alexanderbez)
+  - [libs/time] [\#6495](https://github.com/tendermint/tendermint/pull/6495) Move types/time to libs/time to improve consistency. (@tychoish)
+  - [mempool] [\#6529](https://github.com/tendermint/tendermint/pull/6529) The `Context` field has been removed from the `TxInfo` type. `CheckTx` now requires a `Context` argument. (@alexanderbez)
+  - [abci/client, proxy] [\#5673](https://github.com/tendermint/tendermint/pull/5673) `Async` funcs return an error, `Sync` and `Async` funcs accept `context.Context` (@melekes)
+  - [p2p] Remove unused function `MakePoWTarget`. (@erikgrinaker)
+  - [libs/bits] [\#5720](https://github.com/tendermint/tendermint/pull/5720) Validate `BitArray` in `FromProto`, which now returns an error (@melekes)
+  - [proto/p2p] Rename `DefaultNodeInfo` and `DefaultNodeInfoOther` to `NodeInfo` and `NodeInfoOther` (@erikgrinaker)
+  - [proto/p2p] Rename `NodeInfo.default_node_id` to `node_id` (@erikgrinaker)
+  - [libs/os] Kill() and {Must,}{Read,Write}File() functions have been removed. (@alessio)
+  - [store] [\#5848](https://github.com/tendermint/tendermint/pull/5848) Remove block store state in favor of using the db iterators directly (@cmwaters)
+  - [state] [\#5864](https://github.com/tendermint/tendermint/pull/5864) Use an iterator when pruning state (@cmwaters)
+  - [types] [\#6023](https://github.com/tendermint/tendermint/pull/6023) Remove `tm2pb.Header`, `tm2pb.BlockID`, `tm2pb.PartSetHeader` and `tm2pb.NewValidatorUpdate`.
+	- Each of the above types has a `ToProto` and `FromProto` method or function which replaced this logic.
+  - [light] [\#6054](https://github.com/tendermint/tendermint/pull/6054) Move `MaxRetryAttempt` option from client to provider.
+	- `NewWithOptions` now sets the max retry attempts and timeouts (@cmwaters)
+  - [all] [\#6077](https://github.com/tendermint/tendermint/pull/6077) Change spelling from British English to American (@cmwaters)
+	- Rename "Subscription.Cancelled()" to "Subscription.Canceled()" in libs/pubsub
+	- Rename "behaviour" pkg to "behavior" and internalized it in blocksync v2
+  - [rpc/client/http] [\#6176](https://github.com/tendermint/tendermint/pull/6176) Remove `endpoint` arg from `New`, `NewWithTimeout` and `NewWithClient` (@melekes)
+  - [rpc/client/http] [\#6176](https://github.com/tendermint/tendermint/pull/6176) Unexpose `WSEvents` (@melekes)
+  - [rpc/jsonrpc/client/ws_client] [\#6176](https://github.com/tendermint/tendermint/pull/6176) `NewWS` no longer accepts options (use `NewWSWithOptions` and `OnReconnect` funcs to configure the client) (@melekes)
+  - [internal/libs] [\#6366](https://github.com/tendermint/tendermint/pull/6366) Move `autofile`, `clist`,`fail`,`flowrate`, `protoio`, `sync`, `tempfile`, `test` and `timer` lib packages to an internal folder
+  - [libs/rand] [\#6364](https://github.com/tendermint/tendermint/pull/6364) Remove most of libs/rand in favour of standard lib's `math/rand` (@liamsi)
+  - [mempool] [\#6466](https://github.com/tendermint/tendermint/pull/6466) The original mempool reactor has been versioned as `v0` and moved to a sub-package under the root `mempool` package.
+	Some core types have been kept in the `mempool` package such as `TxCache` and it's implementations, the `Mempool` interface itself
+	and `TxInfo`. (@alexanderbez)
+  - [crypto/sr25519] [\#6526](https://github.com/tendermint/tendermint/pull/6526) Do not re-execute the Ed25519-style key derivation step when doing signing and verification.  The derivation is now done once and only once.  This breaks `sr25519.GenPrivKeyFromSecret` output compatibility. (@Yawning)
+  - [types] [\#6627](https://github.com/tendermint/tendermint/pull/6627) Move `NodeKey` to types to make the type public.
+  - [config] [\#6627](https://github.com/tendermint/tendermint/pull/6627) Extend `config` to contain methods `LoadNodeKeyID` and `LoadorGenNodeKeyID`
+  - [blocksync] [\#6755](https://github.com/tendermint/tendermint/pull/6755) Rename `FastSync` and `Blockchain` package to `BlockSync` (@cmwaters)
+
+- CLI/RPC/Config
+
+  - [pubsub/events] [\#6634](https://github.com/tendermint/tendermint/pull/6634) The `ResultEvent.Events` field is now of type `[]abci.Event` preserving event order instead of `map[string][]string`. (@alexanderbez)
+  - [config] [\#5598](https://github.com/tendermint/tendermint/pull/5598) The `test_fuzz` and `test_fuzz_config` P2P settings have been removed. (@erikgrinaker)
+  - [config] [\#5728](https://github.com/tendermint/tendermint/pull/5728) `fastsync.version = "v1"` is no longer supported (@melekes)
+  - [cli] [\#5772](https://github.com/tendermint/tendermint/pull/5772) `gen_node_key` prints JSON-encoded `NodeKey` rather than ID and does not save it to `node_key.json` (@melekes)
+  - [cli] [\#5777](https://github.com/tendermint/tendermint/pull/5777) use hyphen-case instead of snake_case for all cli commands and config parameters (@cmwaters)
+  - [rpc] [\#6019](https://github.com/tendermint/tendermint/pull/6019) standardise RPC errors and return the correct status code (@bipulprasad & @cmwaters)
+  - [rpc] [\#6168](https://github.com/tendermint/tendermint/pull/6168) Change default sorting to desc for `/tx_search` results (@melekes)
+  - [cli] [\#6282](https://github.com/tendermint/tendermint/pull/6282) User must specify the node mode when using `tendermint init` (@cmwaters)
+  - [state/indexer] [\#6382](https://github.com/tendermint/tendermint/pull/6382) reconstruct indexer, move txindex into the indexer package (@JayT106)
+  - [cli] [\#6372](https://github.com/tendermint/tendermint/pull/6372) Introduce `BootstrapPeers` as part of the new p2p stack. Peers to be connected on  startup (@cmwaters)
+  - [config] [\#6462](https://github.com/tendermint/tendermint/pull/6462) Move `PrivValidator` configuration out of `BaseConfig` into its own section. (@tychoish)
+  - [rpc] [\#6610](https://github.com/tendermint/tendermint/pull/6610) Add MaxPeerBlockHeight into /status rpc call (@JayT106)
+  - [blocksync/rpc] [\#6620](https://github.com/tendermint/tendermint/pull/6620) Add TotalSyncedTime & RemainingTime to SyncInfo in /status RPC  (@JayT106)
+  - [rpc/grpc] [\#6725](https://github.com/tendermint/tendermint/pull/6725) Mark gRPC in the RPC layer as deprecated.
+  - [blocksync/v2] [\#6730](https://github.com/tendermint/tendermint/pull/6730) Fast Sync v2 is deprecated, please use v0
+  - [rpc] Add genesis_chunked method to support paginated and parallel fetching of large genesis documents.
+  - [rpc/jsonrpc/server] [\#6785](https://github.com/tendermint/tendermint/pull/6785) `Listen` function updated to take an `int` argument, `maxOpenConnections`, instead of an entire config object. (@williambanfield)
+  - [rpc] [\#6820](https://github.com/tendermint/tendermint/pull/6820) Update RPC methods to reflect changes in the p2p layer, disabling support for `UnsafeDialPeers` and `UnsafeDialPeers` when used with the new p2p layer, and changing the response format of the peer list in `NetInfo` for all users.
+  - [cli] [\#6854](https://github.com/tendermint/tendermint/pull/6854) Remove deprecated snake case commands. (@tychoish)
+  - [tools] [\#6498](https://github.com/tendermint/tendermint/pull/6498) Set OS home dir to instead of the hardcoded PATH. (@JayT106)
+  - [cli/indexer] [\#6676](https://github.com/tendermint/tendermint/pull/6676) Reindex events command line tooling. (@JayT106)
+
+- Apps
+
+  - [ABCI] [\#6408](https://github.com/tendermint/tendermint/pull/6408) Change the `key` and `value` fields from `[]byte` to `string` in the `EventAttribute` type. (@alexanderbez)
+  - [ABCI] [\#5447](https://github.com/tendermint/tendermint/pull/5447) Remove `SetOption` method from `ABCI.Client` interface
+  - [ABCI] [\#5447](https://github.com/tendermint/tendermint/pull/5447) Reset `Oneof` indexes for  `Request` and `Response`.
+  - [ABCI] [\#5818](https://github.com/tendermint/tendermint/pull/5818) Use protoio for msg length delimitation. Migrates from int64 to uint64 length delimiters.
+  - [ABCI] [\#3546](https://github.com/tendermint/tendermint/pull/3546) Add `mempool_error` field to `ResponseCheckTx`. This field will contain an error string if Tendermint encountered an error while adding a transaction to the mempool. (@williambanfield)
+  - [Version] [\#6494](https://github.com/tendermint/tendermint/pull/6494) `TMCoreSemVer` has been renamed to `TMVersion`.
+	- It is not required any longer to set ldflags to set version strings
+  - [abci/counter] [\#6684](https://github.com/tendermint/tendermint/pull/6684) Delete counter example app
+
+- Data Storage
+  - [store/state/evidence/light] [\#5771](https://github.com/tendermint/tendermint/pull/5771) Use an order-preserving varint key encoding (@cmwaters)
+  - [mempool] [\#6396](https://github.com/tendermint/tendermint/pull/6396) Remove mempool's write ahead log (WAL), (previously unused by the tendermint code). (@tychoish)
+  - [state] [\#6541](https://github.com/tendermint/tendermint/pull/6541) Move pruneBlocks from consensus/state to state/execution. (@JayT106)
+
+### IMPROVEMENTS
+
+- [libs/log] Console log formatting changes as a result of [\#6534](https://github.com/tendermint/tendermint/pull/6534) and [\#6589](https://github.com/tendermint/tendermint/pull/6589). (@tychoish)
+- [statesync] [\#6566](https://github.com/tendermint/tendermint/pull/6566) Allow state sync fetchers and request timeout to be configurable. (@alexanderbez)
+- [types] [\#6478](https://github.com/tendermint/tendermint/pull/6478) Add `block_id` to `newblock` event (@jeebster)
+- [crypto/ed25519] [\#5632](https://github.com/tendermint/tendermint/pull/5632) Adopt zip215 `ed25519` verification. (@marbar3778)
+- [crypto/ed25519] [\#6526](https://github.com/tendermint/tendermint/pull/6526) Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `ed25519` signing and verification. (@Yawning)
+- [crypto/sr25519] [\#6526](https://github.com/tendermint/tendermint/pull/6526) Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `sr25519` signing and verification. (@Yawning)
+- [privval] [\#5603](https://github.com/tendermint/tendermint/pull/5603) Add `--key` to `init`, `gen_validator`, `testnet` & `unsafe_reset_priv_validator` for use in generating `secp256k1` keys.
+- [privval] [\#5725](https://github.com/tendermint/tendermint/pull/5725) Add gRPC support to private validator.
+- [privval] [\#5876](https://github.com/tendermint/tendermint/pull/5876) `tendermint show-validator` will query the remote signer if gRPC is being used (@marbar3778)
+- [abci/client] [\#5673](https://github.com/tendermint/tendermint/pull/5673) `Async` requests return an error if queue is full (@melekes)
+- [mempool] [\#5673](https://github.com/tendermint/tendermint/pull/5673) Cancel `CheckTx` requests if RPC client disconnects or times out (@melekes)
+- [abci] [\#5706](https://github.com/tendermint/tendermint/pull/5706) Added `AbciVersion` to `RequestInfo` allowing applications to check ABCI version when connecting to Tendermint. (@marbar3778)
+- [blocksync/v1] [\#5728](https://github.com/tendermint/tendermint/pull/5728) Remove blocksync v1 (@melekes)
+- [blocksync/v0] [\#5741](https://github.com/tendermint/tendermint/pull/5741) Relax termination conditions and increase sync timeout (@melekes)
+- [cli] [\#5772](https://github.com/tendermint/tendermint/pull/5772) `gen_node_key` output now contains node ID (`id` field) (@melekes)
+- [blocksync/v2] [\#5774](https://github.com/tendermint/tendermint/pull/5774) Send status request when new peer joins (@melekes)
+- [store] [\#5888](https://github.com/tendermint/tendermint/pull/5888) store.SaveBlock saves using batches instead of transactions for now to improve ACID properties. This is a quick fix for underlying issues around tm-db and ACID guarantees. (@githubsands)
+- [consensus] [\#5987](https://github.com/tendermint/tendermint/pull/5987) and [\#5792](https://github.com/tendermint/tendermint/pull/5792) Remove the `time_iota_ms` consensus parameter. Merge `tmproto.ConsensusParams` and `abci.ConsensusParams`. (@marbar3778, @valardragon)
+- [types] [\#5994](https://github.com/tendermint/tendermint/pull/5994) Reduce the use of protobuf types in core logic. (@marbar3778)
+  - `ConsensusParams`, `BlockParams`, `ValidatorParams`, `EvidenceParams`, `VersionParams`, `sm.Version` and `version.Consensus` have become native types. They still utilize protobuf when being sent over the wire or written to disk.
+- [rpc/client/http] [\#6163](https://github.com/tendermint/tendermint/pull/6163) Do not drop events even if the `out` channel is full (@melekes)
+- [node] [\#6059](https://github.com/tendermint/tendermint/pull/6059) Validate and complete genesis doc before saving to state store (@silasdavis)
+- [state] [\#6067](https://github.com/tendermint/tendermint/pull/6067) Batch save state data (@githubsands & @cmwaters)
+- [crypto] [\#6120](https://github.com/tendermint/tendermint/pull/6120) Implement batch verification interface for ed25519 and sr25519. (@marbar3778)
+- [types] [\#6120](https://github.com/tendermint/tendermint/pull/6120) use batch verification for verifying commits signatures.
+  - If the key type supports the batch verification API it will try to batch verify. If the verification fails we will single verify each signature.
+- [privval/file] [\#6185](https://github.com/tendermint/tendermint/pull/6185) Return error on `LoadFilePV`, `LoadFilePVEmptyState`. Allows for better programmatic control of Tendermint.
+- [privval] [\#6240](https://github.com/tendermint/tendermint/pull/6240) Add `context.Context` to privval interface.
+- [rpc] [\#6265](https://github.com/tendermint/tendermint/pull/6265) set cache control in http-rpc response header (@JayT106)
+- [statesync] [\#6378](https://github.com/tendermint/tendermint/pull/6378) Retry requests for snapshots and add a minimum discovery time (5s) for new snapshots.
+- [node/state] [\#6370](https://github.com/tendermint/tendermint/pull/6370) graceful shutdown in the consensus reactor (@JayT106)
+- [crypto/merkle] [\#6443](https://github.com/tendermint/tendermint/pull/6443) Improve HashAlternatives performance (@cuonglm)
+- [crypto/merkle] [\#6513](https://github.com/tendermint/tendermint/pull/6513) Optimize HashAlternatives (@marbar3778)
+- [p2p/pex] [\#6509](https://github.com/tendermint/tendermint/pull/6509) Improve addrBook.hash performance (@cuonglm)
+- [consensus/metrics] [\#6549](https://github.com/tendermint/tendermint/pull/6549) Change block_size gauge to a histogram for better observability over time (@marbar3778)
+- [statesync] [\#6587](https://github.com/tendermint/tendermint/pull/6587) Increase chunk priority and re-request chunks that don't arrive (@cmwaters)
+- [state/privval] [\#6578](https://github.com/tendermint/tendermint/pull/6578) No GetPubKey retry beyond the proposal/voting window (@JayT106)
+- [rpc] [\#6615](https://github.com/tendermint/tendermint/pull/6615) Add TotalGasUsed to block_results response (@crypto-facs)
+- [cmd/tendermint/commands] [\#6623](https://github.com/tendermint/tendermint/pull/6623) replace `$HOME/.some/test/dir` with `t.TempDir` (@tanyabouman)
+- [statesync] \6807 Implement P2P state provider as an alternative to RPC (@cmwaters)
+
+## v0.34.13
+
+*September 6, 2021*
+
+This release backports improvements to state synchronization and ABCI
+performance under concurrent load, and the PostgreSQL event indexer.
+
+### IMPROVEMENTS
+
+- [statesync] [\#6881](https://github.com/tendermint/tendermint/issues/6881) improvements to stateprovider logic (@cmwaters)
+- [ABCI] [\#6873](https://github.com/tendermint/tendermint/issues/6873) change client to use multi-reader mutexes (@tychoish)
+- [indexing] [\#6906](https://github.com/tendermint/tendermint/issues/6906) enable the PostgreSQL indexer sink (@creachadair)

 ## v0.34.12

--- a/CHANGELOG_PENDING.md
+++ b/CHANGELOG_PENDING.md
@@ -1,161 +1,27 @@
 # Unreleased Changes

-## vX.X
+Friendly reminder: We have a [bug bounty program](https://hackerone.com/cosmos).
+
+## v0.35.3
+
+Month, DD, YYYY

 Special thanks to external contributors on this release:

-Friendly reminder: We have a [bug bounty program](https://hackerone.com/tendermint).
-
 ### BREAKING CHANGES

 - CLI/RPC/Config
-  - [pubsub/events] \#6634 The `ResultEvent.Events` field is now of type `[]abci.Event` preserving event order instead of `map[string][]string`. (@alexanderbez)
-  - [config] \#5598 The `test_fuzz` and `test_fuzz_config` P2P settings have been removed. (@erikgrinaker)
-  - [config] \#5728 `fast_sync = "v1"` is no longer supported (@melekes)
-  - [cli] \#5772 `gen_node_key` prints JSON-encoded `NodeKey` rather than ID and does not save it to `node_key.json` (@melekes)
-  - [cli] \#5777 use hyphen-case instead of snake_case for all cli commands and config parameters (@cmwaters)
-  - [rpc] \#6019 standardise RPC errors and return the correct status code (@bipulprasad & @cmwaters)
-  - [rpc] \#6168 Change default sorting to desc for `/tx_search` results (@melekes)
-  - [cli] \#6282 User must specify the node mode when using `tendermint init` (@cmwaters)
-  - [state/indexer] \#6382 reconstruct indexer, move txindex into the indexer package (@JayT106)
-  - [cli] \#6372 Introduce `BootstrapPeers` as part of the new p2p stack. Peers to be connected on  startup (@cmwaters)
-  - [config] \#6462 Move `PrivValidator` configuration out of `BaseConfig` into its own section. (@tychoish)
-  - [rpc] \#6610 Add MaxPeerBlockHeight into /status rpc call (@JayT106)
-  - [fastsync/rpc] \#6620 Add TotalSyncedTime & RemainingTime to SyncInfo in /status RPC  (@JayT106)
-  - [rpc/grpc] \#6725 Mark gRPC in the RPC layer as deprecated.
-  - [blockchain/v2] \#6730 Fast Sync v2 is deprecated, please use v0
-  - [rpc] \#6820 Update RPC methods to reflect changes in the p2p layer, disabling support for `UnsafeDialPeers` and `UnsafeDialPeers` when used with the new p2p layer, and changing the response format of the peer list in `NetInfo` for all users.

 - Apps
-  - [ABCI] \#6408 Change the `key` and `value` fields from `[]byte` to `string` in the `EventAttribute` type. (@alexanderbez)
-  - [ABCI] \#5447 Remove `SetOption` method from `ABCI.Client` interface
-  - [ABCI] \#5447 Reset `Oneof` indexes for  `Request` and `Response`.
-  - [ABCI] \#5818 Use protoio for msg length delimitation. Migrates from int64 to uint64 length delimiters.
-  - [ABCI] \#3546 Add `mempool_error` field to `ResponseCheckTx`. This field will contain an error string if Tendermint encountered an error while adding a transaction to the mempool. (@williambanfield)
-  - [Version] \#6494 `TMCoreSemVer` has been renamed to `TMVersion`.
-	- It is not required any longer to set ldflags to set version strings
-  - [abci/counter] \#6684 Delete counter example app

 - P2P Protocol

 - Go API
-  - [pubsub] \#6634 The `Query#Matches` method along with other pubsub methods, now accepts a `[]abci.Event` instead of `map[string][]string`. (@alexanderbez)
-  - [p2p] \#6618 Move `p2p.NodeInfo` into `types` to support use of the SDK. (@tychoish)
-  - [p2p] \#6583 Make `p2p.NodeID` and `p2p.NetAddress` exported types to support their use in the RPC layer. (@tychoish)
-  - [node] \#6540 Reduce surface area of the `node` package by making most of the implementation details private. (@tychoish)
-  - [p2p] \#6547 Move the entire `p2p` package and all reactor implementations into `internal`.  (@tychoish)
-  - [libs/log] \#6534 Remove the existing custom Tendermint logger backed by go-kit. The logging interface, `Logger`, remains. Tendermint still provides a default logger backed by the performant zerolog logger. (@alexanderbez)
-  - [libs/time] \#6495 Move types/time to libs/time to improve consistency. (@tychoish)
-  - [mempool] \#6529 The `Context` field has been removed from the `TxInfo` type. `CheckTx` now requires a `Context` argument. (@alexanderbez)
-  - [abci/client, proxy] \#5673 `Async` funcs return an error, `Sync` and `Async` funcs accept `context.Context` (@melekes)
-  - [p2p] Remove unused function `MakePoWTarget`. (@erikgrinaker)
-  - [libs/bits] \#5720 Validate `BitArray` in `FromProto`, which now returns an error (@melekes)
-  - [proto/p2p] Rename `DefaultNodeInfo` and `DefaultNodeInfoOther` to `NodeInfo` and `NodeInfoOther` (@erikgrinaker)
-  - [proto/p2p] Rename `NodeInfo.default_node_id` to `node_id` (@erikgrinaker)
-  - [libs/os] Kill() and {Must,}{Read,Write}File() functions have been removed. (@alessio)
-  - [store] \#5848 Remove block store state in favor of using the db iterators directly (@cmwaters)
-  - [state] \#5864 Use an iterator when pruning state (@cmwaters)
-  - [types] \#6023 Remove `tm2pb.Header`, `tm2pb.BlockID`, `tm2pb.PartSetHeader` and `tm2pb.NewValidatorUpdate`.
-	- Each of the above types has a `ToProto` and `FromProto` method or function which replaced this logic.
-  - [light] \#6054 Move `MaxRetryAttempt` option from client to provider.
-	- `NewWithOptions` now sets the max retry attempts and timeouts (@cmwaters)
-  - [all] \#6077 Change spelling from British English to American (@cmwaters)
-	- Rename "Subscription.Cancelled()" to "Subscription.Canceled()" in libs/pubsub
-	- Rename "behaviour" pkg to "behavior" and internalized it in blockchain v2
-  - [rpc/client/http] \#6176 Remove `endpoint` arg from `New`, `NewWithTimeout` and `NewWithClient` (@melekes)
-  - [rpc/client/http] \#6176 Unexpose `WSEvents` (@melekes)
-  - [rpc/jsonrpc/client/ws_client] \#6176 `NewWS` no longer accepts options (use `NewWSWithOptions` and `OnReconnect` funcs to configure the client) (@melekes)
-  - [internal/libs] \#6366 Move `autofile`, `clist`,`fail`,`flowrate`, `protoio`, `sync`, `tempfile`, `test` and `timer` lib packages to an internal folder
-  - [libs/rand] \#6364 Remove most of libs/rand in favour of standard lib's `math/rand` (@liamsi)
-  - [mempool] \#6466 The original mempool reactor has been versioned as `v0` and moved to a sub-package under the root `mempool` package.
-	Some core types have been kept in the `mempool` package such as `TxCache` and it's implementations, the `Mempool` interface itself
-	and `TxInfo`. (@alexanderbez)
-  - [crypto/sr25519] \#6526 Do not re-execute the Ed25519-style key derivation step when doing signing and verification.  The derivation is now done once and only once.  This breaks `sr25519.GenPrivKeyFromSecret` output compatibility. (@Yawning)
-  - [types] \#6627 Move `NodeKey` to types to make the type public.
-  - [config] \#6627 Extend `config` to contain methods `LoadNodeKeyID` and `LoadorGenNodeKeyID`
-  - [blocksync] \#6755 Rename `FastSync` and `Blockchain` package to `BlockSync`
-	(@cmwaters)

 - Blockchain Protocol

- Data Storage
-  - [store/state/evidence/light] \#5771 Use an order-preserving varint key encoding (@cmwaters)
-  - [mempool] \#6396 Remove mempool's write ahead log (WAL), (previously unused by the tendermint code). (@tychoish)
-  - [state] \#6541 Move pruneBlocks from consensus/state to state/execution. (@JayT106)
-
- Tooling
-  - [tools] \#6498 Set OS home dir to instead of the hardcoded PATH. (@JayT106)
-  - [cli/indexer] \#6676 Reindex events command line tooling. (@JayT106)
-
 ### FEATURES

- [config] Add `--mode` flag and config variable. See [ADR-52](https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-052-tendermint-mode.md) @dongsam
- [rpc] \#6329 Don't cap page size in unsafe mode (@gotjoshua, @cmwaters)
- [pex] \#6305 v2 pex reactor with backwards compatability. Introduces two new pex messages to
-  accomodate for the new p2p stack. Removes the notion of seeds and crawling. All peer
-  exchange reactors behave the same. (@cmwaters)
- [crypto] \#6376 Enable sr25519 as a validator key
- [mempool] \#6466 Introduction of a prioritized mempool. (@alexanderbez)
-  - `Priority` and `Sender` have been introduced into the `ResponseCheckTx` type, where the `priority` will determine the prioritization of
-  the transaction when a proposer reaps transactions for a block proposal. The `sender` field acts as an index.
-  - Operators may toggle between the legacy mempool reactor, `v0`, and the new prioritized reactor, `v1`, by setting the
-  `mempool.version` configuration, where `v1` is the default configuration.
-  - Applications that do not specify a priority, i.e. zero, will have transactions reaped by the order in which they are received by the node.
-  - Transactions are gossiped in FIFO order as they are in `v0`.
- [config/indexer] \#6411 Introduce support for custom event indexing data sources, specifically PostgreSQL. (@JayT106)
- [fastsync/event] \#6619 Emit fastsync status event when switching consensus/fastsync (@JayT106)
- [statesync/event] \#6700 Emit statesync status start/end event (@JayT106)
-
 ### IMPROVEMENTS

- [libs/log] Console log formatting changes as a result of \#6534 and \#6589. (@tychoish)
- [statesync] \#6566 Allow state sync fetchers and request timeout to be configurable. (@alexanderbez)
- [types] \#6478 Add `block_id` to `newblock` event (@jeebster)
- [crypto/ed25519] \#5632 Adopt zip215 `ed25519` verification. (@marbar3778)
- [crypto/ed25519] \#6526 Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `ed25519` signing and verification. (@Yawning)
- [crypto/sr25519] \#6526 Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `sr25519` signing and verification. (@Yawning)
- [privval] \#5603 Add `--key` to `init`, `gen_validator`, `testnet` & `unsafe_reset_priv_validator` for use in generating `secp256k1` keys.
- [privval] \#5725 Add gRPC support to private validator.
- [privval] \#5876 `tendermint show-validator` will query the remote signer if gRPC is being used (@marbar3778)
- [abci/client] \#5673 `Async` requests return an error if queue is full (@melekes)
- [mempool] \#5673 Cancel `CheckTx` requests if RPC client disconnects or times out (@melekes)
- [abci] \#5706 Added `AbciVersion` to `RequestInfo` allowing applications to check ABCI version when connecting to Tendermint. (@marbar3778)
- [blockchain/v1] \#5728 Remove in favor of v2 (@melekes)
- [blockchain/v0] \#5741 Relax termination conditions and increase sync timeout (@melekes)
- [cli] \#5772 `gen_node_key` output now contains node ID (`id` field) (@melekes)
- [blockchain/v2] \#5774 Send status request when new peer joins (@melekes)
- [consensus] \#5792 Deprecates the `time_iota_ms` consensus parameter, to reduce the bug surface. The parameter is no longer used. (@valardragon)
- [store] \#5888 store.SaveBlock saves using batches instead of transactions for now to improve ACID properties. This is a quick fix for underlying issues around tm-db and ACID guarantees. (@githubsands)
- [consensus] \#5987 Remove `time_iota_ms` from consensus params. Merge `tmproto.ConsensusParams` and `abci.ConsensusParams`. (@marbar3778)
- [types] \#5994 Reduce the use of protobuf types in core logic. (@marbar3778)
-  - `ConsensusParams`, `BlockParams`, `ValidatorParams`, `EvidenceParams`, `VersionParams`, `sm.Version` and `version.Consensus` have become native types. They still utilize protobuf when being sent over the wire or written to disk.
- [rpc/client/http] \#6163 Do not drop events even if the `out` channel is full (@melekes)
- [node] \#6059 Validate and complete genesis doc before saving to state store (@silasdavis)
- [state] \#6067 Batch save state data (@githubsands & @cmwaters)
- [crypto] \#6120 Implement batch verification interface for ed25519 and sr25519. (@marbar3778)
- [types] \#6120 use batch verification for verifying commits signatures.
-  - If the key type supports the batch verification API it will try to batch verify. If the verification fails we will single verify each signature.
- [privval/file] \#6185 Return error on `LoadFilePV`, `LoadFilePVEmptyState`. Allows for better programmatic control of Tendermint.
- [privval] \#6240 Add `context.Context` to privval interface.
- [rpc] \#6265 set cache control in http-rpc response header (@JayT106)
- [statesync] \#6378 Retry requests for snapshots and add a minimum discovery time (5s) for new snapshots.
- [node/state] \#6370 graceful shutdown in the consensus reactor (@JayT106)
- [crypto/merkle] \#6443 Improve HashAlternatives performance (@cuonglm)
- [crypto/merkle] \#6513 Optimize HashAlternatives (@marbar3778)
- [p2p/pex] \#6509 Improve addrBook.hash performance (@cuonglm)
- [consensus/metrics] \#6549 Change block_size gauge to a histogram for better observability over time (@marbar3778)
- [statesync] \#6587 Increase chunk priority and re-request chunks that don't arrive (@cmwaters)
- [state/privval] \#6578 No GetPubKey retry beyond the proposal/voting window (@JayT106)
- [rpc] \#6615 Add TotalGasUsed to block_results response (@crypto-facs)
- [cmd/tendermint/commands] \#6623 replace `$HOME/.some/test/dir` with `t.TempDir` (@tanyabouman)
-
 ### BUG FIXES
-
- [privval] \#5638 Increase read/write timeout to 5s and calculate ping interval based on it (@JoeKash)
- [blockchain/v1] [\#5701](https://github.com/tendermint/tendermint/pull/5701) Handle peers without blocks (@melekes)
- [blockchain/v1] \#5711 Fix deadlock (@melekes)
- [evidence] \#6375 Fix bug with inconsistent LightClientAttackEvidence hashing (cmwaters)
- [rpc] \#6507 Ensure RPC client can handle URLs without ports (@JayT106)
- [statesync] \#6463 Adds Reverse Sync feature to fetch historical light blocks after state sync in order to verify any evidence (@cmwaters)
- [fastsync] \#6590 Update the metrics during fast-sync (@JayT106)
- [gitignore] \#6668 Fix gitignore of abci-cli (@tanyabouman)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -249,6 +249,7 @@ The author of the original pull request is responsible for solving the conflicts
 merging the pull request.

 #### Creating a backport branch
+
 If this is the first release candidate for a major release, you get to have the honor of creating
 the backport branch!

@@ -328,13 +329,20 @@ If there were no release candidates, begin by creating a backport branch, as des
   - Bump TMVersionDefault version in  `version.go`
   - Bump P2P and block protocol versions in  `version.go`, if necessary
   - Bump ABCI protocol version in `version.go`, if necessary
-   - Add any release notes you would like to be added to the body of the release to `release_notes.md`.
 4. Open a PR with these changes against the backport branch.
 5. Once these changes are on the backport branch, push a tag with prepared release details.
   This will trigger the actual release `v0.35.0`.
   - `git tag -a v0.35.0 -m 'Release v0.35.0'`
   - `git push origin v0.35.0`
 7. Make sure that `master` is updated with the latest `CHANGELOG.md`, `CHANGELOG_PENDING.md`, and `UPGRADING.md`.
+8. Add the release to the documentation site generator config (see
+   [DOCS_README.md](./docs/DOCS_README.md) for more details). In summary:
+   - Start on branch `master`.
+   - Add a new line at the bottom of [`docs/versions`](./docs/versions) to
+     ensure the newest release is the default for the landing page.
+   - Add a new entry to `themeConfig.versions` in
+     [`docs/.vuepress/config.js`](./docs/.vuepress/config.js) to include the
+	 release in the dropdown versions menu.

 #### Minor release (point releases)

@@ -355,7 +363,6 @@ To create a minor release:
   - Bump the ABCI version number, if necessary.
     (Note that ABCI follows semver, and that ABCI versions are the only versions
     which can change during minor releases, and only field additions are valid minor changes.)
-   - Add any release notes you would like to be added to the body of the release to `release_notes.md`.
 4. Open a PR with these changes that will land them back on `v0.35.x`
 5. Once this change has landed on the backport branch, make sure to pull it locally, then push a tag.
   - `git tag -a v0.35.1 -m 'Release v0.35.1'`
--- a/61
+++ b/61
@@ -1,6 +1,5 @@
 #!/usr/bin/make -f

-PACKAGES=$(shell go list ./...)
 BUILDDIR ?= $(CURDIR)/build

 BUILD_TAGS?=tendermint
@@ -15,7 +14,9 @@ endif
 LD_FLAGS = -X github.com/tendermint/tendermint/version.TMVersion=$(VERSION)
 BUILD_FLAGS = -mod=readonly -ldflags "$(LD_FLAGS)"
 HTTPS_GIT := https://github.com/tendermint/tendermint.git
-DOCKER_BUF := docker run -v $(shell pwd):/workspace --workdir /workspace bufbuild/buf
+BUILD_IMAGE := ghcr.io/tendermint/docker-build-proto
+BASE_BRANCH := v0.35.x
+DOCKER_PROTO := docker run -v $(shell pwd):/workspace --workdir /workspace $(BUILD_IMAGE)
 CGO_ENABLED ?= 0

 # handle nostrip
@@ -83,26 +84,28 @@ proto-all: proto-gen proto-lint proto-check-breaking
 .PHONY: proto-all

 proto-gen:
-	@docker pull -q tendermintdev/docker-build-proto
-	@echo "Generating Protobuf files"
-	@docker run -v $(shell pwd):/workspace --workdir /workspace tendermintdev/docker-build-proto sh ./scripts/protocgen.sh
+	@echo "Generating Go packages for .proto files"
+	@$(DOCKER_PROTO) sh ./scripts/protocgen.sh
 .PHONY: proto-gen

 proto-lint:
-	@$(DOCKER_BUF) check lint --error-format=json
+	@echo "Running lint checks for .proto files"
+	@$(DOCKER_PROTO) buf lint --error-format=json
 .PHONY: proto-lint

 proto-format:
-	@echo "Formatting Protobuf files"
-	docker run -v $(shell pwd):/workspace --workdir /workspace tendermintdev/docker-build-proto find ./ -not -path "./third_party/*" -name *.proto -exec clang-format -i {} \;
+	@echo "Formatting .proto files"
+	@$(DOCKER_PROTO) find ./ -not -path "./third_party/*" -name '*.proto' -exec clang-format -i {} \;
 .PHONY: proto-format

 proto-check-breaking:
-	@$(DOCKER_BUF) check breaking --against-input .git#branch=master
+	@echo "Checking for breaking changes in .proto files"
+	@$(DOCKER_PROTO) buf breaking --against .git#branch=$(BASE_BRANCH)
 .PHONY: proto-check-breaking

 proto-check-breaking-ci:
-	@$(DOCKER_BUF) check breaking --against-input $(HTTPS_GIT)#branch=master
+	@echo "Checking for breaking changes in .proto files"
+	@$(DOCKER_PROTO) buf breaking --against $(HTTPS_GIT)#branch=$(BASE_BRANCH)
 .PHONY: proto-check-breaking-ci

 ###############################################################################
@@ -118,7 +121,7 @@ install_abci:
 .PHONY: install_abci

 ###############################################################################
-###                           	Privval Server                              ###
+###				Privval Server                              ###
 ###############################################################################

 build_privval_server:
@@ -131,11 +134,11 @@ generate_test_cert:
 	# generate server cerificate
 	@certstrap request-cert -cn server -ip 127.0.0.1
 	# self-sign server cerificate with rootCA
-	@certstrap sign server --CA "root CA" 
+	@certstrap sign server --CA "root CA"
 	# generate client cerificate
 	@certstrap request-cert -cn client -ip 127.0.0.1
 	# self-sign client cerificate with rootCA
-	@certstrap sign client --CA "root CA" 
+	@certstrap sign client --CA "root CA"
 .PHONY: generate_test_cert

 ###############################################################################
@@ -214,11 +217,13 @@ DESTINATION = ./index.html.md
 build-docs:
 	@cd docs && \
 	while read -r branch path_prefix; do \
-		(git checkout $${branch} && npm install && VUEPRESS_BASE="/$${path_prefix}/" npm run build) ; \
+		(git checkout $${branch} && npm ci && VUEPRESS_BASE="/$${path_prefix}/" npm run build) ; \
 		mkdir -p ~/output/$${path_prefix} ; \
 		cp -r .vuepress/dist/* ~/output/$${path_prefix}/ ; \
 		cp ~/output/$${path_prefix}/index.html ~/output ; \
-	done < versions ;
+	done < versions ; \
+	mkdir -p ~/output/master ; \
+	cp -r .vuepress/dist/* ~/output/master/
 .PHONY: build-docs

 ###############################################################################
@@ -227,13 +232,13 @@ build-docs:

 build-docker: build-linux
 	cp $(BUILDDIR)/tendermint DOCKER/tendermint
-	docker build --label=tendermint --tag="tendermint/tendermint" DOCKER
+	docker build --label=tendermint --tag="tendermint/tendermint" -f DOCKER/Dockerfile .
 	rm -rf DOCKER/tendermint
 .PHONY: build-docker


 ###############################################################################
-###                       Mocks 											###
+###                                Mocks                                    ###
 ###############################################################################

 mockery:
@@ -303,3 +308,25 @@ build-reproducible:
 		--name latest-build cosmossdk/rbuilder:latest
 	docker cp -a latest-build:/home/builder/artifacts/ $(CURDIR)/
 .PHONY: build-reproducible
+
+# Implements test splitting and running. This is pulled directly from
+# the github action workflows for better local reproducibility.
+
+GO_TEST_FILES != find $(CURDIR) -name "*_test.go"
+
+# default to four splits by default
+NUM_SPLIT ?= 4
+
+$(BUILDDIR):
+	mkdir -p $@
+
+# The format statement filters out all packages that don't have tests.
+# Note we need to check for both in-package tests (.TestGoFiles) and
+# out-of-package tests (.XTestGoFiles).
+$(BUILDDIR)/packages.txt:$(GO_TEST_FILES) $(BUILDDIR)
+	go list -f "{{ if (or .TestGoFiles .XTestGoFiles) }}{{ .ImportPath }}{{ end }}" ./... | sort > $@
+
+split-test-packages:$(BUILDDIR)/packages.txt
+	split -d -n l/$(NUM_SPLIT) $< $<.
+test-group-%:split-test-packages
+	cat $(BUILDDIR)/packages.txt.$* | xargs go test -mod=readonly -timeout=15m -race -coverprofile=$(BUILDDIR)/$*.profile.out
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@ Or [Blockchain](<https://en.wikipedia.org/wiki/Blockchain_(database)>), for shor
 [![version](https://img.shields.io/github/tag/tendermint/tendermint.svg)](https://github.com/tendermint/tendermint/releases/latest)
 [![API Reference](https://camo.githubusercontent.com/915b7be44ada53c290eb157634330494ebe3e30a/68747470733a2f2f676f646f632e6f72672f6769746875622e636f6d2f676f6c616e672f6764646f3f7374617475732e737667)](https://pkg.go.dev/github.com/tendermint/tendermint)
 [![Go version](https://img.shields.io/badge/go-1.16-blue.svg)](https://github.com/moovweb/gvm)
-[![Discord chat](https://img.shields.io/discord/669268347736686612.svg)](https://discord.gg/vcExX9T)
+[![Discord chat](https://img.shields.io/discord/669268347736686612.svg)](https://discord.gg/cosmosnetwork)
 [![license](https://img.shields.io/github/license/tendermint/tendermint.svg)](https://github.com/tendermint/tendermint/blob/master/LICENSE)
 [![tendermint/tendermint](https://tokei.rs/b1/github/tendermint/tendermint?category=lines)](https://github.com/tendermint/tendermint)
 [![Sourcegraph](https://sourcegraph.com/github.com/tendermint/tendermint/-/badge.svg)](https://sourcegraph.com/github.com/tendermint/tendermint?badge)
@@ -29,16 +29,15 @@ see our recent paper, "[The latest gossip on BFT consensus](https://arxiv.org/ab

 Please do not depend on master as your production branch. Use [releases](https://github.com/tendermint/tendermint/releases) instead.

-Tendermint has been in the production of private and public environments, most notably the blockchains of the Cosmos Network. we haven't released v1.0 yet since we are making breaking changes to the protocol and the APIs. 
+Tendermint has been in the production of private and public environments, most notably the blockchains of the Cosmos Network. we haven't released v1.0 yet since we are making breaking changes to the protocol and the APIs.
 See below for more details about [versioning](#versioning).

 In any case, if you intend to run Tendermint in production, we're happy to help. You can
-contact us [over email](mailto:hello@interchain.berlin) or [join the chat](https://discord.gg/vcExX9T).
+contact us [over email](mailto:hello@interchain.berlin) or [join the chat](https://discord.gg/cosmosnetwork).

 ## Security

-To report a security vulnerability, see our [bug bounty
-program](https://hackerone.com/tendermint). 
+To report a security vulnerability, see our [bug bounty program](https://hackerone.com/cosmos).
 For examples of the kinds of bugs we're looking for, see [our security policy](SECURITY.md).

 We also maintain a dedicated mailing list for security updates. We will only ever use this mailing list
@@ -61,8 +60,8 @@ See the [install instructions](/docs/introduction/install.md).
 ### Quick Start

 - [Single node](/docs/introduction/quick-start.md)
- [Local cluster using docker-compose](/docs/networks/docker-compose.md)
- [Remote cluster using Terraform and Ansible](/docs/networks/terraform-and-ansible.md)
+- [Local cluster using docker-compose](/docs/tools/docker-compose.md)
+- [Remote cluster using Terraform and Ansible](/docs/tools/terraform-and-ansible.md)
 - [Join the Cosmos testnet](https://cosmos.network/testnet)

 ## Contributing
@@ -71,7 +70,7 @@ Please abide by the [Code of Conduct](CODE_OF_CONDUCT.md) in all interactions.

 Before contributing to the project, please take a look at the [contributing guidelines](CONTRIBUTING.md)
 and the [style guide](STYLE_GUIDE.md). You may also find it helpful to read the
-[specifications](https://github.com/tendermint/spec), watch the [Developer Sessions](/docs/DEV_SESSIONS.md), 
+[specifications](https://github.com/tendermint/spec), watch the [Developer Sessions](/docs/DEV_SESSIONS.md),
 and familiarize yourself with our
 [Architectural Decision Records](https://github.com/tendermint/tendermint/tree/master/docs/architecture).

@@ -82,32 +81,12 @@ and familiarize yourself with our
 Tendermint uses [Semantic Versioning](http://semver.org/) to determine when and how the version changes.
 According to SemVer, anything in the public API can change at any time before version 1.0.0

-To provide some stability to Tendermint users in these 0.X.X days, the MINOR version is used
-to signal breaking changes across a subset of the total public API. This subset includes all
-interfaces exposed to other processes (cli, rpc, p2p, etc.), but does not
-include the Go APIs.
+To provide some stability to users of 0.X.X versions of Tendermint, the MINOR version is used
+to signal breaking changes across Tendermint's API. This API includes all
+publicly exposed types, functions, and methods in non-internal Go packages as well as
+the types and methods accessible via the Tendermint RPC interface.

-That said, breaking changes in the following packages will be documented in the
-CHANGELOG even if they don't lead to MINOR version bumps:
-
- crypto
- config
- libs
-    - bits
-    - bytes
-    - json
-    - log
-    - math
-    - net
-    - os
-    - protoio
-    - rand
-    - sync
-    - strings
-    - service
- node
- rpc/client
- types
+Breaking changes to these public APIs will be documented in the CHANGELOG.

 ### Upgrades

@@ -115,7 +94,7 @@ In an effort to avoid accumulating technical debt prior to 1.0.0,
 we do not guarantee that breaking changes (ie. bumps in the MINOR version)
 will work with existing Tendermint blockchains. In these cases you will
 have to start a new blockchain, or write something custom to get the old
-data into the new chain. However, any bump in the PATCH version should be 
+data into the new chain. However, any bump in the PATCH version should be
 compatible with existing blockchain histories.


--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -2,7 +2,7 @@

 This guide provides instructions for upgrading to specific versions of Tendermint Core.

-## Unreleased
+## v0.35

 ### ABCI Changes

@@ -17,7 +17,16 @@ This guide provides instructions for upgrading to specific versions of Tendermin

 ### Config Changes

-* `fast_sync = "v1"` and `fast_sync = "v2"` are no longer supported. Please use `v0` instead.
+* The configuration file field `[fastsync]` has been renamed to `[blocksync]`.
+
+* The top level configuration file field `fast-sync` has moved under the new `[blocksync]`
+  field as `blocksync.enable`.
+
+* `blocksync.version = "v1"` and `blocksync.version = "v2"` (previously `fastsync`)
+  are no longer supported. Please use `v0` instead. During the v0.35 release cycle, `v0` was
+  determined to suit the existing needs and the cost of maintaining the `v1` and `v2` modules
+  was determined to be greater than necessary.
+

 * All config parameters are now hyphen-case (also known as kebab-case) instead of snake_case. Before restarting the node make sure
  you have updated all the variables in your `config.toml` file.
@@ -35,7 +44,7 @@ This guide provides instructions for upgrading to specific versions of Tendermin
 * The fast sync process as well as the blockchain package and service has all
  been renamed to block sync

-### Key Format Changes
+### Database Key Format Changes

 The format of all tendermint on-disk database keys changes in
 0.35. Upgrading nodes must either re-sync all data or run a migration
@@ -60,6 +69,8 @@ if needed.

 * You must now specify the node mode (validator|full|seed) in `tendermint init [mode]`

+* The `--fast-sync` command line option has been renamed to `--blocksync.enable`
+
 * If you had previously used `tendermint gen_node_key` to generate a new node
  key, keep in mind that it no longer saves the output to a file. You can use
  `tendermint init validator` or pipe the output of `tendermint gen_node_key` to
@@ -74,8 +85,8 @@ if needed.

 ### API Changes

-The p2p layer was reimplemented as part of the 0.35 release cycle, and
-all reactors were refactored. As part of that work these
+The p2p layer was reimplemented as part of the 0.35 release cycle and
+all reactors were refactored to accomodate the change. As part of that work these
 implementations moved into the `internal` package and are no longer
 considered part of the public Go API of tendermint. These packages
 are:
@@ -87,7 +98,7 @@ are:
 - `blockchain`
 - `evidence`

-Accordingly, the `node` package was changed to reduce access to
+Accordingly, the `node` package changed to reduce access to
 tendermint internals: applications that use tendermint as a library
 will need to change to accommodate these changes. Most notably:

@@ -98,13 +109,25 @@ will need to change to accommodate these changes. Most notably:
  longer exported and have been replaced with `node.New` and
  `node.NewDefault` which provide more functional interfaces.

-### RPC changes
+To access any of the functionality previously available via the
+`node.Node` type, use the `*local.Local` "RPC" client, that exposes
+the full RPC interface provided as direct function calls. Import the
+`github.com/tendermint/tendermint/rpc/client/local` package and pass
+the node service as in the following: 

-#### gRPC Support
+```go
+    node := node.NewDefault() //construct the node object
+    // start and set up the node service 
+
+    client := local.New(node.(local.NodeService))
+    // use client object to interact with the node
+```
+
+### gRPC Support

 Mark gRPC in the RPC layer as deprecated and to be removed in 0.36.

-#### Peer Management Interface
+### Peer Management Interface

 When running with the new P2P Layer, the methods `UnsafeDialSeeds` and
 `UnsafeDialPeers` RPC methods will always return an error. They are
@@ -116,6 +139,58 @@ method changes in this release to accommodate the different way that
 the new stack tracks data about peers. This change affects users of
 both stacks.

+### Using the updated p2p library
+
+The P2P library was reimplemented in this release. The new implementation is
+enabled by default in this version of Tendermint. The legacy implementation is still
+included in this version of Tendermint as a backstop to work around unforeseen
+production issues. The new and legacy version are interoperable. If necessary, 
+you can enable the legacy implementation in the server configuration file.
+
+To make use of the legacy P2P implemementation add or update the following field of 
+your server's configuration file under the `[p2p]` section:
+
+```toml
+[p2p]
+...
+use-legacy = true
+...
+```
+
+If you need to do this, please consider filing an issue in the Tendermint repository
+to let us know why. We plan to remove the legacy P2P code in the next (v0.36) release.
+
+#### New p2p queue types
+
+The new p2p implementation enables selection of the queue type to be used for
+passing messages between peers.
+
+The following values may be used when selecting which queue type to use:
+
+* `fifo`: (**default**) An unbuffered and lossless queue that passes messages through
+in the order in which they were received.
+
+* `priority`: A priority queue of messages.
+
+* `wdrr`: A queue implementing the Weighted Deficit Round Robin algorithm. A 
+weighted deficit round robin queue is created per peer. Each queue contains a 
+separate 'flow' for each of the channels of communication that exist between any two
+peers. Tendermint maintains a channel per message type between peers. Each WDRR
+queue maintains a shared buffered with a fixed capacity through which messages on different
+flows are passed.
+For more information on WDRR scheduling, see: https://en.wikipedia.org/wiki/Deficit_round_robin
+
+To select a queue type, add or update the following field under the `[p2p]`
+section of your server's configuration file.
+
+```toml
+[p2p]
+...
+queue-type = wdrr
+...
+```
+
+
 ### Support for Custom Reactor and Mempool Implementations

 The changes to p2p layer removed existing support for custom
--- a/abci/client/client.go
+++ b/abci/client/client.go
@@ -1,4 +1,4 @@
-package abcicli
+package abciclient

 import (
 	"context"
@@ -87,7 +87,7 @@ type ReqRes struct {
 	*sync.WaitGroup
 	*types.Response // Not set atomically, so be sure to use WaitGroup.

-	mtx  tmsync.RWMutex
+	mtx  tmsync.Mutex
 	done bool                  // Gets set to true once *after* WaitGroup.Done().
 	cb   func(*types.Response) // A single callback that may be set.
 }
@@ -137,16 +137,16 @@ func (r *ReqRes) InvokeCallback() {
 //
 // ref: https://github.com/tendermint/tendermint/issues/5439
 func (r *ReqRes) GetCallback() func(*types.Response) {
-	r.mtx.RLock()
-	defer r.mtx.RUnlock()
+	r.mtx.Lock()
+	defer r.mtx.Unlock()
 	return r.cb
 }

 // SetDone marks the ReqRes object as done.
 func (r *ReqRes) SetDone() {
 	r.mtx.Lock()
-	defer r.mtx.Unlock()
 	r.done = true
+	r.mtx.Unlock()
 }

 func waitGroup1() (wg *sync.WaitGroup) {
--- a/abci/client/creators.go
+++ b/abci/client/creators.go
@@ -0,0 +1,35 @@
+package abciclient
+
+import (
+	"fmt"
+
+	"github.com/tendermint/tendermint/abci/types"
+	tmsync "github.com/tendermint/tendermint/internal/libs/sync"
+)
+
+// Creator creates new ABCI clients.
+type Creator func() (Client, error)
+
+// NewLocalCreator returns a Creator for the given app,
+// which will be running locally.
+func NewLocalCreator(app types.Application) Creator {
+	mtx := new(tmsync.Mutex)
+
+	return func() (Client, error) {
+		return NewLocalClient(mtx, app), nil
+	}
+}
+
+// NewRemoteCreator returns a Creator for the given address (e.g.
+// "192.168.0.1") and transport (e.g. "tcp"). Set mustConnect to true if you
+// want the client to connect before reporting success.
+func NewRemoteCreator(addr, transport string, mustConnect bool) Creator {
+	return func() (Client, error) {
+		remoteApp, err := NewClient(addr, transport, mustConnect)
+		if err != nil {
+			return nil, fmt.Errorf("failed to connect to proxy: %w", err)
+		}
+
+		return remoteApp, nil
+	}
+}
--- a/abci/client/doc.go
+++ b/abci/client/doc.go
@@ -1,4 +1,4 @@
-// Package abcicli provides an ABCI implementation in Go.
+// Package abciclient provides an ABCI implementation in Go.
 //
 // There are 3 clients available:
 //		1. socket (unix or TCP)
@@ -26,4 +26,4 @@
 //
 // sync: waits for all Async calls to complete (essentially what Flush does in
 // the socket client) and calls Sync method.
-package abcicli
+package abciclient
--- a/abci/client/grpc_client.go
+++ b/abci/client/grpc_client.go
@@ -1,4 +1,4 @@
-package abcicli
+package abciclient

 import (
 	"context"
@@ -8,6 +8,7 @@ import (
 	"time"

 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials/insecure"

 	"github.com/tendermint/tendermint/abci/types"
 	tmsync "github.com/tendermint/tendermint/internal/libs/sync"
@@ -24,7 +25,7 @@ type grpcClient struct {
 	conn     *grpc.ClientConn
 	chReqRes chan *ReqRes // dispatches "async" responses to callbacks *in order*, needed by mempool

-	mtx   tmsync.RWMutex
+	mtx   tmsync.Mutex
 	addr  string
 	err   error
 	resCb func(*types.Request, *types.Response) // listens to all callbacks
@@ -95,7 +96,10 @@ func (cli *grpcClient) OnStart() error {

 RETRY_LOOP:
 	for {
-		conn, err := grpc.Dial(cli.addr, grpc.WithInsecure(), grpc.WithContextDialer(dialerFunc))
+		conn, err := grpc.Dial(cli.addr,
+			grpc.WithTransportCredentials(insecure.NewCredentials()),
+			grpc.WithContextDialer(dialerFunc),
+		)
 		if err != nil {
 			if cli.mustConnect {
 				return err
@@ -149,8 +153,8 @@ func (cli *grpcClient) StopForError(err error) {
 }

 func (cli *grpcClient) Error() error {
-	cli.mtx.RLock()
-	defer cli.mtx.RUnlock()
+	cli.mtx.Lock()
+	defer cli.mtx.Unlock()
 	return cli.err
 }

@@ -158,8 +162,8 @@ func (cli *grpcClient) Error() error {
 // NOTE: callback may get internally generated flush responses.
 func (cli *grpcClient) SetResponseCallback(resCb Callback) {
 	cli.mtx.Lock()
-	defer cli.mtx.Unlock()
 	cli.resCb = resCb
+	cli.mtx.Unlock()
 }

 //----------------------------------------
--- a/abci/client/local_client.go
+++ b/abci/client/local_client.go
@@ -1,4 +1,4 @@
-package abcicli
+package abciclient

 import (
 	"context"
@@ -15,7 +15,7 @@ import (
 type localClient struct {
 	service.BaseService

-	mtx *tmsync.RWMutex
+	mtx *tmsync.Mutex
 	types.Application
 	Callback
 }
@@ -26,24 +26,22 @@ var _ Client = (*localClient)(nil)
 // methods of the given app.
 //
 // Both Async and Sync methods ignore the given context.Context parameter.
-func NewLocalClient(mtx *tmsync.RWMutex, app types.Application) Client {
+func NewLocalClient(mtx *tmsync.Mutex, app types.Application) Client {
 	if mtx == nil {
-		mtx = &tmsync.RWMutex{}
+		mtx = new(tmsync.Mutex)
 	}
-
 	cli := &localClient{
 		mtx:         mtx,
 		Application: app,
 	}
-
 	cli.BaseService = *service.NewBaseService(nil, "localClient", cli)
 	return cli
 }

 func (app *localClient) SetResponseCallback(cb Callback) {
 	app.mtx.Lock()
-	defer app.mtx.Unlock()
 	app.Callback = cb
+	app.mtx.Unlock()
 }

 // TODO: change types.Application to include Error()?
@@ -67,8 +65,8 @@ func (app *localClient) EchoAsync(ctx context.Context, msg string) (*ReqRes, err
 }

 func (app *localClient) InfoAsync(ctx context.Context, req types.RequestInfo) (*ReqRes, error) {
-	app.mtx.RLock()
-	defer app.mtx.RUnlock()
+	app.mtx.Lock()
+	defer app.mtx.Unlock()

 	res := app.Application.Info(req)
 	return app.callback(
@@ -100,8 +98,8 @@ func (app *localClient) CheckTxAsync(ctx context.Context, req types.RequestCheck
 }

 func (app *localClient) QueryAsync(ctx context.Context, req types.RequestQuery) (*ReqRes, error) {
-	app.mtx.RLock()
-	defer app.mtx.RUnlock()
+	app.mtx.Lock()
+	defer app.mtx.Unlock()

 	res := app.Application.Query(req)
 	return app.callback(
@@ -215,8 +213,8 @@ func (app *localClient) EchoSync(ctx context.Context, msg string) (*types.Respon
 }

 func (app *localClient) InfoSync(ctx context.Context, req types.RequestInfo) (*types.ResponseInfo, error) {
-	app.mtx.RLock()
-	defer app.mtx.RUnlock()
+	app.mtx.Lock()
+	defer app.mtx.Unlock()

 	res := app.Application.Info(req)
 	return &res, nil
@@ -249,8 +247,8 @@ func (app *localClient) QuerySync(
 	ctx context.Context,
 	req types.RequestQuery,
 ) (*types.ResponseQuery, error) {
-	app.mtx.RLock()
-	defer app.mtx.RUnlock()
+	app.mtx.Lock()
+	defer app.mtx.Unlock()

 	res := app.Application.Query(req)
 	return &res, nil
--- a/abci/client/mocks/client.go
+++ b/abci/client/mocks/client.go
@@ -5,7 +5,7 @@ package mocks
 import (
 	context "context"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"

 	log "github.com/tendermint/tendermint/libs/log"

@@ -20,15 +20,15 @@ type Client struct {
 }

 // ApplySnapshotChunkAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) ApplySnapshotChunkAsync(_a0 context.Context, _a1 types.RequestApplySnapshotChunk) (*abcicli.ReqRes, error) {
+func (_m *Client) ApplySnapshotChunkAsync(_a0 context.Context, _a1 types.RequestApplySnapshotChunk) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestApplySnapshotChunk) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestApplySnapshotChunk) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -66,15 +66,15 @@ func (_m *Client) ApplySnapshotChunkSync(_a0 context.Context, _a1 types.RequestA
 }

 // BeginBlockAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) BeginBlockAsync(_a0 context.Context, _a1 types.RequestBeginBlock) (*abcicli.ReqRes, error) {
+func (_m *Client) BeginBlockAsync(_a0 context.Context, _a1 types.RequestBeginBlock) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestBeginBlock) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestBeginBlock) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -112,15 +112,15 @@ func (_m *Client) BeginBlockSync(_a0 context.Context, _a1 types.RequestBeginBloc
 }

 // CheckTxAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) CheckTxAsync(_a0 context.Context, _a1 types.RequestCheckTx) (*abcicli.ReqRes, error) {
+func (_m *Client) CheckTxAsync(_a0 context.Context, _a1 types.RequestCheckTx) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestCheckTx) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestCheckTx) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -158,15 +158,15 @@ func (_m *Client) CheckTxSync(_a0 context.Context, _a1 types.RequestCheckTx) (*t
 }

 // CommitAsync provides a mock function with given fields: _a0
-func (_m *Client) CommitAsync(_a0 context.Context) (*abcicli.ReqRes, error) {
+func (_m *Client) CommitAsync(_a0 context.Context) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context) *abciclient.ReqRes); ok {
 		r0 = rf(_a0)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -204,15 +204,15 @@ func (_m *Client) CommitSync(_a0 context.Context) (*types.ResponseCommit, error)
 }

 // DeliverTxAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) DeliverTxAsync(_a0 context.Context, _a1 types.RequestDeliverTx) (*abcicli.ReqRes, error) {
+func (_m *Client) DeliverTxAsync(_a0 context.Context, _a1 types.RequestDeliverTx) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestDeliverTx) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestDeliverTx) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -250,15 +250,15 @@ func (_m *Client) DeliverTxSync(_a0 context.Context, _a1 types.RequestDeliverTx)
 }

 // EchoAsync provides a mock function with given fields: ctx, msg
-func (_m *Client) EchoAsync(ctx context.Context, msg string) (*abcicli.ReqRes, error) {
+func (_m *Client) EchoAsync(ctx context.Context, msg string) (*abciclient.ReqRes, error) {
 	ret := _m.Called(ctx, msg)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, string) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, string) *abciclient.ReqRes); ok {
 		r0 = rf(ctx, msg)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -296,15 +296,15 @@ func (_m *Client) EchoSync(ctx context.Context, msg string) (*types.ResponseEcho
 }

 // EndBlockAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) EndBlockAsync(_a0 context.Context, _a1 types.RequestEndBlock) (*abcicli.ReqRes, error) {
+func (_m *Client) EndBlockAsync(_a0 context.Context, _a1 types.RequestEndBlock) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestEndBlock) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestEndBlock) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -356,15 +356,15 @@ func (_m *Client) Error() error {
 }

 // FlushAsync provides a mock function with given fields: _a0
-func (_m *Client) FlushAsync(_a0 context.Context) (*abcicli.ReqRes, error) {
+func (_m *Client) FlushAsync(_a0 context.Context) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context) *abciclient.ReqRes); ok {
 		r0 = rf(_a0)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -393,15 +393,15 @@ func (_m *Client) FlushSync(_a0 context.Context) error {
 }

 // InfoAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) InfoAsync(_a0 context.Context, _a1 types.RequestInfo) (*abcicli.ReqRes, error) {
+func (_m *Client) InfoAsync(_a0 context.Context, _a1 types.RequestInfo) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestInfo) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestInfo) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -439,15 +439,15 @@ func (_m *Client) InfoSync(_a0 context.Context, _a1 types.RequestInfo) (*types.R
 }

 // InitChainAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) InitChainAsync(_a0 context.Context, _a1 types.RequestInitChain) (*abcicli.ReqRes, error) {
+func (_m *Client) InitChainAsync(_a0 context.Context, _a1 types.RequestInitChain) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestInitChain) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestInitChain) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -499,15 +499,15 @@ func (_m *Client) IsRunning() bool {
 }

 // ListSnapshotsAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) ListSnapshotsAsync(_a0 context.Context, _a1 types.RequestListSnapshots) (*abcicli.ReqRes, error) {
+func (_m *Client) ListSnapshotsAsync(_a0 context.Context, _a1 types.RequestListSnapshots) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestListSnapshots) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestListSnapshots) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -545,15 +545,15 @@ func (_m *Client) ListSnapshotsSync(_a0 context.Context, _a1 types.RequestListSn
 }

 // LoadSnapshotChunkAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) LoadSnapshotChunkAsync(_a0 context.Context, _a1 types.RequestLoadSnapshotChunk) (*abcicli.ReqRes, error) {
+func (_m *Client) LoadSnapshotChunkAsync(_a0 context.Context, _a1 types.RequestLoadSnapshotChunk) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestLoadSnapshotChunk) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestLoadSnapshotChunk) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -591,15 +591,15 @@ func (_m *Client) LoadSnapshotChunkSync(_a0 context.Context, _a1 types.RequestLo
 }

 // OfferSnapshotAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) OfferSnapshotAsync(_a0 context.Context, _a1 types.RequestOfferSnapshot) (*abcicli.ReqRes, error) {
+func (_m *Client) OfferSnapshotAsync(_a0 context.Context, _a1 types.RequestOfferSnapshot) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestOfferSnapshot) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestOfferSnapshot) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -670,15 +670,15 @@ func (_m *Client) OnStop() {
 }

 // QueryAsync provides a mock function with given fields: _a0, _a1
-func (_m *Client) QueryAsync(_a0 context.Context, _a1 types.RequestQuery) (*abcicli.ReqRes, error) {
+func (_m *Client) QueryAsync(_a0 context.Context, _a1 types.RequestQuery) (*abciclient.ReqRes, error) {
 	ret := _m.Called(_a0, _a1)

-	var r0 *abcicli.ReqRes
-	if rf, ok := ret.Get(0).(func(context.Context, types.RequestQuery) *abcicli.ReqRes); ok {
+	var r0 *abciclient.ReqRes
+	if rf, ok := ret.Get(0).(func(context.Context, types.RequestQuery) *abciclient.ReqRes); ok {
 		r0 = rf(_a0, _a1)
 	} else {
 		if ret.Get(0) != nil {
-			r0 = ret.Get(0).(*abcicli.ReqRes)
+			r0 = ret.Get(0).(*abciclient.ReqRes)
 		}
 	}

@@ -751,7 +751,7 @@ func (_m *Client) SetLogger(_a0 log.Logger) {
 }

 // SetResponseCallback provides a mock function with given fields: _a0
-func (_m *Client) SetResponseCallback(_a0 abcicli.Callback) {
+func (_m *Client) SetResponseCallback(_a0 abciclient.Callback) {
 	_m.Called(_a0)
 }

--- a/abci/client/socket_client.go
+++ b/abci/client/socket_client.go
@@ -1,4 +1,4 @@
-package abcicli
+package abciclient

 import (
 	"bufio"
@@ -13,7 +13,6 @@ import (

 	"github.com/tendermint/tendermint/abci/types"
 	tmsync "github.com/tendermint/tendermint/internal/libs/sync"
-	"github.com/tendermint/tendermint/internal/libs/timer"
 	tmnet "github.com/tendermint/tendermint/libs/net"
 	"github.com/tendermint/tendermint/libs/service"
 )
@@ -22,8 +21,6 @@ const (
 	// reqQueueSize is the max number of queued async requests.
 	// (memory: 256MB max assuming 1MB transactions)
 	reqQueueSize = 256
-	// Don't wait longer than...
-	flushThrottleMS = 20
 )

 type reqResWithContext struct {
@@ -40,10 +37,9 @@ type socketClient struct {
 	mustConnect bool
 	conn        net.Conn

-	reqQueue   chan *reqResWithContext
-	flushTimer *timer.ThrottleTimer
+	reqQueue chan *reqResWithContext

-	mtx     tmsync.RWMutex
+	mtx     tmsync.Mutex
 	err     error
 	reqSent *list.List                            // list of requests sent, waiting for response
 	resCb   func(*types.Request, *types.Response) // called on all requests, if set.
@@ -57,7 +53,6 @@ var _ Client = (*socketClient)(nil)
 func NewSocketClient(addr string, mustConnect bool) Client {
 	cli := &socketClient{
 		reqQueue:    make(chan *reqResWithContext, reqQueueSize),
-		flushTimer:  timer.NewThrottleTimer("socketClient", flushThrottleMS),
 		mustConnect: mustConnect,

 		addr:    addr,
@@ -102,14 +97,13 @@ func (cli *socketClient) OnStop() {
 		cli.conn.Close()
 	}

-	cli.flushQueue()
-	cli.flushTimer.Stop()
+	cli.drainQueue()
 }

 // Error returns an error if the client was stopped abruptly.
 func (cli *socketClient) Error() error {
-	cli.mtx.RLock()
-	defer cli.mtx.RUnlock()
+	cli.mtx.Lock()
+	defer cli.mtx.Unlock()
 	return cli.err
 }

@@ -119,45 +113,32 @@ func (cli *socketClient) Error() error {
 // NOTE: callback may get internally generated flush responses.
 func (cli *socketClient) SetResponseCallback(resCb Callback) {
 	cli.mtx.Lock()
-	defer cli.mtx.Unlock()
 	cli.resCb = resCb
+	cli.mtx.Unlock()
 }

 //----------------------------------------

 func (cli *socketClient) sendRequestsRoutine(conn io.Writer) {
-	w := bufio.NewWriter(conn)
+	bw := bufio.NewWriter(conn)
 	for {
 		select {
 		case reqres := <-cli.reqQueue:
-			// cli.Logger.Debug("Sent request", "requestType", reflect.TypeOf(reqres.Request), "request", reqres.Request)
-
 			if reqres.C.Err() != nil {
 				cli.Logger.Debug("Request's context is done", "req", reqres.R, "err", reqres.C.Err())
 				continue
 			}
-
 			cli.willSendReq(reqres.R)
-			err := types.WriteMessage(reqres.R.Request, w)
-			if err != nil {
+
+			if err := types.WriteMessage(reqres.R.Request, bw); err != nil {
 				cli.stopForError(fmt.Errorf("write to buffer: %w", err))
 				return
 			}
+			if err := bw.Flush(); err != nil {
+				cli.stopForError(fmt.Errorf("flush buffer: %w", err))
+				return
+			}

-			// If it's a flush request, flush the current buffer.
-			if _, ok := reqres.R.Request.Value.(*types.Request_Flush); ok {
-				err = w.Flush()
-				if err != nil {
-					cli.stopForError(fmt.Errorf("flush buffer: %w", err))
-					return
-				}
-			}
-		case <-cli.flushTimer.Ch: // flush queue
-			select {
-			case cli.reqQueue <- &reqResWithContext{R: NewReqRes(types.ToRequestFlush()), C: context.Background()}:
-			default:
-				// Probably will fill the buffer, or retry later.
-			}
 		case <-cli.Quit():
 			return
 		}
@@ -298,7 +279,7 @@ func (cli *socketClient) ApplySnapshotChunkAsync(
 //----------------------------------------

 func (cli *socketClient) FlushSync(ctx context.Context) error {
-	reqRes, err := cli.queueRequest(ctx, types.ToRequestFlush(), true)
+	reqRes, err := cli.queueRequest(ctx, types.ToRequestFlush())
 	if err != nil {
 		return queueErr(err)
 	}
@@ -467,37 +448,22 @@ func (cli *socketClient) ApplySnapshotChunkSync(

 //----------------------------------------

-// queueRequest enqueues req onto the queue. If the queue is full, it ether
-// returns an error (sync=false) or blocks (sync=true).
-//
-// When sync=true, ctx can be used to break early. When sync=false, ctx will be
-// used later to determine if request should be dropped (if ctx.Err is
-// non-nil).
+// queueRequest enqueues req onto the queue. The request can break early if the
+// the context is canceled. If the queue is full, this method blocks to allow
+// the request to be placed onto the queue. This has the effect of creating an
+// unbounded queue of goroutines waiting to write to this queue which is a bit
+// antithetical to the purposes of a queue, however, undoing this behavior has
+// dangerous upstream implications as a result of the usage of this behavior upstream.
+// Remove at your peril.
 //
 // The caller is responsible for checking cli.Error.
-func (cli *socketClient) queueRequest(ctx context.Context, req *types.Request, sync bool) (*ReqRes, error) {
+func (cli *socketClient) queueRequest(ctx context.Context, req *types.Request) (*ReqRes, error) {
 	reqres := NewReqRes(req)

-	if sync {
-		select {
-		case cli.reqQueue <- &reqResWithContext{R: reqres, C: context.Background()}:
-		case <-ctx.Done():
-			return nil, ctx.Err()
-		}
-	} else {
-		select {
-		case cli.reqQueue <- &reqResWithContext{R: reqres, C: ctx}:
-		default:
-			return nil, errors.New("buffer is full")
-		}
-	}
-
-	// Maybe auto-flush, or unset auto-flush
-	switch req.Value.(type) {
-	case *types.Request_Flush:
-		cli.flushTimer.Unset()
-	default:
-		cli.flushTimer.Set()
+	select {
+	case cli.reqQueue <- &reqResWithContext{R: reqres, C: ctx}:
+	case <-ctx.Done():
+		return nil, ctx.Err()
 	}

 	return reqres, nil
@@ -508,7 +474,7 @@ func (cli *socketClient) queueRequestAsync(
 	req *types.Request,
 ) (*ReqRes, error) {

-	reqres, err := cli.queueRequest(ctx, req, false)
+	reqres, err := cli.queueRequest(ctx, req)
 	if err != nil {
 		return nil, queueErr(err)
 	}
@@ -521,7 +487,7 @@ func (cli *socketClient) queueRequestAndFlushSync(
 	req *types.Request,
 ) (*ReqRes, error) {

-	reqres, err := cli.queueRequest(ctx, req, true)
+	reqres, err := cli.queueRequest(ctx, req)
 	if err != nil {
 		return nil, queueErr(err)
 	}
@@ -537,7 +503,9 @@ func queueErr(e error) error {
 	return fmt.Errorf("can't queue req: %w", e)
 }

-func (cli *socketClient) flushQueue() {
+// drainQueue marks as complete and discards all remaining pending requests
+// from the queue.
+func (cli *socketClient) drainQueue() {
 	cli.mtx.Lock()
 	defer cli.mtx.Unlock()

@@ -547,14 +515,17 @@ func (cli *socketClient) flushQueue() {
 		reqres.Done()
 	}

-	// mark all queued messages as resolved
-LOOP:
+	// Mark all queued messages as resolved.
+	//
+	// TODO(creachadair): We can't simply range the channel, because it is never
+	// closed, and the writer continues to add work.
+	// See https://github.com/tendermint/tendermint/issues/6996.
 	for {
 		select {
 		case reqres := <-cli.reqQueue:
 			reqres.R.Done()
 		default:
-			break LOOP
+			return
 		}
 	}
 }
--- a/abci/client/socket_client_test.go
+++ b/abci/client/socket_client_test.go
@@ -1,4 +1,4 @@
-package abcicli_test
+package abciclient_test

 import (
 	"context"
@@ -11,7 +11,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/server"
 	"github.com/tendermint/tendermint/abci/types"
 	"github.com/tendermint/tendermint/libs/service"
@@ -100,7 +100,7 @@ func TestHangingSyncCalls(t *testing.T) {
 }

 func setupClientServer(t *testing.T, app types.Application) (
-	service.Service, abcicli.Client) {
+	service.Service, abciclient.Client) {
 	// some port between 20k and 30k
 	port := 20000 + rand.Int31()%10000
 	addr := fmt.Sprintf("localhost:%d", port)
@@ -110,7 +110,7 @@ func setupClientServer(t *testing.T, app types.Application) (
 	err = s.Start()
 	require.NoError(t, err)

-	c := abcicli.NewSocketClient(addr, true)
+	c := abciclient.NewSocketClient(addr, true)
 	err = c.Start()
 	require.NoError(t, err)

--- a/abci/cmd/abci-cli/abci-cli.go
+++ b/abci/cmd/abci-cli/abci-cli.go
@@ -15,7 +15,7 @@ import (
 	"github.com/tendermint/tendermint/libs/log"
 	tmos "github.com/tendermint/tendermint/libs/os"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/example/code"
 	"github.com/tendermint/tendermint/abci/example/kvstore"
 	"github.com/tendermint/tendermint/abci/server"
@@ -27,7 +27,7 @@ import (

 // client is a global variable so it can be reused by the console
 var (
-	client abcicli.Client
+	client abciclient.Client
 	logger log.Logger

 	ctx = context.Background()
@@ -67,7 +67,7 @@ var RootCmd = &cobra.Command{

 		if client == nil {
 			var err error
-			client, err = abcicli.NewClient(flagAddress, flagAbci, false)
+			client, err = abciclient.NewClient(flagAddress, flagAbci, false)
 			if err != nil {
 				return err
 			}
--- a/abci/example/example_test.go
+++ b/abci/example/example_test.go
@@ -13,11 +13,12 @@ import (
 	"github.com/stretchr/testify/require"

 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials/insecure"

 	"github.com/tendermint/tendermint/libs/log"
 	tmnet "github.com/tendermint/tendermint/libs/net"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/example/code"
 	"github.com/tendermint/tendermint/abci/example/kvstore"
 	abciserver "github.com/tendermint/tendermint/abci/server"
@@ -61,7 +62,7 @@ func testStream(t *testing.T, app types.Application) {
 	})

 	// Connect to the socket
-	client := abcicli.NewSocketClient(socket, false)
+	client := abciclient.NewSocketClient(socket, false)
 	client.SetLogger(log.TestingLogger().With("module", "abci-client"))
 	err = client.Start()
 	require.NoError(t, err)
@@ -129,7 +130,7 @@ func dialerFunc(ctx context.Context, addr string) (net.Conn, error) {

 func testGRPCSync(t *testing.T, app types.ABCIApplicationServer) {
 	numDeliverTxs := 2000
-	socketFile := fmt.Sprintf("test-%08x.sock", rand.Int31n(1<<30))
+	socketFile := fmt.Sprintf("/tmp/test-%08x.sock", rand.Int31n(1<<30))
 	defer os.Remove(socketFile)
 	socket := fmt.Sprintf("unix://%v", socketFile)

@@ -147,7 +148,10 @@ func testGRPCSync(t *testing.T, app types.ABCIApplicationServer) {
 	})

 	// Connect to the socket
-	conn, err := grpc.Dial(socket, grpc.WithInsecure(), grpc.WithContextDialer(dialerFunc))
+	conn, err := grpc.Dial(socket,
+		grpc.WithTransportCredentials(insecure.NewCredentials()),
+		grpc.WithContextDialer(dialerFunc),
+	)
 	if err != nil {
 		t.Fatalf("Error dialing GRPC server: %v", err.Error())
 	}
--- a/abci/example/kvstore/kvstore_test.go
+++ b/abci/example/kvstore/kvstore_test.go
@@ -12,7 +12,7 @@ import (
 	"github.com/tendermint/tendermint/libs/log"
 	"github.com/tendermint/tendermint/libs/service"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/example/code"
 	abciserver "github.com/tendermint/tendermint/abci/server"
 	"github.com/tendermint/tendermint/abci/types"
@@ -165,7 +165,7 @@ func TestValUpdates(t *testing.T) {

 	makeApplyBlock(t, kvstore, 2, diff, tx1, tx2, tx3)

-	vals1 = append(vals[:nInit-2], vals[nInit+1]) // nolint: gocritic
+	vals1 = append(vals[:nInit-2], vals[nInit+1])
 	vals2 = kvstore.Validators()
 	valsEqual(t, vals1, vals2)

@@ -229,7 +229,7 @@ func valsEqual(t *testing.T, vals1, vals2 []types.ValidatorUpdate) {
 	}
 }

-func makeSocketClientServer(app types.Application, name string) (abcicli.Client, service.Service, error) {
+func makeSocketClientServer(app types.Application, name string) (abciclient.Client, service.Service, error) {
 	// Start the listener
 	socket := fmt.Sprintf("unix://%s.sock", name)
 	logger := log.TestingLogger()
@@ -241,7 +241,7 @@ func makeSocketClientServer(app types.Application, name string) (abcicli.Client,
 	}

 	// Connect to the socket
-	client := abcicli.NewSocketClient(socket, false)
+	client := abciclient.NewSocketClient(socket, false)
 	client.SetLogger(logger.With("module", "abci-client"))
 	if err := client.Start(); err != nil {
 		if err = server.Stop(); err != nil {
@@ -253,7 +253,7 @@ func makeSocketClientServer(app types.Application, name string) (abcicli.Client,
 	return client, server, nil
 }

-func makeGRPCClientServer(app types.Application, name string) (abcicli.Client, service.Service, error) {
+func makeGRPCClientServer(app types.Application, name string) (abciclient.Client, service.Service, error) {
 	// Start the listener
 	socket := fmt.Sprintf("unix://%s.sock", name)
 	logger := log.TestingLogger()
@@ -265,7 +265,7 @@ func makeGRPCClientServer(app types.Application, name string) (abcicli.Client, s
 		return nil, nil, err
 	}

-	client := abcicli.NewGRPCClient(socket, true)
+	client := abciclient.NewGRPCClient(socket, true)
 	client.SetLogger(logger.With("module", "abci-client"))
 	if err := client.Start(); err != nil {
 		if err := server.Stop(); err != nil {
@@ -296,7 +296,7 @@ func TestClientServer(t *testing.T) {

 	// set up grpc app
 	kvstore = NewApplication()
-	gclient, gserver, err := makeGRPCClientServer(kvstore, "kvstore-grpc")
+	gclient, gserver, err := makeGRPCClientServer(kvstore, "/tmp/kvstore-grpc")
 	require.NoError(t, err)

 	t.Cleanup(func() {
@@ -313,7 +313,7 @@ func TestClientServer(t *testing.T) {
 	runClientTests(t, gclient)
 }

-func runClientTests(t *testing.T, client abcicli.Client) {
+func runClientTests(t *testing.T, client abciclient.Client) {
 	// run some tests....
 	key := testKey
 	value := key
@@ -325,7 +325,7 @@ func runClientTests(t *testing.T, client abcicli.Client) {
 	testClient(t, client, tx, key, value)
 }

-func testClient(t *testing.T, app abcicli.Client, tx []byte, key, value string) {
+func testClient(t *testing.T, app abciclient.Client, tx []byte, key, value string) {
 	ar, err := app.DeliverTxSync(ctx, types.RequestDeliverTx{Tx: tx})
 	require.NoError(t, err)
 	require.False(t, ar.IsErr(), ar)
--- a/abci/example/kvstore/persistent_kvstore.go
+++ b/abci/example/kvstore/persistent_kvstore.go
@@ -11,9 +11,9 @@ import (

 	"github.com/tendermint/tendermint/abci/example/code"
 	"github.com/tendermint/tendermint/abci/types"
-	cryptoenc "github.com/tendermint/tendermint/crypto/encoding"
+	"github.com/tendermint/tendermint/crypto/encoding"
 	"github.com/tendermint/tendermint/libs/log"
-	pc "github.com/tendermint/tendermint/proto/tendermint/crypto"
+	cryptoproto "github.com/tendermint/tendermint/proto/tendermint/crypto"
 )

 const (
@@ -30,7 +30,7 @@ type PersistentKVStoreApplication struct {
 	// validator set
 	ValUpdates []types.ValidatorUpdate

-	valAddrToPubKeyMap map[string]pc.PublicKey
+	valAddrToPubKeyMap map[string]cryptoproto.PublicKey

 	logger log.Logger
 }
@@ -46,7 +46,7 @@ func NewPersistentKVStoreApplication(dbDir string) *PersistentKVStoreApplication

 	return &PersistentKVStoreApplication{
 		app:                &Application{state: state},
-		valAddrToPubKeyMap: make(map[string]pc.PublicKey),
+		valAddrToPubKeyMap: make(map[string]cryptoproto.PublicKey),
 		logger:             log.NewNopLogger(),
 	}
 }
@@ -194,8 +194,8 @@ func (app *PersistentKVStoreApplication) Validators() (validators []types.Valida
 	return
 }

-func MakeValSetChangeTx(pubkey pc.PublicKey, power int64) []byte {
-	pk, err := cryptoenc.PubKeyFromProto(pubkey)
+func MakeValSetChangeTx(pubkey cryptoproto.PublicKey, power int64) []byte {
+	pk, err := encoding.PubKeyFromProto(pubkey)
 	if err != nil {
 		panic(err)
 	}
@@ -243,7 +243,7 @@ func (app *PersistentKVStoreApplication) execValidatorTx(tx []byte) types.Respon

 // add, update, or remove a validator
 func (app *PersistentKVStoreApplication) updateValidator(v types.ValidatorUpdate) types.ResponseDeliverTx {
-	pubkey, err := cryptoenc.PubKeyFromProto(v.PubKey)
+	pubkey, err := encoding.PubKeyFromProto(v.PubKey)
 	if err != nil {
 		panic(fmt.Errorf("can't decode public key: %w", err))
 	}
--- a/abci/server/socket_server.go
+++ b/abci/server/socket_server.go
@@ -240,22 +240,15 @@ func (s *SocketServer) handleRequest(req *types.Request, responses chan<- *types

 // Pull responses from 'responses' and write them to conn.
 func (s *SocketServer) handleResponses(closeConn chan error, conn io.Writer, responses <-chan *types.Response) {
-	var count int
-	var bufWriter = bufio.NewWriter(conn)
-	for {
-		var res = <-responses
-		err := types.WriteMessage(res, bufWriter)
-		if err != nil {
+	bw := bufio.NewWriter(conn)
+	for res := range responses {
+		if err := types.WriteMessage(res, bw); err != nil {
 			closeConn <- fmt.Errorf("error writing message: %w", err)
 			return
 		}
-		if _, ok := res.Value.(*types.Response_Flush); ok {
-			err = bufWriter.Flush()
-			if err != nil {
-				closeConn <- fmt.Errorf("error flushing write buffer: %w", err)
-				return
-			}
+		if err := bw.Flush(); err != nil {
+			closeConn <- fmt.Errorf("error flushing write buffer: %w", err)
+			return
 		}
-		count++
 	}
 }
--- a/abci/tests/client_server_test.go
+++ b/abci/tests/client_server_test.go
@@ -5,7 +5,7 @@ import (

 	"github.com/stretchr/testify/assert"

-	abciclient "github.com/tendermint/tendermint/abci/client"
+	abciclientent "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/example/kvstore"
 	abciserver "github.com/tendermint/tendermint/abci/server"
 )
@@ -20,7 +20,7 @@ func TestClientServerNoAddrPrefix(t *testing.T) {
 	err = server.Start()
 	assert.NoError(t, err, "expected no error on server.Start")

-	client, err := abciclient.NewClient(addr, transport, true)
+	client, err := abciclientent.NewClient(addr, transport, true)
 	assert.NoError(t, err, "expected no error on NewClient")
 	err = client.Start()
 	assert.NoError(t, err, "expected no error on client.Start")
--- a/abci/tests/server/client.go
+++ b/abci/tests/server/client.go
@@ -7,14 +7,14 @@ import (
 	"fmt"
 	mrand "math/rand"

-	abcicli "github.com/tendermint/tendermint/abci/client"
+	abciclient "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/types"
 	tmrand "github.com/tendermint/tendermint/libs/rand"
 )

 var ctx = context.Background()

-func InitChain(client abcicli.Client) error {
+func InitChain(client abciclient.Client) error {
 	total := 10
 	vals := make([]types.ValidatorUpdate, total)
 	for i := 0; i < total; i++ {
@@ -34,7 +34,7 @@ func InitChain(client abcicli.Client) error {
 	return nil
 }

-func Commit(client abcicli.Client, hashExp []byte) error {
+func Commit(client abciclient.Client, hashExp []byte) error {
 	res, err := client.CommitSync(ctx)
 	data := res.Data
 	if err != nil {
@@ -51,7 +51,7 @@ func Commit(client abcicli.Client, hashExp []byte) error {
 	return nil
 }

-func DeliverTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []byte) error {
+func DeliverTx(client abciclient.Client, txBytes []byte, codeExp uint32, dataExp []byte) error {
 	res, _ := client.DeliverTxSync(ctx, types.RequestDeliverTx{Tx: txBytes})
 	code, data, log := res.Code, res.Data, res.Log
 	if code != codeExp {
@@ -70,7 +70,7 @@ func DeliverTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []
 	return nil
 }

-func CheckTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []byte) error {
+func CheckTx(client abciclient.Client, txBytes []byte, codeExp uint32, dataExp []byte) error {
 	res, _ := client.CheckTxSync(ctx, types.RequestCheckTx{Tx: txBytes})
 	code, data, log := res.Code, res.Data, res.Log
 	if code != codeExp {
--- a/abci/types/client.go
+++ b/abci/types/client.go
@@ -0,0 +1 @@
+package types
--- a/abci/types/pubkey.go
+++ b/abci/types/pubkey.go
@@ -4,7 +4,7 @@ import (
 	fmt "fmt"

 	"github.com/tendermint/tendermint/crypto/ed25519"
-	cryptoenc "github.com/tendermint/tendermint/crypto/encoding"
+	"github.com/tendermint/tendermint/crypto/encoding"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/tendermint/tendermint/crypto/sr25519"
 )
@@ -12,7 +12,7 @@ import (
 func Ed25519ValidatorUpdate(pk []byte, power int64) ValidatorUpdate {
 	pke := ed25519.PubKey(pk)

-	pkp, err := cryptoenc.PubKeyToProto(pke)
+	pkp, err := encoding.PubKeyToProto(pke)
 	if err != nil {
 		panic(err)
 	}
@@ -29,7 +29,7 @@ func UpdateValidator(pk []byte, power int64, keyType string) ValidatorUpdate {
 		return Ed25519ValidatorUpdate(pk, power)
 	case secp256k1.KeyType:
 		pke := secp256k1.PubKey(pk)
-		pkp, err := cryptoenc.PubKeyToProto(pke)
+		pkp, err := encoding.PubKeyToProto(pke)
 		if err != nil {
 			panic(err)
 		}
@@ -39,7 +39,7 @@ func UpdateValidator(pk []byte, power int64, keyType string) ValidatorUpdate {
 		}
 	case sr25519.KeyType:
 		pke := sr25519.PubKey(pk)
-		pkp, err := cryptoenc.PubKeyToProto(pke)
+		pkp, err := encoding.PubKeyToProto(pke)
 		if err != nil {
 			panic(err)
 		}
--- a/cmd/tendermint/commands/debug/dump.go
+++ b/cmd/tendermint/commands/debug/dump.go
@@ -11,7 +11,7 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"

-	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tendermint/libs/cli"
 	rpchttp "github.com/tendermint/tendermint/rpc/client/http"
 )
@@ -65,9 +65,9 @@ func dumpCmdHandler(_ *cobra.Command, args []string) error {
 	}

 	home := viper.GetString(cli.HomeFlag)
-	conf := cfg.DefaultConfig()
+	conf := config.DefaultConfig()
 	conf = conf.SetRoot(home)
-	cfg.EnsureRoot(conf.RootDir)
+	config.EnsureRoot(conf.RootDir)

 	dumpDebugData(outDir, conf, rpc)

@@ -79,7 +79,7 @@ func dumpCmdHandler(_ *cobra.Command, args []string) error {
 	return nil
 }

-func dumpDebugData(outDir string, conf *cfg.Config, rpc *rpchttp.HTTP) {
+func dumpDebugData(outDir string, conf *config.Config, rpc *rpchttp.HTTP) {
 	start := time.Now().UTC()

 	tmpDir, err := ioutil.TempDir(outDir, "tendermint_debug_tmp")
--- a/cmd/tendermint/commands/debug/kill.go
+++ b/cmd/tendermint/commands/debug/kill.go
@@ -14,7 +14,7 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"

-	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tendermint/libs/cli"
 	rpchttp "github.com/tendermint/tendermint/rpc/client/http"
 )
@@ -50,9 +50,9 @@ func killCmdHandler(cmd *cobra.Command, args []string) error {
 	}

 	home := viper.GetString(cli.HomeFlag)
-	conf := cfg.DefaultConfig()
+	conf := config.DefaultConfig()
 	conf = conf.SetRoot(home)
-	cfg.EnsureRoot(conf.RootDir)
+	config.EnsureRoot(conf.RootDir)

 	// Create a temporary directory which will contain all the state dumps and
 	// relevant files and directories that will be compressed into a file.
--- a/cmd/tendermint/commands/debug/util.go
+++ b/cmd/tendermint/commands/debug/util.go
@@ -9,7 +9,7 @@ import (
 	"path"
 	"path/filepath"

-	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/config"
 	rpchttp "github.com/tendermint/tendermint/rpc/client/http"
 )

@@ -48,7 +48,7 @@ func dumpConsensusState(rpc *rpchttp.HTTP, dir, filename string) error {

 // copyWAL copies the Tendermint node's WAL file. It returns an error if the
 // WAL file cannot be read or copied.
-func copyWAL(conf *cfg.Config, dir string) error {
+func copyWAL(conf *config.Config, dir string) error {
 	walPath := conf.Consensus.WalFile()
 	walFile := filepath.Base(walPath)

--- a/cmd/tendermint/commands/gen_node_key.go
+++ b/cmd/tendermint/commands/gen_node_key.go
@@ -12,11 +12,9 @@ import (
 // GenNodeKeyCmd allows the generation of a node key. It prints JSON-encoded
 // NodeKey to the standard output.
 var GenNodeKeyCmd = &cobra.Command{
-	Use:     "gen-node-key",
-	Aliases: []string{"gen_node_key"},
-	Short:   "Generate a new node key",
-	RunE:    genNodeKey,
-	PreRun:  deprecateSnakeCase,
+	Use:   "gen-node-key",
+	Short: "Generate a new node key",
+	RunE:  genNodeKey,
 }

 func genNodeKey(cmd *cobra.Command, args []string) error {
--- a/cmd/tendermint/commands/gen_validator.go
+++ b/cmd/tendermint/commands/gen_validator.go
@@ -13,11 +13,9 @@ import (
 // GenValidatorCmd allows the generation of a keypair for a
 // validator.
 var GenValidatorCmd = &cobra.Command{
-	Use:     "gen-validator",
-	Aliases: []string{"gen_validator"},
-	Short:   "Generate new validator keypair",
-	RunE:    genValidator,
-	PreRun:  deprecateSnakeCase,
+	Use:   "gen-validator",
+	Short: "Generate new validator keypair",
+	RunE:  genValidator,
 }

 func init() {
--- a/cmd/tendermint/commands/init.go
+++ b/cmd/tendermint/commands/init.go
@@ -121,7 +121,9 @@ func initFilesWithConfig(config *cfg.Config) error {
 	}

 	// write config file
-	cfg.WriteConfigFile(config.RootDir, config)
+	if err := cfg.WriteConfigFile(config.RootDir, config); err != nil {
+		return err
+	}
 	logger.Info("Generated config", "mode", config.Mode)

 	return nil
--- a/cmd/tendermint/commands/inspect.go
+++ b/cmd/tendermint/commands/inspect.go
@@ -0,0 +1,63 @@
+package commands
+
+import (
+	"context"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/spf13/cobra"
+
+	"github.com/tendermint/tendermint/internal/inspect"
+)
+
+// InspectCmd is the command for starting an inspect server.
+var InspectCmd = &cobra.Command{
+	Use:   "inspect",
+	Short: "Run an inspect server for investigating Tendermint state",
+	Long: `
+	inspect runs a subset of Tendermint's RPC endpoints that are useful for debugging
+	issues with Tendermint.
+
+	When the Tendermint consensus engine detects inconsistent state, it will crash the
+	tendermint process. Tendermint will not start up while in this inconsistent state. 
+	The inspect command can be used to query the block and state store using Tendermint
+	RPC calls to debug issues of inconsistent state.
+	`,
+
+	RunE: runInspect,
+}
+
+func init() {
+	InspectCmd.Flags().
+		String("rpc.laddr",
+			config.RPC.ListenAddress, "RPC listenener address. Port required")
+	InspectCmd.Flags().
+		String("db-backend",
+			config.DBBackend, "database backend: goleveldb | cleveldb | boltdb | rocksdb | badgerdb")
+	InspectCmd.Flags().
+		String("db-dir", config.DBPath, "database directory")
+}
+
+func runInspect(cmd *cobra.Command, args []string) error {
+	ctx, cancel := context.WithCancel(cmd.Context())
+	defer cancel()
+
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, syscall.SIGTERM, syscall.SIGINT)
+	go func() {
+		<-c
+		cancel()
+	}()
+
+	ins, err := inspect.NewFromConfig(logger, config)
+	if err != nil {
+		return err
+	}
+
+	logger.Info("starting inspect server")
+	if err := ins.Run(ctx); err != nil {
+		return err
+	}
+	return nil
+}
--- a/cmd/tendermint/commands/light.go
+++ b/cmd/tendermint/commands/light.go
@@ -11,7 +11,6 @@ import (
 	"time"

 	"github.com/spf13/cobra"
-
 	dbm "github.com/tendermint/tm-db"

 	"github.com/tendermint/tendermint/libs/log"
--- a/cmd/tendermint/commands/probe_upnp.go
+++ b/cmd/tendermint/commands/probe_upnp.go
@@ -11,11 +11,9 @@ import (

 // ProbeUpnpCmd adds capabilities to test the UPnP functionality.
 var ProbeUpnpCmd = &cobra.Command{
-	Use:     "probe-upnp",
-	Aliases: []string{"probe_upnp"},
-	Short:   "Test UPnP functionality",
-	RunE:    probeUpnp,
-	PreRun:  deprecateSnakeCase,
+	Use:   "probe-upnp",
+	Short: "Test UPnP functionality",
+	RunE:  probeUpnp,
 }

 func probeUpnp(cmd *cobra.Command, args []string) error {
--- a/cmd/tendermint/commands/reindex_event.go
+++ b/cmd/tendermint/commands/reindex_event.go
@@ -3,20 +3,22 @@ package commands
 import (
 	"errors"
 	"fmt"
+	"path/filepath"
 	"strings"

 	"github.com/spf13/cobra"
-	tmdb "github.com/tendermint/tm-db"
+	dbm "github.com/tendermint/tm-db"

 	abcitypes "github.com/tendermint/tendermint/abci/types"
 	tmcfg "github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tendermint/internal/libs/progressbar"
-	ctypes "github.com/tendermint/tendermint/rpc/core/types"
-	"github.com/tendermint/tendermint/state"
-	"github.com/tendermint/tendermint/state/indexer"
-	"github.com/tendermint/tendermint/state/indexer/sink/kv"
-	"github.com/tendermint/tendermint/state/indexer/sink/psql"
-	"github.com/tendermint/tendermint/store"
+	"github.com/tendermint/tendermint/internal/state"
+	"github.com/tendermint/tendermint/internal/state/indexer"
+	"github.com/tendermint/tendermint/internal/state/indexer/sink/kv"
+	"github.com/tendermint/tendermint/internal/state/indexer/sink/psql"
+	"github.com/tendermint/tendermint/internal/store"
+	"github.com/tendermint/tendermint/libs/os"
+	"github.com/tendermint/tendermint/rpc/coretypes"
 	"github.com/tendermint/tendermint/types"
 )

@@ -29,11 +31,12 @@ var ReIndexEventCmd = &cobra.Command{
 	Use:   "reindex-event",
 	Short: "reindex events to the event store backends",
 	Long: `
-	reindex-event is an offline tooling to re-index block and tx events to the eventsinks,
-	you can run this command when the event store backend dropped/disconnected or you want to replace the backend.
-	The default start-height is 0, meaning the tooling will start reindex from the base block height(inclusive); and the 
-	default end-height is 0, meaning the tooling will reindex until the latest block height(inclusive). User can omits
-	either or both arguments.
+reindex-event is an offline tooling to re-index block and tx events to the eventsinks,
+you can run this command when the event store backend dropped/disconnected or you want to 
+replace the backend. The default start-height is 0, meaning the tooling will start 
+reindex from the base block height(inclusive); and the default end-height is 0, meaning 
+the tooling will reindex until the latest block height(inclusive). User can omit
+either or both arguments.
 	`,
 	Example: `
 	tendermint reindex-event
@@ -106,7 +109,7 @@ func loadEventSinks(cfg *tmcfg.Config) ([]indexer.EventSink, error) {
 			if conn == "" {
 				return nil, errors.New("the psql connection settings cannot be empty")
 			}
-			es, _, err := psql.NewEventSink(conn, chainID)
+			es, err := psql.NewEventSink(conn, chainID)
 			if err != nil {
 				return nil, err
 			}
@@ -129,17 +132,25 @@ func loadEventSinks(cfg *tmcfg.Config) ([]indexer.EventSink, error) {
 }

 func loadStateAndBlockStore(cfg *tmcfg.Config) (*store.BlockStore, state.Store, error) {
-	dbType := tmdb.BackendType(cfg.DBBackend)
+	dbType := dbm.BackendType(cfg.DBBackend)
+
+	if !os.FileExists(filepath.Join(cfg.DBDir(), "blockstore.db")) {
+		return nil, nil, fmt.Errorf("no blockstore found in %v", cfg.DBDir())
+	}

 	// Get BlockStore
-	blockStoreDB, err := tmdb.NewDB("blockstore", dbType, cfg.DBDir())
+	blockStoreDB, err := dbm.NewDB("blockstore", dbType, cfg.DBDir())
 	if err != nil {
 		return nil, nil, err
 	}
 	blockStore := store.NewBlockStore(blockStoreDB)

+	if !os.FileExists(filepath.Join(cfg.DBDir(), "state.db")) {
+		return nil, nil, fmt.Errorf("no blockstore found in %v", cfg.DBDir())
+	}
+
 	// Get StateStore
-	stateDB, err := tmdb.NewDB("state", dbType, cfg.DBDir())
+	stateDB, err := dbm.NewDB("state", dbType, cfg.DBDir())
 	if err != nil {
 		return nil, nil, err
 	}
@@ -221,14 +232,15 @@ func checkValidHeight(bs state.BlockStore) error {
 	}

 	if startHeight < base {
-		return fmt.Errorf("%s (requested start height: %d, base height: %d)", ctypes.ErrHeightNotAvailable, startHeight, base)
+		return fmt.Errorf("%s (requested start height: %d, base height: %d)",
+			coretypes.ErrHeightNotAvailable, startHeight, base)
 	}

 	height := bs.Height()

 	if startHeight > height {
 		return fmt.Errorf(
-			"%s (requested start height: %d, store height: %d)", ctypes.ErrHeightNotAvailable, startHeight, height)
+			"%s (requested start height: %d, store height: %d)", coretypes.ErrHeightNotAvailable, startHeight, height)
 	}

 	if endHeight == 0 || endHeight > height {
@@ -238,13 +250,13 @@ func checkValidHeight(bs state.BlockStore) error {

 	if endHeight < base {
 		return fmt.Errorf(
-			"%s (requested end height: %d, base height: %d)", ctypes.ErrHeightNotAvailable, endHeight, base)
+			"%s (requested end height: %d, base height: %d)", coretypes.ErrHeightNotAvailable, endHeight, base)
 	}

 	if endHeight < startHeight {
 		return fmt.Errorf(
 			"%s (requested the end height: %d is less than the start height: %d)",
-			ctypes.ErrInvalidRequest, startHeight, endHeight)
+			coretypes.ErrInvalidRequest, startHeight, endHeight)
 	}

 	return nil
--- a/cmd/tendermint/commands/reindex_event_test.go
+++ b/cmd/tendermint/commands/reindex_event_test.go
@@ -11,10 +11,13 @@ import (

 	abcitypes "github.com/tendermint/tendermint/abci/types"
 	tmcfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/internal/state/indexer"
+	"github.com/tendermint/tendermint/internal/state/mocks"
 	prototmstate "github.com/tendermint/tendermint/proto/tendermint/state"
-	"github.com/tendermint/tendermint/state/indexer"
-	"github.com/tendermint/tendermint/state/mocks"
 	"github.com/tendermint/tendermint/types"
+	dbm "github.com/tendermint/tm-db"
+
+	_ "github.com/lib/pq" // for the psql sink
 )

 const (
@@ -107,12 +110,29 @@ func TestLoadEventSink(t *testing.T) {
 }

 func TestLoadBlockStore(t *testing.T) {
-	bs, ss, err := loadStateAndBlockStore(tmcfg.TestConfig())
+	testCfg, err := tmcfg.ResetTestRoot(t.Name())
+	require.NoError(t, err)
+	testCfg.DBBackend = "goleveldb"
+	_, _, err = loadStateAndBlockStore(testCfg)
+	// we should return an error because the state store and block store
+	// don't yet exist
+	require.Error(t, err)
+
+	dbType := dbm.BackendType(testCfg.DBBackend)
+	bsdb, err := dbm.NewDB("blockstore", dbType, testCfg.DBDir())
+	require.NoError(t, err)
+	bsdb.Close()
+
+	ssdb, err := dbm.NewDB("state", dbType, testCfg.DBDir())
+	require.NoError(t, err)
+	ssdb.Close()
+
+	bs, ss, err := loadStateAndBlockStore(testCfg)
 	require.NoError(t, err)
 	require.NotNil(t, bs)
 	require.NotNil(t, ss)
-
 }
+
 func TestReIndexEvent(t *testing.T) {
 	mockBlockStore := &mocks.BlockStore{}
 	mockStateStore := &mocks.Store{}
--- a/cmd/tendermint/commands/replay.go
+++ b/cmd/tendermint/commands/replay.go
@@ -17,11 +17,9 @@ var ReplayCmd = &cobra.Command{
 // ReplayConsoleCmd allows replaying of messages from the WAL in a
 // console.
 var ReplayConsoleCmd = &cobra.Command{
-	Use:     "replay-console",
-	Aliases: []string{"replay_console"},
-	Short:   "Replay messages from WAL in a console",
+	Use:   "replay-console",
+	Short: "Replay messages from WAL in a console",
 	Run: func(cmd *cobra.Command, args []string) {
 		consensus.RunReplayFile(config.BaseConfig, config.Consensus, true)
 	},
-	PreRun: deprecateSnakeCase,
 }
--- a/cmd/tendermint/commands/reset_priv_validator.go
+++ b/cmd/tendermint/commands/reset_priv_validator.go
@@ -14,11 +14,9 @@ import (
 // ResetAllCmd removes the database of this Tendermint core
 // instance.
 var ResetAllCmd = &cobra.Command{
-	Use:     "unsafe-reset-all",
-	Aliases: []string{"unsafe_reset_all"},
-	Short:   "(unsafe) Remove all the data and WAL, reset this node's validator to genesis state",
-	RunE:    resetAll,
-	PreRun:  deprecateSnakeCase,
+	Use:   "unsafe-reset-all",
+	Short: "(unsafe) Remove all the data and WAL, reset this node's validator to genesis state",
+	RunE:  resetAll,
 }

 var keepAddrBook bool
@@ -31,11 +29,9 @@ func init() {

 // ResetPrivValidatorCmd resets the private validator files.
 var ResetPrivValidatorCmd = &cobra.Command{
-	Use:     "unsafe-reset-priv-validator",
-	Aliases: []string{"unsafe_reset_priv_validator"},
-	Short:   "(unsafe) Reset this node's validator to genesis state",
-	RunE:    resetPrivValidator,
-	PreRun:  deprecateSnakeCase,
+	Use:   "unsafe-reset-priv-validator",
+	Short: "(unsafe) Reset this node's validator to genesis state",
+	RunE:  resetPrivValidator,
 }

 // XXX: this is totally unsafe.
--- a/cmd/tendermint/commands/rollback.go
+++ b/cmd/tendermint/commands/rollback.go
@@ -0,0 +1,50 @@
+package commands
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/internal/state"
+)
+
+var RollbackStateCmd = &cobra.Command{
+	Use:   "rollback",
+	Short: "rollback tendermint state by one height",
+	Long: `
+A state rollback is performed to recover from an incorrect application state transition,
+when Tendermint has persisted an incorrect app hash and is thus unable to make
+progress. Rollback overwrites a state at height n with the state at height n - 1.
+The application should also roll back to height n - 1. No blocks are removed, so upon
+restarting Tendermint the transactions in block n will be re-executed against the
+application.
+`,
+	RunE: func(cmd *cobra.Command, args []string) error {
+		height, hash, err := RollbackState(config)
+		if err != nil {
+			return fmt.Errorf("failed to rollback state: %w", err)
+		}
+
+		fmt.Printf("Rolled back state to height %d and hash %X", height, hash)
+		return nil
+	},
+}
+
+// RollbackState takes the state at the current height n and overwrites it with the state
+// at height n - 1. Note state here refers to tendermint state not application state.
+// Returns the latest state height and app hash alongside an error if there was one.
+func RollbackState(config *cfg.Config) (int64, []byte, error) {
+	// use the parsed config to load the block and state store
+	blockStore, stateStore, err := loadStateAndBlockStore(config)
+	if err != nil {
+		return -1, nil, err
+	}
+	defer func() {
+		_ = blockStore.Close()
+		_ = stateStore.Close()
+	}()
+
+	// rollback the last state
+	return state.Rollback(blockStore, stateStore)
+}
--- a/cmd/tendermint/commands/root.go
+++ b/cmd/tendermint/commands/root.go
@@ -2,7 +2,6 @@ package commands

 import (
 	"fmt"
-	"strings"
 	"time"

 	"github.com/spf13/cobra"
@@ -65,10 +64,3 @@ var RootCmd = &cobra.Command{
 		return nil
 	},
 }
-
-// deprecateSnakeCase is a util function for 0.34.1. Should be removed in 0.35
-func deprecateSnakeCase(cmd *cobra.Command, args []string) {
-	if strings.Contains(cmd.CalledAs(), "_") {
-		fmt.Println("Deprecated: snake_case commands will be replaced by hyphen-case commands in the next major release")
-	}
-}
--- a/cmd/tendermint/commands/run_node.go
+++ b/cmd/tendermint/commands/run_node.go
@@ -3,6 +3,8 @@ package commands
 import (
 	"bytes"
 	"crypto/sha256"
+	"errors"
+	"flag"
 	"fmt"
 	"io"
 	"os"
@@ -33,7 +35,22 @@ func AddNodeFlags(cmd *cobra.Command) {
 		"socket address to listen on for connections from external priv-validator process")

 	// node flags
-	cmd.Flags().Bool("fast-sync", config.FastSyncMode, "fast blockchain syncing")
+	cmd.Flags().Bool("blocksync.enable", config.BlockSync.Enable, "enable fast blockchain syncing")
+
+	// TODO (https://github.com/tendermint/tendermint/issues/6908): remove this check after the v0.35 release cycle
+	// This check was added to give users an upgrade prompt to use the new flag for syncing.
+	//
+	// The pflag package does not have a native way to print a depcrecation warning
+	// and return an error. This logic was added to print a deprecation message to the user
+	// and then crash if the user attempts to use the old --fast-sync flag.
+	fs := flag.NewFlagSet("", flag.ExitOnError)
+	fs.Func("fast-sync", "deprecated",
+		func(string) error {
+			return errors.New("--fast-sync has been deprecated, please use --blocksync.enable")
+		})
+	cmd.Flags().AddGoFlagSet(fs)
+
+	cmd.Flags().MarkHidden("fast-sync") //nolint:errcheck
 	cmd.Flags().BytesHexVar(
 		&genesisHash,
 		"genesis-hash",
@@ -48,7 +65,7 @@ func AddNodeFlags(cmd *cobra.Command) {
 		"proxy-app",
 		config.ProxyApp,
 		"proxy app address, or one of: 'kvstore',"+
-			" 'persistent_kvstore' or 'noop' for local testing.")
+			" 'persistent_kvstore', 'e2e' or 'noop' for local testing.")
 	cmd.Flags().String("abci", config.ABCI, "specify abci transport (socket | grpc)")

 	// rpc flags
@@ -65,7 +82,7 @@ func AddNodeFlags(cmd *cobra.Command) {
 		"p2p.laddr",
 		config.P2P.ListenAddress,
 		"node listen address. (0.0.0.0:0 means any interface, any port)")
-	cmd.Flags().String("p2p.seeds", config.P2P.Seeds, "comma-delimited ID@host:port seed nodes")
+	cmd.Flags().String("p2p.seeds", config.P2P.Seeds, "comma-delimited ID@host:port seed nodes") //nolint: staticcheck
 	cmd.Flags().String("p2p.persistent-peers", config.P2P.PersistentPeers, "comma-delimited ID@host:port persistent peers")
 	cmd.Flags().String("p2p.unconditional-peer-ids",
 		config.P2P.UnconditionalPeerIDs, "comma-delimited IDs of unconditional peers")
@@ -158,7 +175,7 @@ func checkGenesisHash(config *cfg.Config) error {
 	// Compare with the flag.
 	if !bytes.Equal(genesisHash, actualHash) {
 		return fmt.Errorf(
-			"--genesis_hash=%X does not match %s hash: %X",
+			"--genesis-hash=%X does not match %s hash: %X",
 			genesisHash, config.GenesisFile(), actualHash)
 	}

--- a/cmd/tendermint/commands/show_node_id.go
+++ b/cmd/tendermint/commands/show_node_id.go
@@ -8,11 +8,9 @@ import (

 // ShowNodeIDCmd dumps node's ID to the standard output.
 var ShowNodeIDCmd = &cobra.Command{
-	Use:     "show-node-id",
-	Aliases: []string{"show_node_id"},
-	Short:   "Show this node's ID",
-	RunE:    showNodeID,
-	PreRun:  deprecateSnakeCase,
+	Use:   "show-node-id",
+	Short: "Show this node's ID",
+	RunE:  showNodeID,
 }

 func showNodeID(cmd *cobra.Command, args []string) error {
--- a/cmd/tendermint/commands/show_validator.go
+++ b/cmd/tendermint/commands/show_validator.go
@@ -16,11 +16,9 @@ import (

 // ShowValidatorCmd adds capabilities for showing the validator info.
 var ShowValidatorCmd = &cobra.Command{
-	Use:     "show-validator",
-	Aliases: []string{"show_validator"},
-	Short:   "Show this node's validator info",
-	RunE:    showValidator,
-	PreRun:  deprecateSnakeCase,
+	Use:   "show-validator",
+	Short: "Show this node's validator info",
+	RunE:  showValidator,
 }

 func showValidator(cmd *cobra.Command, args []string) error {
--- a/cmd/tendermint/commands/testnet.go
+++ b/cmd/tendermint/commands/testnet.go
@@ -240,7 +240,9 @@ func testnetFiles(cmd *cobra.Command, args []string) error {
 		}
 		config.Moniker = moniker(i)

-		cfg.WriteConfigFile(nodeDir, config)
+		if err := cfg.WriteConfigFile(nodeDir, config); err != nil {
+			return err
+		}
 	}

 	fmt.Printf("Successfully initialized %v node directories\n", nValidators+nNonValidators)
--- a/cmd/tendermint/main.go
+++ b/cmd/tendermint/main.go
@@ -6,9 +6,9 @@ import (

 	cmd "github.com/tendermint/tendermint/cmd/tendermint/commands"
 	"github.com/tendermint/tendermint/cmd/tendermint/commands/debug"
-	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/config"
 	"github.com/tendermint/tendermint/libs/cli"
-	nm "github.com/tendermint/tendermint/node"
+	"github.com/tendermint/tendermint/node"
 )

 func main() {
@@ -28,6 +28,8 @@ func main() {
 		cmd.ShowNodeIDCmd,
 		cmd.GenNodeKeyCmd,
 		cmd.VersionCmd,
+		cmd.InspectCmd,
+		cmd.RollbackStateCmd,
 		cmd.MakeKeyMigrateCommand(),
 		debug.DebugCmd,
 		cli.NewCompletionCmd(rootCmd, true),
@@ -41,12 +43,12 @@ func main() {
 	//	* Provide their own DB implementation
 	// can copy this file and use something other than the
 	// node.NewDefault function
-	nodeFunc := nm.NewDefault
+	nodeFunc := node.NewDefault

 	// Create & start node
 	rootCmd.AddCommand(cmd.NewRunNodeCmd(nodeFunc))

-	cmd := cli.PrepareBaseCmd(rootCmd, "TM", os.ExpandEnv(filepath.Join("$HOME", cfg.DefaultTendermintDir)))
+	cmd := cli.PrepareBaseCmd(rootCmd, "TM", os.ExpandEnv(filepath.Join("$HOME", config.DefaultTendermintDir)))
 	if err := cmd.Execute(); err != nil {
 		panic(err)
 	}
--- a/config/config.go
+++ b/config/config.go
@@ -64,6 +64,9 @@ var (

 	defaultNodeKeyPath  = filepath.Join(defaultConfigDir, defaultNodeKeyName)
 	defaultAddrBookPath = filepath.Join(defaultConfigDir, defaultAddrBookName)
+
+	minSubscriptionBufferSize     = 100
+	defaultSubscriptionBufferSize = 200
 )

 // Config defines the top level configuration for a Tendermint node
@@ -76,7 +79,7 @@ type Config struct {
 	P2P             *P2PConfig             `mapstructure:"p2p"`
 	Mempool         *MempoolConfig         `mapstructure:"mempool"`
 	StateSync       *StateSyncConfig       `mapstructure:"statesync"`
-	BlockSync       *BlockSyncConfig       `mapstructure:"fastsync"`
+	BlockSync       *BlockSyncConfig       `mapstructure:"blocksync"`
 	Consensus       *ConsensusConfig       `mapstructure:"consensus"`
 	TxIndex         *TxIndexConfig         `mapstructure:"tx-index"`
 	Instrumentation *InstrumentationConfig `mapstructure:"instrumentation"`
@@ -152,7 +155,7 @@ func (cfg *Config) ValidateBasic() error {
 		return fmt.Errorf("error in [statesync] section: %w", err)
 	}
 	if err := cfg.BlockSync.ValidateBasic(); err != nil {
-		return fmt.Errorf("error in [fastsync] section: %w", err)
+		return fmt.Errorf("error in [blocksync] section: %w", err)
 	}
 	if err := cfg.Consensus.ValidateBasic(); err != nil {
 		return fmt.Errorf("error in [consensus] section: %w", err)
@@ -194,12 +197,6 @@ type BaseConfig struct { //nolint: maligned
 	//   - No priv_validator_key.json, priv_validator_state.json
 	Mode string `mapstructure:"mode"`

-	// If this node is many blocks behind the tip of the chain, FastSync
-	// allows them to catchup quickly by downloading blocks in parallel
-	// and verifying their commits
-	// TODO: This should be moved to the blocksync config
-	FastSyncMode bool `mapstructure:"fast-sync"`
-
 	// Database backend: goleveldb | cleveldb | boltdb | rocksdb
 	// * goleveldb (github.com/syndtr/goleveldb - most popular implementation)
 	//   - pure go
@@ -242,23 +239,24 @@ type BaseConfig struct { //nolint: maligned
 	// If true, query the ABCI app on connecting to a new peer
 	// so the app can decide if we should keep the connection or not
 	FilterPeers bool `mapstructure:"filter-peers"` // false
+
+	Other map[string]interface{} `mapstructure:",remain"`
 }

 // DefaultBaseConfig returns a default base configuration for a Tendermint node
 func DefaultBaseConfig() BaseConfig {
 	return BaseConfig{
-		Genesis:      defaultGenesisJSONPath,
-		NodeKey:      defaultNodeKeyPath,
-		Mode:         defaultMode,
-		Moniker:      defaultMoniker,
-		ProxyApp:     "tcp://127.0.0.1:26658",
-		ABCI:         "socket",
-		LogLevel:     DefaultLogLevel,
-		LogFormat:    log.LogFormatPlain,
-		FastSyncMode: true,
-		FilterPeers:  false,
-		DBBackend:    "goleveldb",
-		DBPath:       "data",
+		Genesis:     defaultGenesisJSONPath,
+		NodeKey:     defaultNodeKeyPath,
+		Mode:        defaultMode,
+		Moniker:     defaultMoniker,
+		ProxyApp:    "tcp://127.0.0.1:26658",
+		ABCI:        "socket",
+		LogLevel:    DefaultLogLevel,
+		LogFormat:   log.LogFormatPlain,
+		FilterPeers: false,
+		DBBackend:   "goleveldb",
+		DBPath:      "data",
 	}
 }

@@ -268,7 +266,6 @@ func TestBaseConfig() BaseConfig {
 	cfg.chainID = "tendermint_test"
 	cfg.Mode = ModeValidator
 	cfg.ProxyApp = "kvstore"
-	cfg.FastSyncMode = false
 	cfg.DBBackend = "memdb"
 	return cfg
 }
@@ -345,6 +342,28 @@ func (cfg BaseConfig) ValidateBasic() error {
 		return fmt.Errorf("unknown mode: %v", cfg.Mode)
 	}

+	// TODO (https://github.com/tendermint/tendermint/issues/6908) remove this check after the v0.35 release cycle.
+	// This check was added to give users an upgrade prompt to use the new
+	// configuration option in v0.35. In future release cycles they should no longer
+	// be using this configuration parameter so the check can be removed.
+	// The cfg.Other field can likely be removed at the same time if it is not referenced
+	// elsewhere as it was added to service this check.
+	if fs, ok := cfg.Other["fastsync"]; ok {
+		if _, ok := fs.(map[string]interface{}); ok {
+			return fmt.Errorf("a configuration section named 'fastsync' was found in the " +
+				"configuration file. The 'fastsync' section has been renamed to " +
+				"'blocksync', please update the 'fastsync' field in your configuration file to 'blocksync'")
+		}
+	}
+	if fs, ok := cfg.Other["fast-sync"]; ok {
+		if fs != "" {
+			return fmt.Errorf("a parameter named 'fast-sync' was found in the " +
+				"configuration file. The parameter to enable or disable quickly syncing with a blockchain" +
+				"has moved to the [blocksync] section of the configuration file as blocksync.enable. " +
+				"Please move the 'fast-sync' field in your configuration file to 'blocksync.enable'")
+		}
+	}
+
 	return nil
 }

@@ -480,6 +499,29 @@ type RPCConfig struct {
 	// to the estimated maximum number of broadcast_tx_commit calls per block.
 	MaxSubscriptionsPerClient int `mapstructure:"max-subscriptions-per-client"`

+	// The number of events that can be buffered per subscription before
+	// returning `ErrOutOfCapacity`.
+	SubscriptionBufferSize int `mapstructure:"experimental-subscription-buffer-size"`
+
+	// The maximum number of responses that can be buffered per WebSocket
+	// client. If clients cannot read from the WebSocket endpoint fast enough,
+	// they will be disconnected, so increasing this parameter may reduce the
+	// chances of them being disconnected (but will cause the node to use more
+	// memory).
+	//
+	// Must be at least the same as `SubscriptionBufferSize`, otherwise
+	// connections may be dropped unnecessarily.
+	WebSocketWriteBufferSize int `mapstructure:"experimental-websocket-write-buffer-size"`
+
+	// If a WebSocket client cannot read fast enough, at present we may
+	// silently drop events instead of generating an error or disconnecting the
+	// client.
+	//
+	// Enabling this parameter will cause the WebSocket connection to be closed
+	// instead if it cannot read fast enough, allowing for greater
+	// predictability in subscription behavior.
+	CloseOnSlowClient bool `mapstructure:"experimental-close-on-slow-client"`
+
 	// How long to wait for a tx to be committed during /broadcast_tx_commit
 	// WARNING: Using a value larger than 10s will result in increasing the
 	// global HTTP write timeout, which applies to all connections and endpoints.
@@ -529,7 +571,9 @@ func DefaultRPCConfig() *RPCConfig {

 		MaxSubscriptionClients:    100,
 		MaxSubscriptionsPerClient: 5,
+		SubscriptionBufferSize:    defaultSubscriptionBufferSize,
 		TimeoutBroadcastTxCommit:  10 * time.Second,
+		WebSocketWriteBufferSize:  defaultSubscriptionBufferSize,

 		MaxBodyBytes:   int64(1000000), // 1MB
 		MaxHeaderBytes: 1 << 20,        // same as the net/http default
@@ -563,6 +607,18 @@ func (cfg *RPCConfig) ValidateBasic() error {
 	if cfg.MaxSubscriptionsPerClient < 0 {
 		return errors.New("max-subscriptions-per-client can't be negative")
 	}
+	if cfg.SubscriptionBufferSize < minSubscriptionBufferSize {
+		return fmt.Errorf(
+			"experimental-subscription-buffer-size must be >= %d",
+			minSubscriptionBufferSize,
+		)
+	}
+	if cfg.WebSocketWriteBufferSize < cfg.SubscriptionBufferSize {
+		return fmt.Errorf(
+			"experimental-websocket-write-buffer-size must be >= experimental-subscription-buffer-size (%d)",
+			cfg.SubscriptionBufferSize,
+		)
+	}
 	if cfg.TimeoutBroadcastTxCommit < 0 {
 		return errors.New("timeout-broadcast-tx-commit can't be negative")
 	}
@@ -615,9 +671,11 @@ type P2PConfig struct { //nolint: maligned

 	// Comma separated list of seed nodes to connect to
 	// We only use these if we can’t connect to peers in the addrbook
-	// NOTE: not used by the new PEX reactor. Please use BootstrapPeers instead.
-	// TODO: Remove once p2p refactor is complete
-	// ref: https://github.com/tendermint/tendermint/issues/5670
+	//
+	// Deprecated: This value is not used by the new PEX reactor. Use
+	// BootstrapPeers instead.
+	//
+	// TODO(#5670): Remove once the p2p refactor is complete.
 	Seeds string `mapstructure:"seeds"`

 	// Comma separated list of peers to be added to the peer store
@@ -694,13 +752,14 @@ type P2PConfig struct { //nolint: maligned
 	// Force dial to fail
 	TestDialFail bool `mapstructure:"test-dial-fail"`

-	// DisableLegacy is used mostly for testing to enable or disable the legacy
-	// P2P stack.
-	DisableLegacy bool `mapstructure:"disable-legacy"`
+	// UseLegacy enables the "legacy" P2P implementation and
+	// disables the newer default implementation. This flag will
+	// be removed in a future release.
+	UseLegacy bool `mapstructure:"use-legacy"`

 	// Makes it possible to configure which queue backend the p2p
 	// layer uses. Options are: "fifo", "priority" and "wdrr",
-	// with the default being "fifo".
+	// with the default being "priority".
 	QueueType string `mapstructure:"queue-type"`
 }

@@ -732,6 +791,7 @@ func DefaultP2PConfig() *P2PConfig {
 		DialTimeout:             3 * time.Second,
 		TestDialFail:            false,
 		QueueType:               "priority",
+		UseLegacy:               false,
 	}
 }

@@ -882,15 +942,46 @@ func (cfg *MempoolConfig) ValidateBasic() error {

 // StateSyncConfig defines the configuration for the Tendermint state sync service
 type StateSyncConfig struct {
-	Enable              bool          `mapstructure:"enable"`
-	TempDir             string        `mapstructure:"temp-dir"`
-	RPCServers          []string      `mapstructure:"rpc-servers"`
-	TrustPeriod         time.Duration `mapstructure:"trust-period"`
-	TrustHeight         int64         `mapstructure:"trust-height"`
-	TrustHash           string        `mapstructure:"trust-hash"`
-	DiscoveryTime       time.Duration `mapstructure:"discovery-time"`
+	// State sync rapidly bootstraps a new node by discovering, fetching, and restoring a
+	// state machine snapshot from peers instead of fetching and replaying historical
+	// blocks. Requires some peers in the network to take and serve state machine
+	// snapshots. State sync is not attempted if the node has any local state
+	// (LastBlockHeight > 0). The node will have a truncated block history, starting from
+	// the height of the snapshot.
+	Enable bool `mapstructure:"enable"`
+
+	// State sync uses light client verification to verify state. This can be done either
+	// through the P2P layer or the RPC layer. Set this to true to use the P2P layer. If
+	// false (default), the RPC layer will be used.
+	UseP2P bool `mapstructure:"use-p2p"`
+
+	// If using RPC, at least two addresses need to be provided. They should be compatible
+	// with net.Dial, for example: "host.example.com:2125".
+	RPCServers []string `mapstructure:"rpc-servers"`
+
+	// The hash and height of a trusted block. Must be within the trust-period.
+	TrustHeight int64  `mapstructure:"trust-height"`
+	TrustHash   string `mapstructure:"trust-hash"`
+
+	// The trust period should be set so that Tendermint can detect and gossip
+	// misbehavior before it is considered expired. For chains based on the Cosmos SDK,
+	// one day less than the unbonding period should suffice.
+	TrustPeriod time.Duration `mapstructure:"trust-period"`
+
+	// Time to spend discovering snapshots before initiating a restore.
+	DiscoveryTime time.Duration `mapstructure:"discovery-time"`
+
+	// Temporary directory for state sync snapshot chunks, defaults to os.TempDir().
+	// The synchronizer will create a new, randomly named directory within this directory
+	// and remove it when the sync is complete.
+	TempDir string `mapstructure:"temp-dir"`
+
+	// The timeout duration before re-requesting a chunk, possibly from a different
+	// peer (default: 15 seconds).
 	ChunkRequestTimeout time.Duration `mapstructure:"chunk-request-timeout"`
-	Fetchers            int32         `mapstructure:"fetchers"`
+
+	// The number of concurrent chunk and block fetchers to run (default: 4).
+	Fetchers int32 `mapstructure:"fetchers"`
 }

 func (cfg *StateSyncConfig) TrustHashBytes() []byte {
@@ -919,49 +1010,51 @@ func TestStateSyncConfig() *StateSyncConfig {

 // ValidateBasic performs basic validation.
 func (cfg *StateSyncConfig) ValidateBasic() error {
-	if cfg.Enable {
-		if len(cfg.RPCServers) == 0 {
-			return errors.New("rpc-servers is required")
-		}
+	if !cfg.Enable {
+		return nil
+	}

+	// If we're not using the P2P stack then we need to validate the
+	// RPCServers
+	if !cfg.UseP2P {
 		if len(cfg.RPCServers) < 2 {
-			return errors.New("at least two rpc-servers entries is required")
+			return errors.New("at least two rpc-servers must be specified")
 		}

 		for _, server := range cfg.RPCServers {
-			if len(server) == 0 {
+			if server == "" {
 				return errors.New("found empty rpc-servers entry")
 			}
 		}
+	}

-		if cfg.DiscoveryTime != 0 && cfg.DiscoveryTime < 5*time.Second {
-			return errors.New("discovery time must be 0s or greater than five seconds")
-		}
+	if cfg.DiscoveryTime != 0 && cfg.DiscoveryTime < 5*time.Second {
+		return errors.New("discovery time must be 0s or greater than five seconds")
+	}

-		if cfg.TrustPeriod <= 0 {
-			return errors.New("trusted-period is required")
-		}
+	if cfg.TrustPeriod <= 0 {
+		return errors.New("trusted-period is required")
+	}

-		if cfg.TrustHeight <= 0 {
-			return errors.New("trusted-height is required")
-		}
+	if cfg.TrustHeight <= 0 {
+		return errors.New("trusted-height is required")
+	}

-		if len(cfg.TrustHash) == 0 {
-			return errors.New("trusted-hash is required")
-		}
+	if len(cfg.TrustHash) == 0 {
+		return errors.New("trusted-hash is required")
+	}

-		_, err := hex.DecodeString(cfg.TrustHash)
-		if err != nil {
-			return fmt.Errorf("invalid trusted-hash: %w", err)
-		}
+	_, err := hex.DecodeString(cfg.TrustHash)
+	if err != nil {
+		return fmt.Errorf("invalid trusted-hash: %w", err)
+	}

-		if cfg.ChunkRequestTimeout < 5*time.Second {
-			return errors.New("chunk-request-timeout must be at least 5 seconds")
-		}
+	if cfg.ChunkRequestTimeout < 5*time.Second {
+		return errors.New("chunk-request-timeout must be at least 5 seconds")
+	}

-		if cfg.Fetchers <= 0 {
-			return errors.New("fetchers is required")
-		}
+	if cfg.Fetchers <= 0 {
+		return errors.New("fetchers is required")
 	}

 	return nil
@@ -970,13 +1063,18 @@ func (cfg *StateSyncConfig) ValidateBasic() error {
 //-----------------------------------------------------------------------------

 // BlockSyncConfig (formerly known as FastSync) defines the configuration for the Tendermint block sync service
+// If this node is many blocks behind the tip of the chain, BlockSync
+// allows them to catchup quickly by downloading blocks in parallel
+// and verifying their commits.
 type BlockSyncConfig struct {
+	Enable  bool   `mapstructure:"enable"`
 	Version string `mapstructure:"version"`
 }

 // DefaultBlockSyncConfig returns a default configuration for the block sync service
 func DefaultBlockSyncConfig() *BlockSyncConfig {
 	return &BlockSyncConfig{
+		Enable:  true,
 		Version: BlockSyncV0,
 	}
 }
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -138,7 +138,6 @@ func TestBlockSyncConfigValidateBasic(t *testing.T) {
 }

 func TestConsensusConfig_ValidateBasic(t *testing.T) {
-	// nolint: lll
 	testcases := map[string]struct {
 		modify    func(*ConsensusConfig)
 		expectErr bool
--- a/config/db.go
+++ b/config/db.go
@@ -1,9 +1,10 @@
 package config

 import (
+	dbm "github.com/tendermint/tm-db"
+
 	"github.com/tendermint/tendermint/libs/log"
 	"github.com/tendermint/tendermint/libs/service"
-	db "github.com/tendermint/tm-db"
 )

 // ServiceProvider takes a config and a logger and returns a ready to go Node.
@@ -16,11 +17,11 @@ type DBContext struct {
 }

 // DBProvider takes a DBContext and returns an instantiated DB.
-type DBProvider func(*DBContext) (db.DB, error)
+type DBProvider func(*DBContext) (dbm.DB, error)

 // DefaultDBProvider returns a database using the DBBackend and DBDir
 // specified in the Config.
-func DefaultDBProvider(ctx *DBContext) (db.DB, error) {
-	dbType := db.BackendType(ctx.Config.DBBackend)
-	return db.NewDB(ctx.ID, dbType, ctx.Config.DBDir())
+func DefaultDBProvider(ctx *DBContext) (dbm.DB, error) {
+	dbType := dbm.BackendType(ctx.Config.DBBackend)
+	return dbm.NewDB(ctx.ID, dbType, ctx.Config.DBDir())
 }
--- a/config/toml.go
+++ b/config/toml.go
@@ -45,23 +45,29 @@ func EnsureRoot(rootDir string) {

 // WriteConfigFile renders config using the template and writes it to configFilePath.
 // This function is called by cmd/tendermint/commands/init.go
-func WriteConfigFile(rootDir string, config *Config) {
-	var buffer bytes.Buffer
-
-	if err := configTemplate.Execute(&buffer, config); err != nil {
-		panic(err)
-	}
-
-	configFilePath := filepath.Join(rootDir, defaultConfigFilePath)
-
-	mustWriteFile(configFilePath, buffer.Bytes(), 0644)
+func WriteConfigFile(rootDir string, config *Config) error {
+	return config.WriteToTemplate(filepath.Join(rootDir, defaultConfigFilePath))
 }

-func writeDefaultConfigFileIfNone(rootDir string) {
+// WriteToTemplate writes the config to the exact file specified by
+// the path, in the default toml template and does not mangle the path
+// or filename at all.
+func (cfg *Config) WriteToTemplate(path string) error {
+	var buffer bytes.Buffer
+
+	if err := configTemplate.Execute(&buffer, cfg); err != nil {
+		return err
+	}
+
+	return writeFile(path, buffer.Bytes(), 0644)
+}
+
+func writeDefaultConfigFileIfNone(rootDir string) error {
 	configFilePath := filepath.Join(rootDir, defaultConfigFilePath)
 	if !tmos.FileExists(configFilePath) {
-		WriteConfigFile(rootDir, DefaultConfig())
+		return WriteConfigFile(rootDir, DefaultConfig())
 	}
+	return nil
 }

 // Note: any changes to the comments/variables/mapstructure
@@ -97,11 +103,6 @@ moniker = "{{ .BaseConfig.Moniker }}"
 #   - No priv_validator_key.json, priv_validator_state.json
 mode = "{{ .BaseConfig.Mode }}"

-# If this node is many blocks behind the tip of the chain, FastSync
-# allows them to catchup quickly by downloading blocks in parallel
-# and verifying their commits
-fast-sync = {{ .BaseConfig.FastSyncMode }}
-
 # Database backend: goleveldb | cleveldb | boltdb | rocksdb | badgerdb
 # * goleveldb (github.com/syndtr/goleveldb - most popular implementation)
 #   - pure go
@@ -164,15 +165,15 @@ state-file = "{{ js .PrivValidator.State }}"
 # when the listenAddr is prefixed with grpc instead of tcp it will use the gRPC Client
 laddr = "{{ .PrivValidator.ListenAddr }}"

-# Client certificate generated while creating needed files for secure connection.
+# Path to the client certificate generated while creating needed files for secure connection.
 # If a remote validator address is provided but no certificate, the connection will be insecure
 client-certificate-file = "{{ js .PrivValidator.ClientCertificate }}"

 # Client key generated while creating certificates for secure connection
-validator-client-key-file = "{{ js .PrivValidator.ClientKey }}"
+client-key-file = "{{ js .PrivValidator.ClientKey }}"

-# Path Root Certificate Authority used to sign both client and server certificates
-certificate-authority = "{{ js .PrivValidator.RootCA }}"
+# Path to the Root Certificate Authority used to sign both client and server certificates
+root-ca-file = "{{ js .PrivValidator.RootCA }}"


 #######################################################################
@@ -235,6 +236,33 @@ max-subscription-clients = {{ .RPC.MaxSubscriptionClients }}
 # the estimated # maximum number of broadcast_tx_commit calls per block.
 max-subscriptions-per-client = {{ .RPC.MaxSubscriptionsPerClient }}

+# Experimental parameter to specify the maximum number of events a node will
+# buffer, per subscription, before returning an error and closing the
+# subscription. Must be set to at least 100, but higher values will accommodate
+# higher event throughput rates (and will use more memory).
+experimental-subscription-buffer-size = {{ .RPC.SubscriptionBufferSize }}
+
+# Experimental parameter to specify the maximum number of RPC responses that
+# can be buffered per WebSocket client. If clients cannot read from the
+# WebSocket endpoint fast enough, they will be disconnected, so increasing this
+# parameter may reduce the chances of them being disconnected (but will cause
+# the node to use more memory).
+#
+# Must be at least the same as "experimental-subscription-buffer-size",
+# otherwise connections could be dropped unnecessarily. This value should
+# ideally be somewhat higher than "experimental-subscription-buffer-size" to
+# accommodate non-subscription-related RPC responses.
+experimental-websocket-write-buffer-size = {{ .RPC.WebSocketWriteBufferSize }}
+
+# If a WebSocket client cannot read fast enough, at present we may
+# silently drop events instead of generating an error or disconnecting the
+# client.
+#
+# Enabling this experimental parameter will cause the WebSocket connection to
+# be closed instead if it cannot read fast enough, allowing for greater
+# predictability in subscription behavior.
+experimental-close-on-slow-client = {{ .RPC.CloseOnSlowClient }}
+
 # How long to wait for a tx to be committed during /broadcast_tx_commit.
 # WARNING: Using a value larger than 10s will result in increasing the
 # global HTTP write timeout, which applies to all connections and endpoints.
@@ -270,8 +298,8 @@ pprof-laddr = "{{ .RPC.PprofListenAddress }}"
 #######################################################
 [p2p]

-# Enable the new p2p layer.
-disable-legacy = {{ .P2P.DisableLegacy }}
+# Enable the legacy p2p layer.
+use-legacy = {{ .P2P.UseLegacy }}

 # Select the p2p internal queue
 queue-type = "{{ .P2P.QueueType }}"
@@ -305,6 +333,7 @@ persistent-peers = "{{ .P2P.PersistentPeers }}"
 upnp = {{ .P2P.UPNP }}

 # Path to address book
+# TODO: Remove once p2p refactor is complete in favor of peer store.
 addr-book-file = "{{ js .P2P.AddrBook }}"

 # Set true for strict address routability rules
@@ -330,21 +359,33 @@ max-connections = {{ .P2P.MaxConnections }}
 max-incoming-connection-attempts = {{ .P2P.MaxIncomingConnectionAttempts }}

 # List of node IDs, to which a connection will be (re)established ignoring any existing limits
+# TODO: Remove once p2p refactor is complete.
+# ref: https://github.com/tendermint/tendermint/issues/5670
 unconditional-peer-ids = "{{ .P2P.UnconditionalPeerIDs }}"

 # Maximum pause when redialing a persistent peer (if zero, exponential backoff is used)
+# TODO: Remove once p2p refactor is complete
+# ref: https:#github.com/tendermint/tendermint/issues/5670
 persistent-peers-max-dial-period = "{{ .P2P.PersistentPeersMaxDialPeriod }}"

 # Time to wait before flushing messages out on the connection
+# TODO: Remove once p2p refactor is complete
+# ref: https:#github.com/tendermint/tendermint/issues/5670
 flush-throttle-timeout = "{{ .P2P.FlushThrottleTimeout }}"

 # Maximum size of a message packet payload, in bytes
+# TODO: Remove once p2p refactor is complete
+# ref: https:#github.com/tendermint/tendermint/issues/5670
 max-packet-msg-payload-size = {{ .P2P.MaxPacketMsgPayloadSize }}

 # Rate at which packets can be sent, in bytes/second
+# TODO: Remove once p2p refactor is complete
+# ref: https:#github.com/tendermint/tendermint/issues/5670
 send-rate = {{ .P2P.SendRate }}

 # Rate at which packets can be received, in bytes/second
+# TODO: Remove once p2p refactor is complete
+# ref: https:#github.com/tendermint/tendermint/issues/5670
 recv-rate = {{ .P2P.RecvRate }}

 # Set true to enable the peer-exchange reactor
@@ -426,22 +467,30 @@ ttl-num-blocks = {{ .Mempool.TTLNumBlocks }}
 # starting from the height of the snapshot.
 enable = {{ .StateSync.Enable }}

-# RPC servers (comma-separated) for light client verification of the synced state machine and
-# retrieval of state data for node bootstrapping. Also needs a trusted height and corresponding
-# header hash obtained from a trusted source, and a period during which validators can be trusted.
-#
-# For Cosmos SDK-based chains, trust-period should usually be about 2/3 of the unbonding time (~2
-# weeks) during which they can be financially punished (slashed) for misbehavior.
+# State sync uses light client verification to verify state. This can be done either through the
+# P2P layer or RPC layer. Set this to true to use the P2P layer. If false (default), RPC layer
+# will be used.
+use-p2p = {{ .StateSync.UseP2P }}
+
+# If using RPC, at least two addresses need to be provided. They should be compatible with net.Dial,
+# for example: "host.example.com:2125"
 rpc-servers = "{{ StringsJoin .StateSync.RPCServers "," }}"
+
+# The hash and height of a trusted block. Must be within the trust-period.
 trust-height = {{ .StateSync.TrustHeight }}
 trust-hash = "{{ .StateSync.TrustHash }}"
+
+# The trust period should be set so that Tendermint can detect and gossip misbehavior before
+# it is considered expired. For chains based on the Cosmos SDK, one day less than the unbonding
+# period should suffice.
 trust-period = "{{ .StateSync.TrustPeriod }}"

 # Time to spend discovering snapshots before initiating a restore.
 discovery-time = "{{ .StateSync.DiscoveryTime }}"

-# Temporary directory for state sync snapshot chunks, defaults to the OS tempdir (typically /tmp).
-# Will create a new, randomly named directory within, and remove it when done.
+# Temporary directory for state sync snapshot chunks, defaults to os.TempDir().
+# The synchronizer will create a new, randomly named directory within this directory
+# and remove it when the sync is complete.
 temp-dir = "{{ .StateSync.TempDir }}"

 # The timeout duration before re-requesting a chunk, possibly from a different
@@ -454,10 +503,15 @@ fetchers = "{{ .StateSync.Fetchers }}"
 #######################################################
 ###       Block Sync Configuration Connections       ###
 #######################################################
-[fastsync]
+[blocksync]
+
+# If this node is many blocks behind the tip of the chain, BlockSync
+# allows them to catchup quickly by downloading blocks in parallel
+# and verifying their commits
+enable = {{ .BlockSync.Enable }}

 # Block Sync version to use:
-#   1) "v0" (default) - the legacy block sync implementation
+#   1) "v0" (default) - the standard Block Sync implementation
 #   2) "v2" - DEPRECATED, please use v0
 version = "{{ .BlockSync.Version }}"

@@ -508,7 +562,7 @@ peer-query-maj23-sleep-duration = "{{ .Consensus.PeerQueryMaj23SleepDuration }}"
 [tx-index]

 # The backend database list to back the indexer.
-# If list contains null, meaning no indexer service will be used.
+# If list contains "null" or "", meaning no indexer service will be used.
 #
 # The application will set which txs to index. In some cases a node operator will be able
 # to decide which txs to index based on configuration set in the application.
@@ -516,8 +570,8 @@ peer-query-maj23-sleep-duration = "{{ .Consensus.PeerQueryMaj23SleepDuration }}"
 # Options:
 #   1) "null"
 #   2) "kv" (default) - the simplest possible indexer, backed by key-value storage (defaults to levelDB; see DBBackend).
-# 		- When "kv" is chosen "tx.height" and "tx.hash" will always be indexed.
 #   3) "psql" - the indexer services backed by PostgreSQL.
+# When "kv" or "psql" is chosen "tx.height" and "tx.hash" will always be indexed.
 indexer = [{{ range $i, $e := .TxIndex.Indexer }}{{if $i}}, {{end}}{{ printf "%q" $e}}{{end}}]

 # The PostgreSQL connection configuration, the connection format:
@@ -549,22 +603,22 @@ namespace = "{{ .Instrumentation.Namespace }}"

 /****** these are for test settings ***********/

-func ResetTestRoot(testName string) *Config {
+func ResetTestRoot(testName string) (*Config, error) {
 	return ResetTestRootWithChainID(testName, "")
 }

-func ResetTestRootWithChainID(testName string, chainID string) *Config {
+func ResetTestRootWithChainID(testName string, chainID string) (*Config, error) {
 	// create a unique, concurrency-safe test directory under os.TempDir()
 	rootDir, err := ioutil.TempDir("", fmt.Sprintf("%s-%s_", chainID, testName))
 	if err != nil {
-		panic(err)
+		return nil, err
 	}
 	// ensure config and data subdirs are created
 	if err := tmos.EnsureDir(filepath.Join(rootDir, defaultConfigDir), DefaultDirPerm); err != nil {
-		panic(err)
+		return nil, err
 	}
 	if err := tmos.EnsureDir(filepath.Join(rootDir, defaultDataDir), DefaultDirPerm); err != nil {
-		panic(err)
+		return nil, err
 	}

 	conf := DefaultConfig()
@@ -573,26 +627,36 @@ func ResetTestRootWithChainID(testName string, chainID string) *Config {
 	privStateFilePath := filepath.Join(rootDir, conf.PrivValidator.State)

 	// Write default config file if missing.
-	writeDefaultConfigFileIfNone(rootDir)
+	if err := writeDefaultConfigFileIfNone(rootDir); err != nil {
+		return nil, err
+	}
+
 	if !tmos.FileExists(genesisFilePath) {
 		if chainID == "" {
 			chainID = "tendermint_test"
 		}
 		testGenesis := fmt.Sprintf(testGenesisFmt, chainID)
-		mustWriteFile(genesisFilePath, []byte(testGenesis), 0644)
+		if err := writeFile(genesisFilePath, []byte(testGenesis), 0644); err != nil {
+			return nil, err
+		}
 	}
 	// we always overwrite the priv val
-	mustWriteFile(privKeyFilePath, []byte(testPrivValidatorKey), 0644)
-	mustWriteFile(privStateFilePath, []byte(testPrivValidatorState), 0644)
+	if err := writeFile(privKeyFilePath, []byte(testPrivValidatorKey), 0644); err != nil {
+		return nil, err
+	}
+	if err := writeFile(privStateFilePath, []byte(testPrivValidatorState), 0644); err != nil {
+		return nil, err
+	}

 	config := TestConfig().SetRoot(rootDir)
-	return config
+	return config, nil
 }

-func mustWriteFile(filePath string, contents []byte, mode os.FileMode) {
+func writeFile(filePath string, contents []byte, mode os.FileMode) error {
 	if err := ioutil.WriteFile(filePath, contents, mode); err != nil {
-		tmos.Exit(fmt.Sprintf("failed to write file: %v", err))
+		return fmt.Errorf("failed to write file: %w", err)
 	}
+	return nil
 }

 var testGenesisFmt = `{
--- a/config/toml_test.go
+++ b/config/toml_test.go
@@ -24,21 +24,19 @@ func TestEnsureRoot(t *testing.T) {

 	// setup temp dir for test
 	tmpDir, err := ioutil.TempDir("", "config-test")
-	require.Nil(err)
+	require.NoError(err)
 	defer os.RemoveAll(tmpDir)

 	// create root dir
 	EnsureRoot(tmpDir)

-	WriteConfigFile(tmpDir, DefaultConfig())
+	require.NoError(WriteConfigFile(tmpDir, DefaultConfig()))

 	// make sure config is set properly
 	data, err := ioutil.ReadFile(filepath.Join(tmpDir, defaultConfigFilePath))
-	require.Nil(err)
+	require.NoError(err)

-	if !checkConfig(string(data)) {
-		t.Fatalf("config file missing some information")
-	}
+	checkConfig(t, string(data))

 	ensureFiles(t, tmpDir, "data")
 }
@@ -49,7 +47,8 @@ func TestEnsureTestRoot(t *testing.T) {
 	testName := "ensureTestRoot"

 	// create root dir
-	cfg := ResetTestRoot(testName)
+	cfg, err := ResetTestRoot(testName)
+	require.NoError(err)
 	defer os.RemoveAll(cfg.RootDir)
 	rootDir := cfg.RootDir

@@ -57,9 +56,7 @@ func TestEnsureTestRoot(t *testing.T) {
 	data, err := ioutil.ReadFile(filepath.Join(rootDir, defaultConfigFilePath))
 	require.Nil(err)

-	if !checkConfig(string(data)) {
-		t.Fatalf("config file missing some information")
-	}
+	checkConfig(t, string(data))

 	// TODO: make sure the cfg returned and testconfig are the same!
 	baseConfig := DefaultBaseConfig()
@@ -67,16 +64,15 @@ func TestEnsureTestRoot(t *testing.T) {
 	ensureFiles(t, rootDir, defaultDataDir, baseConfig.Genesis, pvConfig.Key, pvConfig.State)
 }

-func checkConfig(configFile string) bool {
-	var valid bool
-
+func checkConfig(t *testing.T, configFile string) {
+	t.Helper()
 	// list of words we expect in the config
 	var elems = []string{
 		"moniker",
 		"seeds",
 		"proxy-app",
-		"fast_sync",
-		"create_empty_blocks",
+		"blocksync",
+		"create-empty-blocks",
 		"peer",
 		"timeout",
 		"broadcast",
@@ -89,10 +85,7 @@ func checkConfig(configFile string) bool {
 	}
 	for _, e := range elems {
 		if !strings.Contains(configFile, e) {
-			valid = false
-		} else {
-			valid = true
+			t.Errorf("config file was expected to contain %s but did not", e)
 		}
 	}
-	return valid
 }
--- a/crypto/armor/armor.go
+++ b/crypto/armor/armor.go
@@ -1,39 +0,0 @@
-package armor
-
-import (
-	"bytes"
-	"fmt"
-	"io/ioutil"
-
-	"golang.org/x/crypto/openpgp/armor"
-)
-
-func EncodeArmor(blockType string, headers map[string]string, data []byte) string {
-	buf := new(bytes.Buffer)
-	w, err := armor.Encode(buf, blockType, headers)
-	if err != nil {
-		panic(fmt.Errorf("could not encode ascii armor: %s", err))
-	}
-	_, err = w.Write(data)
-	if err != nil {
-		panic(fmt.Errorf("could not encode ascii armor: %s", err))
-	}
-	err = w.Close()
-	if err != nil {
-		panic(fmt.Errorf("could not encode ascii armor: %s", err))
-	}
-	return buf.String()
-}
-
-func DecodeArmor(armorStr string) (blockType string, headers map[string]string, data []byte, err error) {
-	buf := bytes.NewBufferString(armorStr)
-	block, err := armor.Decode(buf)
-	if err != nil {
-		return "", nil, nil, err
-	}
-	data, err = ioutil.ReadAll(block.Body)
-	if err != nil {
-		return "", nil, nil, err
-	}
-	return block.Type, block.Header, data, nil
-}
--- a/crypto/armor/armor_test.go
+++ b/crypto/armor/armor_test.go
@@ -1,20 +0,0 @@
-package armor
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func TestArmor(t *testing.T) {
-	blockType := "MINT TEST"
-	data := []byte("somedata")
-	armorStr := EncodeArmor(blockType, nil, data)
-
-	// Decode armorStr and test for equivalence.
-	blockType2, _, data2, err := DecodeArmor(armorStr)
-	require.Nil(t, err, "%+v", err)
-	assert.Equal(t, blockType, blockType2)
-	assert.Equal(t, data, data2)
-}
--- a/crypto/encoding/codec.go
+++ b/crypto/encoding/codec.go
@@ -8,34 +8,34 @@ import (
 	"github.com/tendermint/tendermint/crypto/secp256k1"
 	"github.com/tendermint/tendermint/crypto/sr25519"
 	"github.com/tendermint/tendermint/libs/json"
-	pc "github.com/tendermint/tendermint/proto/tendermint/crypto"
+	cryptoproto "github.com/tendermint/tendermint/proto/tendermint/crypto"
 )

 func init() {
-	json.RegisterType((*pc.PublicKey)(nil), "tendermint.crypto.PublicKey")
-	json.RegisterType((*pc.PublicKey_Ed25519)(nil), "tendermint.crypto.PublicKey_Ed25519")
-	json.RegisterType((*pc.PublicKey_Secp256K1)(nil), "tendermint.crypto.PublicKey_Secp256K1")
+	json.RegisterType((*cryptoproto.PublicKey)(nil), "tendermint.crypto.PublicKey")
+	json.RegisterType((*cryptoproto.PublicKey_Ed25519)(nil), "tendermint.crypto.PublicKey_Ed25519")
+	json.RegisterType((*cryptoproto.PublicKey_Secp256K1)(nil), "tendermint.crypto.PublicKey_Secp256K1")
 }

 // PubKeyToProto takes crypto.PubKey and transforms it to a protobuf Pubkey
-func PubKeyToProto(k crypto.PubKey) (pc.PublicKey, error) {
-	var kp pc.PublicKey
+func PubKeyToProto(k crypto.PubKey) (cryptoproto.PublicKey, error) {
+	var kp cryptoproto.PublicKey
 	switch k := k.(type) {
 	case ed25519.PubKey:
-		kp = pc.PublicKey{
-			Sum: &pc.PublicKey_Ed25519{
+		kp = cryptoproto.PublicKey{
+			Sum: &cryptoproto.PublicKey_Ed25519{
 				Ed25519: k,
 			},
 		}
 	case secp256k1.PubKey:
-		kp = pc.PublicKey{
-			Sum: &pc.PublicKey_Secp256K1{
+		kp = cryptoproto.PublicKey{
+			Sum: &cryptoproto.PublicKey_Secp256K1{
 				Secp256K1: k,
 			},
 		}
 	case sr25519.PubKey:
-		kp = pc.PublicKey{
-			Sum: &pc.PublicKey_Sr25519{
+		kp = cryptoproto.PublicKey{
+			Sum: &cryptoproto.PublicKey_Sr25519{
 				Sr25519: k,
 			},
 		}
@@ -46,9 +46,9 @@ func PubKeyToProto(k crypto.PubKey) (pc.PublicKey, error) {
 }

 // PubKeyFromProto takes a protobuf Pubkey and transforms it to a crypto.Pubkey
-func PubKeyFromProto(k pc.PublicKey) (crypto.PubKey, error) {
+func PubKeyFromProto(k cryptoproto.PublicKey) (crypto.PubKey, error) {
 	switch k := k.Sum.(type) {
-	case *pc.PublicKey_Ed25519:
+	case *cryptoproto.PublicKey_Ed25519:
 		if len(k.Ed25519) != ed25519.PubKeySize {
 			return nil, fmt.Errorf("invalid size for PubKeyEd25519. Got %d, expected %d",
 				len(k.Ed25519), ed25519.PubKeySize)
@@ -56,7 +56,7 @@ func PubKeyFromProto(k pc.PublicKey) (crypto.PubKey, error) {
 		pk := make(ed25519.PubKey, ed25519.PubKeySize)
 		copy(pk, k.Ed25519)
 		return pk, nil
-	case *pc.PublicKey_Secp256K1:
+	case *cryptoproto.PublicKey_Secp256K1:
 		if len(k.Secp256K1) != secp256k1.PubKeySize {
 			return nil, fmt.Errorf("invalid size for PubKeySecp256k1. Got %d, expected %d",
 				len(k.Secp256K1), secp256k1.PubKeySize)
@@ -64,7 +64,7 @@ func PubKeyFromProto(k pc.PublicKey) (crypto.PubKey, error) {
 		pk := make(secp256k1.PubKey, secp256k1.PubKeySize)
 		copy(pk, k.Secp256K1)
 		return pk, nil
-	case *pc.PublicKey_Sr25519:
+	case *cryptoproto.PublicKey_Sr25519:
 		if len(k.Sr25519) != sr25519.PubKeySize {
 			return nil, fmt.Errorf("invalid size for PubKeySr25519. Got %d, expected %d",
 				len(k.Sr25519), sr25519.PubKeySize)
--- a/crypto/secp256k1/secp256k1.go
+++ b/crypto/secp256k1/secp256k1.go
@@ -172,3 +172,67 @@ func (pubKey PubKey) Equals(other crypto.PubKey) bool {
 func (pubKey PubKey) Type() string {
 	return KeyType
 }
+
+// used to reject malleable signatures
+// see:
+//  - https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/signature_nocgo.go#L90-L93
+//  - https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/crypto.go#L39
+var secp256k1halfN = new(big.Int).Rsh(secp256k1.S256().N, 1)
+
+// Sign creates an ECDSA signature on curve Secp256k1, using SHA256 on the msg.
+// The returned signature will be of the form R || S (in lower-S form).
+func (privKey PrivKey) Sign(msg []byte) ([]byte, error) {
+	priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey)
+
+	sig, err := priv.Sign(crypto.Sha256(msg))
+	if err != nil {
+		return nil, err
+	}
+
+	sigBytes := serializeSig(sig)
+	return sigBytes, nil
+}
+
+// VerifySignature verifies a signature of the form R || S.
+// It rejects signatures which are not in lower-S form.
+func (pubKey PubKey) VerifySignature(msg []byte, sigStr []byte) bool {
+	if len(sigStr) != 64 {
+		return false
+	}
+
+	pub, err := secp256k1.ParsePubKey(pubKey, secp256k1.S256())
+	if err != nil {
+		return false
+	}
+
+	// parse the signature:
+	signature := signatureFromBytes(sigStr)
+	// Reject malleable signatures. libsecp256k1 does this check but btcec doesn't.
+	// see: https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/signature_nocgo.go#L90-L93
+	if signature.S.Cmp(secp256k1halfN) > 0 {
+		return false
+	}
+
+	return signature.Verify(crypto.Sha256(msg), pub)
+}
+
+// Read Signature struct from R || S. Caller needs to ensure
+// that len(sigStr) == 64.
+func signatureFromBytes(sigStr []byte) *secp256k1.Signature {
+	return &secp256k1.Signature{
+		R: new(big.Int).SetBytes(sigStr[:32]),
+		S: new(big.Int).SetBytes(sigStr[32:64]),
+	}
+}
+
+// Serialize signature to R || S.
+// R, S are padded to 32 bytes respectively.
+func serializeSig(sig *secp256k1.Signature) []byte {
+	rBytes := sig.R.Bytes()
+	sBytes := sig.S.Bytes()
+	sigBytes := make([]byte, 64)
+	// 0 pad the byte arrays from the left if they aren't big enough.
+	copy(sigBytes[32-len(rBytes):32], rBytes)
+	copy(sigBytes[64-len(sBytes):64], sBytes)
+	return sigBytes
+}
--- a/crypto/secp256k1/secp256k1_nocgo.go
+++ b/crypto/secp256k1/secp256k1_nocgo.go
@@ -1,75 +0,0 @@
-// +build !libsecp256k1
-
-package secp256k1
-
-import (
-	"math/big"
-
-	secp256k1 "github.com/btcsuite/btcd/btcec"
-
-	"github.com/tendermint/tendermint/crypto"
-)
-
-// used to reject malleable signatures
-// see:
-//  - https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/signature_nocgo.go#L90-L93
-//  - https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/crypto.go#L39
-var secp256k1halfN = new(big.Int).Rsh(secp256k1.S256().N, 1)
-
-// Sign creates an ECDSA signature on curve Secp256k1, using SHA256 on the msg.
-// The returned signature will be of the form R || S (in lower-S form).
-func (privKey PrivKey) Sign(msg []byte) ([]byte, error) {
-	priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey)
-
-	sig, err := priv.Sign(crypto.Sha256(msg))
-	if err != nil {
-		return nil, err
-	}
-
-	sigBytes := serializeSig(sig)
-	return sigBytes, nil
-}
-
-// VerifySignature verifies a signature of the form R || S.
-// It rejects signatures which are not in lower-S form.
-func (pubKey PubKey) VerifySignature(msg []byte, sigStr []byte) bool {
-	if len(sigStr) != 64 {
-		return false
-	}
-
-	pub, err := secp256k1.ParsePubKey(pubKey, secp256k1.S256())
-	if err != nil {
-		return false
-	}
-
-	// parse the signature:
-	signature := signatureFromBytes(sigStr)
-	// Reject malleable signatures. libsecp256k1 does this check but btcec doesn't.
-	// see: https://github.com/ethereum/go-ethereum/blob/f9401ae011ddf7f8d2d95020b7446c17f8d98dc1/crypto/signature_nocgo.go#L90-L93
-	if signature.S.Cmp(secp256k1halfN) > 0 {
-		return false
-	}
-
-	return signature.Verify(crypto.Sha256(msg), pub)
-}
-
-// Read Signature struct from R || S. Caller needs to ensure
-// that len(sigStr) == 64.
-func signatureFromBytes(sigStr []byte) *secp256k1.Signature {
-	return &secp256k1.Signature{
-		R: new(big.Int).SetBytes(sigStr[:32]),
-		S: new(big.Int).SetBytes(sigStr[32:64]),
-	}
-}
-
-// Serialize signature to R || S.
-// R, S are padded to 32 bytes respectively.
-func serializeSig(sig *secp256k1.Signature) []byte {
-	rBytes := sig.R.Bytes()
-	sBytes := sig.S.Bytes()
-	sigBytes := make([]byte, 64)
-	// 0 pad the byte arrays from the left if they aren't big enough.
-	copy(sigBytes[32-len(rBytes):32], rBytes)
-	copy(sigBytes[64-len(sBytes):64], sBytes)
-	return sigBytes
-}
--- a/crypto/secp256k1/secp256k1_test.go
+++ b/crypto/secp256k1/secp256k1_test.go
@@ -5,14 +5,13 @@ import (
 	"math/big"
 	"testing"

+	underlyingSecp256k1 "github.com/btcsuite/btcd/btcec"
 	"github.com/btcsuite/btcutil/base58"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

 	"github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/secp256k1"
-
-	underlyingSecp256k1 "github.com/btcsuite/btcd/btcec"
 )

 type keyData struct {
@@ -36,8 +35,7 @@ func TestPubKeySecp256k1Address(t *testing.T) {
 		addrBbz, _, _ := base58.CheckDecode(d.addr)
 		addrB := crypto.Address(addrBbz)

-		var priv secp256k1.PrivKey = secp256k1.PrivKey(privB)
-
+		priv := secp256k1.PrivKey(privB)
 		pubKey := priv.PubKey()
 		pubT, _ := pubKey.(secp256k1.PubKey)
 		pub := pubT
--- a/crypto/xchacha20poly1305/xchachapoly_test.go
+++ b/crypto/xchacha20poly1305/xchachapoly_test.go
@@ -2,8 +2,8 @@ package xchacha20poly1305

 import (
 	"bytes"
-	cr "crypto/rand"
-	mr "math/rand"
+	crand "crypto/rand"
+	mrand "math/rand"
 	"testing"
 )

@@ -19,23 +19,23 @@ func TestRandom(t *testing.T) {
 		var nonce [24]byte
 		var key [32]byte

-		al := mr.Intn(128)
-		pl := mr.Intn(16384)
+		al := mrand.Intn(128)
+		pl := mrand.Intn(16384)
 		ad := make([]byte, al)
 		plaintext := make([]byte, pl)
-		_, err := cr.Read(key[:])
+		_, err := crand.Read(key[:])
 		if err != nil {
 			t.Errorf("error on read: %w", err)
 		}
-		_, err = cr.Read(nonce[:])
+		_, err = crand.Read(nonce[:])
 		if err != nil {
 			t.Errorf("error on read: %w", err)
 		}
-		_, err = cr.Read(ad)
+		_, err = crand.Read(ad)
 		if err != nil {
 			t.Errorf("error on read: %w", err)
 		}
-		_, err = cr.Read(plaintext)
+		_, err = crand.Read(plaintext)
 		if err != nil {
 			t.Errorf("error on read: %w", err)
 		}
@@ -59,7 +59,7 @@ func TestRandom(t *testing.T) {
 		}

 		if len(ad) > 0 {
-			alterAdIdx := mr.Intn(len(ad))
+			alterAdIdx := mrand.Intn(len(ad))
 			ad[alterAdIdx] ^= 0x80
 			if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
 				t.Errorf("random #%d: Open was successful after altering additional data", i)
@@ -67,14 +67,14 @@ func TestRandom(t *testing.T) {
 			ad[alterAdIdx] ^= 0x80
 		}

-		alterNonceIdx := mr.Intn(aead.NonceSize())
+		alterNonceIdx := mrand.Intn(aead.NonceSize())
 		nonce[alterNonceIdx] ^= 0x80
 		if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
 			t.Errorf("random #%d: Open was successful after altering nonce", i)
 		}
 		nonce[alterNonceIdx] ^= 0x80

-		alterCtIdx := mr.Intn(len(ct))
+		alterCtIdx := mrand.Intn(len(ct))
 		ct[alterCtIdx] ^= 0x80
 		if _, err := aead.Open(nil, nonce[:], ct, ad); err == nil {
 			t.Errorf("random #%d: Open was successful after altering ciphertext", i)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -65,5 +65,5 @@ networks:
    ipam:
      driver: default
      config:
-      -
-        subnet: 192.167.10.0/16
+        -
+          subnet: 192.167.10.0/16
--- a/docs/.vuepress/config.js
+++ b/docs/.vuepress/config.js
@@ -22,10 +22,6 @@ module.exports = {
      index: "tendermint"
    },
    versions: [
-      {
-        "label": "v0.32",
-        "key": "v0.32"
-      },
      {
        "label": "v0.33",
        "key": "v0.33"
@@ -35,8 +31,8 @@ module.exports = {
        "key": "v0.34"
      },
      {
-        "label": "master",
-        "key": "master"
+        "label": "v0.35",
+        "key": "v0.35"
      }
    ],
    topbar: {
@@ -53,8 +49,10 @@ module.exports = {
              path: '/DEV_SESSIONS.html'
            },
            {
+              // TODO(creachadair): Figure out how to make this per-branch.
+              // See: https://github.com/tendermint/tendermint/issues/7908
              title: 'RPC',
-              path: 'https://docs.tendermint.com/master/rpc/',
+              path: 'https://docs.tendermint.com/v0.35/rpc/',
              static: true
            },
          ]
@@ -78,7 +76,7 @@ module.exports = {
    },
    footer: {
      question: {
-        text: 'Chat with Tendermint developers in <a href=\'https://discord.gg/vcExX9T\' target=\'_blank\'>Discord</a> or reach out on the <a href=\'https://forum.cosmos.network/c/tendermint\' target=\'_blank\'>Tendermint Forum</a> to learn more.'
+        text: 'Chat with Tendermint developers in <a href=\'https://discord.gg/cosmosnetwork\' target=\'_blank\'>Discord</a> or reach out on the <a href=\'https://forum.cosmos.network/c/tendermint\' target=\'_blank\'>Tendermint Forum</a> to learn more.'
      },
      logo: '/logo-bw.svg',
      textLink: {
@@ -166,6 +164,12 @@ module.exports = {
      {
        ga: 'UA-51029217-11'
      }
+    ],
+    [
+      '@vuepress/plugin-html-redirect',
+      {
+        countdown: 0
+      }
    ]
  ]
 };
--- a/docs/.vuepress/redirects
+++ b/docs/.vuepress/redirects
@@ -0,0 +1 @@
+/master/ /v0.35/
--- a/docs/DOCS_README.md
+++ b/docs/DOCS_README.md
@@ -2,17 +2,27 @@

 The documentation for Tendermint Core is hosted at:

- <https://docs.tendermint.com/master/>
+- <https://docs.tendermint.com/>

-built from the files in this (`/docs`) directory for
-[master](https://github.com/tendermint/tendermint/tree/master/docs) respectively.
+built from the files in this [`docs` directory for `master`](https://github.com/tendermint/tendermint/tree/master/docs)
+and other supported release branches.

 ## How It Works

-There is a CircleCI job listening for changes in the `/docs` directory, on both
-the `master` branch. Any updates to files in this directory
-on those branches will automatically trigger a website deployment. Under the hood,
-the private website repository has a `make build-docs` target consumed by a CircleCI job in that repo.
+There is a [GitHub Actions workflow](https://github.com/tendermint/docs/actions/workflows/deployment.yml)
+in the `tendermint/docs` repository that clones and builds the documentation
+site from the contents of this `docs` directory, for `master` and for each
+supported release branch. Under the hood, this workflow runs `make build-docs`
+from the [Makefile](../Makefile#L214).
+
+The list of supported versions are defined in [`config.js`](./.vuepress/config.js),
+which defines the UI menu on the documentation site, and also in
+[`docs/versions`](./versions), which determines which branches are built.
+
+The last entry in the `docs/versions` file determines which version is linked
+by default from the generated `index.html`. This should generally be the most
+recent release, rather than `master`, so that new users are not confused by
+documentation for unreleased features.

 ## README

--- a/docs/README.md
+++ b/docs/README.md
@@ -24,7 +24,7 @@ To get started quickly with an example application, see the [quick start guide](
 To learn about application development on Tendermint, see the [Application Blockchain Interface](https://github.com/tendermint/spec/tree/master/spec/abci).

 For more details on using Tendermint, see the respective documentation for
-[Tendermint Core](tendermint-core/), [benchmarking and monitoring](tools/), and [network deployments](networks/).
+[Tendermint Core](tendermint-core/), [benchmarking and monitoring](tools/), and [network deployments](nodes/).

 To find out about the Tendermint ecosystem you can go [here](https://github.com/tendermint/awesome#ecosystem). If you are a project that is using Tendermint you are welcome to make a PR to add your project to the list.

--- a/docs/app-dev/abci-cli.md
+++ b/docs/app-dev/abci-cli.md
@@ -62,7 +62,7 @@ as `abci-cli` above. The kvstore just stores transactions in a merkle
 tree.

 Its code can be found
-[here](https://github.com/tendermint/tendermint/blob/master/abci/cmd/abci-cli/abci-cli.go)
+[here](https://github.com/tendermint/tendermint/blob/v0.35.x/abci/cmd/abci-cli/abci-cli.go)
 and looks like:

 ```go
--- a/docs/app-dev/getting-started.md
+++ b/docs/app-dev/getting-started.md
@@ -68,7 +68,7 @@ tendermint start
 ```

 If you have used Tendermint, you may want to reset the data for a new
-blockchain by running `tendermint unsafe_reset_all`. Then you can run
+blockchain by running `tendermint unsafe-reset-all`. Then you can run
 `tendermint start` to start Tendermint, and connect to the app. For more
 details, see [the guide on using Tendermint](../tendermint-core/using-tendermint.md).

@@ -190,7 +190,7 @@ node example/counter.js
 In another window, reset and start `tendermint`:

 ```sh
-tendermint unsafe_reset_all
+tendermint unsafe-reset-all
 tendermint start
 ```

--- a/docs/app-dev/indexing-transactions.md
+++ b/docs/app-dev/indexing-transactions.md
@@ -62,7 +62,7 @@ be turned off regardless of other values provided.
 #### KV

 The `kv` indexer type is an embedded key-value store supported by the main
-underling Tendermint database. Using the `kv` indexer type allows you to query
+underlying Tendermint database. Using the `kv` indexer type allows you to query
 for block and transaction events directly against Tendermint's RPC. However, the
 query syntax is limited and so this indexer type might be deprecated or removed
 entirely in the future.
--- a/docs/architecture/README.md
+++ b/docs/architecture/README.md
@@ -1,100 +0,0 @@
---
-order: 1
-parent:
-  order: false
---
-
-# Architecture Decision Records (ADR)
-
-This is a location to record all high-level architecture decisions in the tendermint project.
-
-You can read more about the ADR concept in this [blog post](https://product.reverb.com/documenting-architecture-decisions-the-reverb-way-a3563bb24bd0#.78xhdix6t).
-
-An ADR should provide:
-
- Context on the relevant goals and the current state
- Proposed changes to achieve the goals
- Summary of pros and cons
- References
- Changelog
-
-Note the distinction between an ADR and a spec. The ADR provides the context, intuition, reasoning, and
-justification for a change in architecture, or for the architecture of something
-new. The spec is much more compressed and streamlined summary of everything as
-it stands today.
-
-If recorded decisions turned out to be lacking, convene a discussion, record the new decisions here, and then modify the code to match.
-
-Note the context/background should be written in the present tense.
-
-## Table of Contents
-
-### Implemented
-
- [ADR-001: Logging](./adr-001-logging.md)
- [ADR-002: Event-Subscription](./adr-002-event-subscription.md)
- [ADR-003: ABCI-APP-RPC](./adr-003-abci-app-rpc.md)
- [ADR-004: Historical-Validators](./adr-004-historical-validators.md)
- [ADR-005: Consensus-Params](./adr-005-consensus-params.md)
- [ADR-008: Priv-Validator](./adr-008-priv-validator.md)
- [ADR-009: ABCI-Design](./adr-009-ABCI-design.md)
- [ADR-010: Crypto-Changes](./adr-010-crypto-changes.md)
- [ADR-011: Monitoring](./adr-011-monitoring.md)
- [ADR-014: Secp-Malleability](./adr-014-secp-malleability.md)
- [ADR-015: Crypto-Encoding](./adr-015-crypto-encoding.md)
- [ADR-016: Protocol-Versions](./adr-016-protocol-versions.md)
- [ADR-017: Chain-Versions](./adr-017-chain-versions.md)
- [ADR-018: ABCI-Validators](./adr-018-ABCI-Validators.md)
- [ADR-019: Multisigs](./adr-019-multisigs.md)
- [ADR-020: Block-Size](./adr-020-block-size.md)
- [ADR-021: ABCI-Events](./adr-021-abci-events.md)
- [ADR-025: Commit](./adr-025-commit.md)
- [ADR-026: General-Merkle-Proof](./adr-026-general-merkle-proof.md)
- [ADR-033: Pubsub](./adr-033-pubsub.md)
- [ADR-034: Priv-Validator-File-Structure](./adr-034-priv-validator-file-structure.md)
- [ADR-043: Blockchain-RiRi-Org](./adr-043-blockchain-riri-org.md)
- [ADR-044: Lite-Client-With-Weak-Subjectivity](./adr-044-lite-client-with-weak-subjectivity.md)
- [ADR-046: Light-Client-Implementation](./adr-046-light-client-implementation.md)
- [ADR-047: Handling-Evidence-From-Light-Client](./adr-047-handling-evidence-from-light-client.md)
- [ADR-051: Double-Signing-Risk-Reduction](./adr-051-double-signing-risk-reduction.md)
- [ADR-052: Tendermint-Mode](./adr-052-tendermint-mode.md)
- [ADR-053: State-Sync-Prototype](./adr-053-state-sync-prototype.md)
- [ADR-054: Crypto-Encoding-2](./adr-054-crypto-encoding-2.md)
- [ADR-055: Protobuf-Design](./adr-055-protobuf-design.md)
- [ADR-056: Light-Client-Amnesia-Attacks](./adr-056-light-client-amnesia-attacks.md)
- [ADR-059: Evidence-Composition-and-Lifecycle](./adr-059-evidence-composition-and-lifecycle.md)
- [ADR-062: P2P-Architecture](./adr-062-p2p-architecture.md)
- [ADR-063: Privval-gRPC](./adr-063-privval-grpc.md)
- [ADR-066-E2E-Testing](./adr-066-e2e-testing.md)
-### Accepted
-
- [ADR-006: Trust-Metric](./adr-006-trust-metric.md)
- [ADR-024: Sign-Bytes](./adr-024-sign-bytes.md)
- [ADR-035: Documentation](./adr-035-documentation.md)
- [ADR-039: Peer-Behaviour](./adr-039-peer-behaviour.md)
- [ADR-060: Go-API-Stability](./adr-060-go-api-stability.md)
- [ADR-061: P2P-Refactor-Scope](./adr-061-p2p-refactor-scope.md)
- [ADR-065: Custom Event Indexing](./adr-065-custom-event-indexing.md)
- [ADR-068: Reverse-Sync](./adr-068-reverse-sync.md)
- [ADR-067: Mempool Refactor](./adr-067-mempool-refactor.md)
-
-### Rejected
-
- [ADR-023: ABCI-Propose-tx](./adr-023-ABCI-propose-tx.md)
- [ADR-029: Check-Tx-Consensus](./adr-029-check-tx-consensus.md)
- [ADR-058: Event-Hashing](./adr-058-event-hashing.md)
-
-
-### Proposed
-
- [ADR-007: Trust-Metric-Usage](./adr-007-trust-metric-usage.md)
- [ADR-012: Peer-Transport](./adr-012-peer-transport.md)
- [ADR-013: Symmetric-Crypto](./adr-013-symmetric-crypto.md)
- [ADR-022: ABCI-Errors](./adr-022-abci-errors.md)
- [ADR-030: Consensus-Refactor](./adr-030-consensus-refactor.md)
- [ADR-037: Deliver-Block](./adr-037-deliver-block.md)
- [ADR-038: Non-Zero-Start-Height](./adr-038-non-zero-start-height.md)
- [ADR-041: Proposer-Selection-via-ABCI](./adr-041-proposer-selection-via-abci.md)
- [ADR-045: ABCI-Evidence](./adr-045-abci-evidence.md)
- [ADR-057: RPC](./adr-057-RPC.md)
- [ADR-069: Node Initialization](./adr-069-flexible-node-initialization.md)
--- a/docs/architecture/adr-001-logging.md
+++ b/docs/architecture/adr-001-logging.md
@@ -1,216 +0,0 @@
-# ADR 1: Logging
-
-## Context
-
-Current logging system in Tendermint is very static and not flexible enough.
-
-Issues: [358](https://github.com/tendermint/tendermint/issues/358), [375](https://github.com/tendermint/tendermint/issues/375).
-
-What we want from the new system:
-
- per package dynamic log levels
- dynamic logger setting (logger tied to the processing struct)
- conventions
- be more visually appealing
-
-"dynamic" here means the ability to set smth in runtime.
-
-## Decision
-
-### 1) An interface
-
-First, we will need an interface for all of our libraries (`tmlibs`, Tendermint, etc.). My personal preference is go-kit `Logger` interface (see Appendix A.), but that is too much a bigger change. Plus we will still need levels.
-
-```go
-# log.go
-type Logger interface {
-    Debug(msg string, keyvals ...interface{}) error
-    Info(msg string, keyvals ...interface{}) error
-    Error(msg string, keyvals ...interface{}) error
-
-	  With(keyvals ...interface{}) Logger
-}
-```
-
-On a side note: difference between `Info` and `Notice` is subtle. We probably
-could do without `Notice`. Don't think we need `Panic` or `Fatal` as a part of
-the interface. These funcs could be implemented as helpers. In fact, we already
-have some in `tmlibs/common`.
-
- `Debug` - extended output for devs
- `Info` - all that is useful for a user
- `Error` - errors
-
-`Notice` should become `Info`, `Warn` either `Error` or `Debug` depending on the message, `Crit` -> `Error`.
-
-This interface should go into `tmlibs/log`. All libraries which are part of the core (tendermint/tendermint) should obey it.
-
-### 2) Logger with our current formatting
-
-On top of this interface, we will need to implement a stdout logger, which will be used when Tendermint is configured to output logs to STDOUT.
-
-Many people say that they like the current output, so let's stick with it.
-
-```
-NOTE[2017-04-25|14:45:08] ABCI Replay Blocks                       module=consensus appHeight=0 storeHeight=0 stateHeight=0
-```
-
-Couple of minor changes:
-
-```
-I[2017-04-25|14:45:08.322] ABCI Replay Blocks            module=consensus appHeight=0 storeHeight=0 stateHeight=0
-```
-
-Notice the level is encoded using only one char plus milliseconds.
-
-Note: there are many other formats out there like [logfmt](https://brandur.org/logfmt).
-
-This logger could be implemented using any logger - [logrus](https://github.com/sirupsen/logrus), [go-kit/log](https://github.com/go-kit/kit/tree/master/log), [zap](https://github.com/uber-go/zap), log15 so far as it
-
-a) supports coloring output<br>
-b) is moderately fast (buffering) <br>
-c) conforms to the new interface or adapter could be written for it <br>
-d) is somewhat configurable<br>
-
-go-kit is my favorite so far. Check out how easy it is to color errors in red https://github.com/go-kit/kit/blob/master/log/term/example_test.go#L12. Although, coloring could only be applied to the whole string :(
-
-```
-go-kit +: flexible, modular
-go-kit “-”: logfmt format https://brandur.org/logfmt
-
-logrus +: popular, feature rich (hooks), API and output is more like what we want
-logrus -: not so flexible
-```
-
-```go
-# tm_logger.go
-// NewTmLogger returns a logger that encodes keyvals to the Writer in
-// tm format.
-func NewTmLogger(w io.Writer) Logger {
-  return &tmLogger{kitlog.NewLogfmtLogger(w)}
-}
-
-func (l tmLogger) SetLevel(level string() {
-  switch (level) {
-    case "debug":
-      l.sourceLogger = level.NewFilter(l.sourceLogger, level.AllowDebug())
-  }
-}
-
-func (l tmLogger) Info(msg string, keyvals ...interface{}) error {
-  l.sourceLogger.Log("msg", msg, keyvals...)
-}
-
-# log.go
-func With(logger Logger, keyvals ...interface{}) Logger {
-  kitlog.With(logger.sourceLogger, keyvals...)
-}
-```
-
-Usage:
-
-```go
-logger := log.NewTmLogger(os.Stdout)
-logger.SetLevel(config.GetString("log_level"))
-node.SetLogger(log.With(logger, "node", Name))
-```
-
-**Other log formatters**
-
-In the future, we may want other formatters like JSONFormatter.
-
-```
-{ "level": "notice", "time": "2017-04-25 14:45:08.562471297 -0400 EDT", "module": "consensus", "msg": "ABCI Replay Blocks", "appHeight": 0, "storeHeight": 0, "stateHeight": 0 }
-```
-
-### 3) Dynamic logger setting
-
-https://dave.cheney.net/2017/01/23/the-package-level-logger-anti-pattern
-
-This is the hardest part and where the most work will be done. logger should be tied to the processing struct, or the context if it adds some fields to the logger.
-
-```go
-type BaseService struct {
-    log     log15.Logger
-    name    string
-    started uint32 // atomic
-    stopped uint32 // atomic
-...
-}
-```
-
-BaseService already contains `log` field, so most of the structs embedding it should be fine. We should rename it to `logger`.
-
-The only thing missing is the ability to set logger:
-
-```
-func (bs *BaseService) SetLogger(l log.Logger) {
-  bs.logger = l
-}
-```
-
-### 4) Conventions
-
-Important keyvals should go first. Example:
-
-```
-correct
-I[2017-04-25|14:45:08.322] ABCI Replay Blocks                       module=consensus instance=1 appHeight=0 storeHeight=0 stateHeight=0
-```
-
-not
-
-```
-wrong
-I[2017-04-25|14:45:08.322] ABCI Replay Blocks                       module=consensus appHeight=0 storeHeight=0 stateHeight=0 instance=1
-```
-
-for that in most cases you'll need to add `instance` field to a logger upon creating, not when u log a particular message:
-
-```go
-colorFn := func(keyvals ...interface{}) term.FgBgColor {
-		for i := 1; i < len(keyvals); i += 2 {
-			if keyvals[i] == "instance" && keyvals[i+1] == "1" {
-				return term.FgBgColor{Fg: term.Blue}
-			} else if keyvals[i] == "instance" && keyvals[i+1] == "1" {
-				return term.FgBgColor{Fg: term.Red}
-			}
-		}
-		return term.FgBgColor{}
-	}
-logger := term.NewLogger(os.Stdout, log.NewTmLogger, colorFn)
-
-c1 := NewConsensusReactor(...)
-c1.SetLogger(log.With(logger, "instance", 1))
-
-c2 := NewConsensusReactor(...)
-c2.SetLogger(log.With(logger, "instance", 2))
-```
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
-Dynamic logger, which could be turned off for some modules at runtime. Public interface for other projects using Tendermint libraries.
-
-### Negative
-
-We may loose the ability to color keys in keyvalue pairs. go-kit allow you to easily change foreground / background colors of the whole string, but not its parts.
-
-### Neutral
-
-## Appendix A.
-
-I really like a minimalistic approach go-kit took with his logger https://github.com/go-kit/kit/tree/master/log:
-
-```
-type Logger interface {
-    Log(keyvals ...interface{}) error
-}
-```
-
-See [The Hunt for a Logger Interface](https://go-talks.appspot.com/github.com/ChrisHines/talks/structured-logging/structured-logging.slide). The advantage is greater composability (check out how go-kit defines colored logging or log-leveled logging on top of this interface https://github.com/go-kit/kit/tree/master/log).
--- a/docs/architecture/adr-002-event-subscription.md
+++ b/docs/architecture/adr-002-event-subscription.md
@@ -1,88 +0,0 @@
-# ADR 2: Event Subscription
-
-## Context
-
-In the light client (or any other client), the user may want to **subscribe to
-a subset of transactions** (rather than all of them) using `/subscribe?event=X`. For
-example, I want to subscribe for all transactions associated with a particular
-account. Same for fetching. The user may want to **fetch transactions based on
-some filter** (rather than fetching all the blocks). For example, I want to get
-all transactions for a particular account in the last two weeks (`tx's block time >= '2017-06-05'`).
-
-Now you can't even subscribe to "all txs" in Tendermint.
-
-The goal is a simple and easy to use API for doing that.
-
-![Tx Send Flow Diagram](img/tags1.png)
-
-## Decision
-
-ABCI app return tags with a `DeliverTx` response inside the `data` field (_for
-now, later we may create a separate field_). Tags is a list of key-value pairs,
-protobuf encoded.
-
-Example data:
-
-```json
-{
-  "abci.account.name": "Igor",
-  "abci.account.address": "0xdeadbeef",
-  "tx.gas": 7
-}
-```
-
-### Subscribing for transactions events
-
-If the user wants to receive only a subset of transactions, ABCI-app must
-return a list of tags with a `DeliverTx` response. These tags will be parsed and
-matched with the current queries (subscribers). If the query matches the tags,
-subscriber will get the transaction event.
-
-```
-/subscribe?query="tm.event = Tx AND tx.hash = AB0023433CF0334223212243BDD AND abci.account.invoice.number = 22"
-```
-
-A new package must be developed to replace the current `events` package. It
-will allow clients to subscribe to a different types of events in the future:
-
-```
-/subscribe?query="abci.account.invoice.number = 22"
-/subscribe?query="abci.account.invoice.owner CONTAINS Igor"
-```
-
-### Fetching transactions
-
-This is a bit tricky because a) we want to support a number of indexers, all of
-which have a different API b) we don't know whenever tags will be sufficient
-for the most apps (I guess we'll see).
-
-```
-/txs/search?query="tx.hash = AB0023433CF0334223212243BDD AND abci.account.owner CONTAINS Igor"
-/txs/search?query="abci.account.owner = Igor"
-```
-
-For historic queries we will need a indexing storage (Postgres, SQLite, ...).
-
-### Issues
-
- https://github.com/tendermint/tendermint/issues/376
- https://github.com/tendermint/tendermint/issues/287
- https://github.com/tendermint/tendermint/issues/525 (related)
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- same format for event notifications and search APIs
- powerful enough query
-
-### Negative
-
- performance of the `match` function (where we have too many queries / subscribers)
- there is an issue where there are too many txs in the DB
-
-### Neutral
--- a/docs/architecture/adr-003-abci-app-rpc.md
+++ b/docs/architecture/adr-003-abci-app-rpc.md
@@ -1,34 +0,0 @@
-# ADR 3: Must an ABCI-app have an RPC server?
-
-## Context
-
-ABCI-server could expose its own RPC-server and act as a proxy to Tendermint.
-
-The idea was for the Tendermint RPC to just be a transparent proxy to the app.
-Clients need to talk to Tendermint for proofs, unless we burden all app devs
-with exposing Tendermint proof stuff. Also seems less complex to lock down one
-server than two, but granted it makes querying a bit more kludgy since it needs
-to be passed as a `Query`. Also, **having a very standard rpc interface means
-the light-client can work with all apps and handle proofs**. The only
-app-specific logic is decoding the binary data to a more readable form (eg.
-json). This is a huge advantage for code-reuse and standardization.
-
-## Decision
-
-We dont expose an RPC server on any of our ABCI-apps.
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- Unified interface for all apps
-
-### Negative
-
- `Query` interface
-
-### Neutral
--- a/docs/architecture/adr-004-historical-validators.md
+++ b/docs/architecture/adr-004-historical-validators.md
@@ -1,38 +0,0 @@
-# ADR 004: Historical Validators
-
-## Context
-
-Right now, we can query the present validator set, but there is no history.
-If you were offline for a long time, there is no way to reconstruct past validators. This is needed for the light client and we agreed needs enhancement of the API.
-
-## Decision
-
-For every block, store a new structure that contains either the latest validator set,
-or the height of the last block for which the validator set changed. Note this is not
-the height of the block which returned the validator set change itself, but the next block,
-ie. the first block it comes into effect for.
-
-Storing the validators will be handled by the `state` package.
-
-At some point in the future, we may consider more efficient storage in the case where the validators
-are updated frequently - for instance by only saving the diffs, rather than the whole set.
-
-An alternative approach suggested keeping the validator set, or diffs of it, in a merkle IAVL tree.
-While it might afford cheaper proofs that a validator set has not changed, it would be more complex,
-and likely less efficient.
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- Can query old validator sets, with proof.
-
-### Negative
-
- Writes an extra structure to disk with every block.
-
-### Neutral
--- a/docs/architecture/adr-005-consensus-params.md
+++ b/docs/architecture/adr-005-consensus-params.md
@@ -1,85 +0,0 @@
-# ADR 005: Consensus Params
-
-## Context
-
-Consensus critical parameters controlling blockchain capacity have until now been hard coded, loaded from a local config, or neglected.
-Since they may be need to be different in different networks, and potentially to evolve over time within
-networks, we seek to initialize them in a genesis file, and expose them through the ABCI.
-
-While we have some specific parameters now, like maximum block and transaction size, we expect to have more in the future,
-such as a period over which evidence is valid, or the frequency of checkpoints.
-
-## Decision
-
-### ConsensusParams
-
-No consensus critical parameters should ever be found in the `config.toml`.
-
-A new `ConsensusParams` is optionally included in the `genesis.json` file,
-and loaded into the `State`. Any items not included are set to their default value.
-A value of 0 is undefined (see ABCI, below). A value of -1 is used to indicate the parameter does not apply.
-The parameters are used to determine the validity of a block (and tx) via the union of all relevant parameters.
-
-```
-type ConsensusParams struct {
-    BlockSize
-    TxSize
-    BlockGossip
-}
-
-type BlockSize struct {
-    MaxBytes int
-    MaxTxs int
-    MaxGas int
-}
-
-type TxSize struct {
-    MaxBytes int
-    MaxGas int
-}
-
-type BlockGossip struct {
-    BlockPartSizeBytes int
-}
-```
-
-The `ConsensusParams` can evolve over time by adding new structs that cover different aspects of the consensus rules.
-
-The `BlockPartSizeBytes` and the `BlockSize.MaxBytes` are enforced to be greater than 0.
-The former because we need a part size, the latter so that we always have at least some sanity check over the size of blocks.
-
-### ABCI
-
-#### InitChain
-
-InitChain currently takes the initial validator set. It should be extended to also take parts of the ConsensusParams.
-There is some case to be made for it to take the entire Genesis, except there may be things in the genesis,
-like the BlockPartSize, that the app shouldn't really know about.
-
-#### EndBlock
-
-The EndBlock response includes a `ConsensusParams`, which includes BlockSize and TxSize, but not BlockGossip.
-Other param struct can be added to `ConsensusParams` in the future.
-The `0` value is used to denote no change.
-Any other value will update that parameter in the `State.ConsensusParams`, to be applied for the next block.
-Tendermint should have hard-coded upper limits as sanity checks.
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- Alternative capacity limits and consensus parameters can be specified without re-compiling the software.
- They can also change over time under the control of the application
-
-### Negative
-
- More exposed parameters is more complexity
- Different rules at different heights in the blockchain complicates fast sync
-
-### Neutral
-
- The TxSize, which checks validity, may be in conflict with the config's `max_block_size_tx`, which determines proposal sizes
--- a/docs/architecture/adr-006-trust-metric.md
+++ b/docs/architecture/adr-006-trust-metric.md
@@ -1,229 +0,0 @@
-# ADR 006: Trust Metric Design
-
-## Context
-
-The proposed trust metric will allow Tendermint to maintain local trust rankings for peers it has directly interacted with, which can then be used to implement soft security controls. The calculations were obtained from the [TrustGuard](https://dl.acm.org/citation.cfm?id=1060808) project.
-
-### Background
-
-The Tendermint Core project developers would like to improve Tendermint security and reliability by keeping track of the level of trustworthiness peers have demonstrated within the peer-to-peer network. This way, undesirable outcomes from peers will not immediately result in them being dropped from the network (potentially causing drastic changes to take place). Instead, peers behavior can be monitored with appropriate metrics and be removed from the network once Tendermint Core is certain the peer is a threat. For example, when the PEXReactor makes a request for peers network addresses from a already known peer, and the returned network addresses are unreachable, this untrustworthy behavior should be tracked. Returning a few bad network addresses probably shouldn’t cause a peer to be dropped, while excessive amounts of this behavior does qualify the peer being dropped.
-
-Trust metrics can be circumvented by malicious nodes through the use of strategic oscillation techniques, which adapts the malicious node’s behavior pattern in order to maximize its goals. For instance, if the malicious node learns that the time interval of the Tendermint trust metric is _X_ hours, then it could wait _X_ hours in-between malicious activities. We could try to combat this issue by increasing the interval length, yet this will make the system less adaptive to recent events.
-
-Instead, having shorter intervals, but keeping a history of interval values, will give our metric the flexibility needed in order to keep the network stable, while also making it resilient against a strategic malicious node in the Tendermint peer-to-peer network. Also, the metric can access trust data over a rather long period of time while not greatly increasing its history size by aggregating older history values over a larger number of intervals, and at the same time, maintain great precision for the recent intervals. This approach is referred to as fading memories, and closely resembles the way human beings remember their experiences. The trade-off to using history data is that the interval values should be preserved in-between executions of the node.
-
-### References
-
-S. Mudhakar, L. Xiong, and L. Liu, “TrustGuard: Countering Vulnerabilities in Reputation Management for Decentralized Overlay Networks,” in _Proceedings of the 14th international conference on World Wide Web, pp. 422-431_, May 2005.
-
-## Decision
-
-The proposed trust metric will allow a developer to inform the trust metric store of all good and bad events relevant to a peer's behavior, and at any time, the metric can be queried for a peer's current trust ranking.
-
-The three subsections below will cover the process being considered for calculating the trust ranking, the concept of the trust metric store, and the interface for the trust metric.
-
-### Proposed Process
-
-The proposed trust metric will count good and bad events relevant to the object, and calculate the percent of counters that are good over an interval with a predefined duration. This is the procedure that will continue for the life of the trust metric. When the trust metric is queried for the current **trust value**, a resilient equation will be utilized to perform the calculation.
-
-The equation being proposed resembles a Proportional-Integral-Derivative (PID) controller used in control systems. The proportional component allows us to be sensitive to the value of the most recent interval, while the integral component allows us to incorporate trust values stored in the history data, and the derivative component allows us to give weight to sudden changes in the behavior of a peer. We compute the trust value of a peer in interval i based on its current trust ranking, its trust rating history prior to interval _i_ (over the past _maxH_ number of intervals) and its trust ranking fluctuation. We will break up the equation into the three components.
-
-```math
-(1) Proportional Value = a * R[i]
-```
-
-where _R_[*i*] denotes the raw trust value at time interval _i_ (where _i_ == 0 being current time) and _a_ is the weight applied to the contribution of the current reports. The next component of our equation uses a weighted sum over the last _maxH_ intervals to calculate the history value for time _i_:
-
-`H[i] =` ![formula1](img/formula1.png "Weighted Sum Formula")
-
-The weights can be chosen either optimistically or pessimistically. An optimistic weight creates larger weights for newer history data values, while the the pessimistic weight creates larger weights for time intervals with lower scores. The default weights used during the calculation of the history value are optimistic and calculated as _Wk_ = 0.8^_k_, for time interval _k_. With the history value available, we can now finish calculating the integral value:
-
-```math
-(2) Integral Value = b * H[i]
-```
-
-Where _H_[*i*] denotes the history value at time interval _i_ and _b_ is the weight applied to the contribution of past performance for the object being measured. The derivative component will be calculated as follows:
-
-```math
-D[i] = R[i] – H[i]
-
-(3) Derivative Value = c(D[i]) * D[i]
-```
-
-Where the value of _c_ is selected based on the _D_[*i*] value relative to zero. The default selection process makes _c_ equal to 0 unless _D_[*i*] is a negative value, in which case c is equal to 1. The result is that the maximum penalty is applied when current behavior is lower than previously experienced behavior. If the current behavior is better than the previously experienced behavior, then the Derivative Value has no impact on the trust value. With the three components brought together, our trust value equation is calculated as follows:
-
-```math
-TrustValue[i] = a * R[i] + b * H[i] + c(D[i]) * D[i]
-```
-
-As a performance optimization that will keep the amount of raw interval data being saved to a reasonable size of _m_, while allowing us to represent 2^_m_ - 1 history intervals, we can employ the fading memories technique that will trade space and time complexity for the precision of the history data values by summarizing larger quantities of less recent values. While our equation above attempts to access up to _maxH_ (which can be 2^_m_ - 1), we will map those requests down to _m_ values using equation 4 below:
-
-```math
-(4) j = index, where index > 0
-```
-
-Where _j_ is one of _(0, 1, 2, … , m – 1)_ indices used to access history interval data. Now we can access the raw intervals using the following calculations:
-
-```math
-R[0] = raw data for current time interval
-```
-
-`R[j] =` ![formula2](img/formula2.png "Fading Memories Formula")
-
-### Trust Metric Store
-
-Similar to the P2P subsystem AddrBook, the trust metric store will maintain information relevant to Tendermint peers. Additionally, the trust metric store will ensure that trust metrics will only be active for peers that a node is currently and directly engaged with.
-
-Reactors will provide a peer key to the trust metric store in order to retrieve the associated trust metric. The trust metric can then record new positive and negative events experienced by the reactor, as well as provided the current trust score calculated by the metric.
-
-When the node is shutting down, the trust metric store will save history data for trust metrics associated with all known peers. This saved information allows experiences with a peer to be preserved across node executions, which can span a tracking windows of days or weeks. The trust history data is loaded automatically during OnStart.
-
-### Interface Detailed Design
-
-Each trust metric allows for the recording of positive/negative events, querying the current trust value/score, and the stopping/pausing of tracking over time intervals. This can be seen below:
-
-```go
-// TrustMetric - keeps track of peer reliability
-type TrustMetric struct {
-    // Private elements.
-}
-
-// Pause tells the metric to pause recording data over time intervals.
-// All method calls that indicate events will unpause the metric
-func (tm *TrustMetric) Pause() {}
-
-// Stop tells the metric to stop recording data over time intervals
-func (tm *TrustMetric) Stop() {}
-
-// BadEvents indicates that an undesirable event(s) took place
-func (tm *TrustMetric) BadEvents(num int) {}
-
-// GoodEvents indicates that a desirable event(s) took place
-func (tm *TrustMetric) GoodEvents(num int) {}
-
-// TrustValue gets the dependable trust value; always between 0 and 1
-func (tm *TrustMetric) TrustValue() float64 {}
-
-// TrustScore gets a score based on the trust value always between 0 and 100
-func (tm *TrustMetric) TrustScore() int {}
-
-// NewMetric returns a trust metric with the default configuration
-func NewMetric() *TrustMetric {}
-
-//------------------------------------------------------------------------------------------------
-// For example
-
-tm := NewMetric()
-
-tm.BadEvents(1)
-score := tm.TrustScore()
-
-tm.Stop()
-```
-
-Some of the trust metric parameters can be configured. The weight values should probably be left alone in more cases, yet the time durations for the tracking window and individual time interval should be considered.
-
-```go
-// TrustMetricConfig - Configures the weight functions and time intervals for the metric
-type TrustMetricConfig struct {
-    // Determines the percentage given to current behavior
-    ProportionalWeight float64
-
-    // Determines the percentage given to prior behavior
-    IntegralWeight float64
-
-    // The window of time that the trust metric will track events across.
-    // This can be set to cover many days without issue
-    TrackingWindow time.Duration
-
-    // Each interval should be short for adapability.
-    // Less than 30 seconds is too sensitive,
-    // and greater than 5 minutes will make the metric numb
-    IntervalLength time.Duration
-}
-
-// DefaultConfig returns a config with values that have been tested and produce desirable results
-func DefaultConfig() TrustMetricConfig {}
-
-// NewMetricWithConfig returns a trust metric with a custom configuration
-func NewMetricWithConfig(tmc TrustMetricConfig) *TrustMetric {}
-
-//------------------------------------------------------------------------------------------------
-// For example
-
-config := TrustMetricConfig{
-    TrackingWindow: time.Minute * 60 * 24, // one day
-    IntervalLength:    time.Minute * 2,
-}
-
-tm := NewMetricWithConfig(config)
-
-tm.BadEvents(10)
-tm.Pause()
-tm.GoodEvents(1) // becomes active again
-```
-
-A trust metric store should be created with a DB that has persistent storage so it can save history data across node executions. All trust metrics instantiated by the store will be created with the provided TrustMetricConfig configuration.
-
-When you attempt to fetch the trust metric for a peer, and an entry does not exist in the trust metric store, a new metric is automatically created and the entry made within the store.
-
-In additional to the fetching method, GetPeerTrustMetric, the trust metric store provides a method to call when a peer has disconnected from the node. This is so the metric can be paused (history data will not be saved) for periods of time when the node is not having direct experiences with the peer.
-
-```go
-// TrustMetricStore - Manages all trust metrics for peers
-type TrustMetricStore struct {
-    cmn.BaseService
-
-    // Private elements
-}
-
-// OnStart implements Service
-func (tms *TrustMetricStore) OnStart() error {}
-
-// OnStop implements Service
-func (tms *TrustMetricStore) OnStop() {}
-
-// NewTrustMetricStore returns a store that saves data to the DB
-// and uses the config when creating new trust metrics
-func NewTrustMetricStore(db dbm.DB, tmc TrustMetricConfig) *TrustMetricStore {}
-
-// Size returns the number of entries in the trust metric store
-func (tms *TrustMetricStore) Size() int {}
-
-// GetPeerTrustMetric returns a trust metric by peer key
-func (tms *TrustMetricStore) GetPeerTrustMetric(key string) *TrustMetric {}
-
-// PeerDisconnected pauses the trust metric associated with the peer identified by the key
-func (tms *TrustMetricStore) PeerDisconnected(key string) {}
-
-//------------------------------------------------------------------------------------------------
-// For example
-
-db := dbm.NewDB("trusthistory", "goleveldb", dirPathStr)
-tms := NewTrustMetricStore(db, DefaultConfig())
-
-tm := tms.GetPeerTrustMetric(key)
-tm.BadEvents(1)
-
-tms.PeerDisconnected(key)
-```
-
-## Status
-
-Approved.
-
-## Consequences
-
-### Positive
-
- The trust metric will allow Tendermint to make non-binary security and reliability decisions
- Will help Tendermint implement deterrents that provide soft security controls, yet avoids disruption on the network
- Will provide useful profiling information when analyzing performance over time related to peer interaction
-
-### Negative
-
- Requires saving the trust metric history data across node executions
-
-### Neutral
-
- Keep in mind that, good events need to be recorded just as bad events do using this implementation
--- a/docs/architecture/adr-007-trust-metric-usage.md
+++ b/docs/architecture/adr-007-trust-metric-usage.md
@@ -1,106 +0,0 @@
-# ADR 007: Trust Metric Usage Guide
-
-## Context
-
-Tendermint is required to monitor peer quality in order to inform its peer dialing and peer exchange strategies.
-
-When a node first connects to the network, it is important that it can quickly find good peers.
-Thus, while a node has fewer connections, it should prioritize connecting to higher quality peers.
-As the node becomes well connected to the rest of the network, it can dial lesser known or lesser
-quality peers and help assess their quality. Similarly, when queried for peers, a node should make
-sure they dont return low quality peers.
-
-Peer quality can be tracked using a trust metric that flags certain behaviours as good or bad. When enough
-bad behaviour accumulates, we can mark the peer as bad and disconnect.
-For example, when the PEXReactor makes a request for peers network addresses from an already known peer, and the returned network addresses are unreachable, this undesirable behavior should be tracked. Returning a few bad network addresses probably shouldn’t cause a peer to be dropped, while excessive amounts of this behavior does qualify the peer for removal. The originally proposed approach and design document for the trust metric can be found in the [ADR 006](adr-006-trust-metric.md) document.
-
-The trust metric implementation allows a developer to obtain a peer's trust metric from a trust metric store, and track good and bad events relevant to a peer's behavior, and at any time, the peer's metric can be queried for a current trust value. The current trust value is calculated with a formula that utilizes current behavior, previous behavior, and change between the two. Current behavior is calculated as the percentage of good behavior within a time interval. The time interval is short; probably set between 30 seconds and 5 minutes. On the other hand, the historic data can estimate a peer's behavior over days worth of tracking. At the end of a time interval, the current behavior becomes part of the historic data, and a new time interval begins with the good and bad counters reset to zero.
-
-These are some important things to keep in mind regarding how the trust metrics handle time intervals and scoring:
-
- Each new time interval begins with a perfect score
- Bad events quickly bring the score down and good events cause the score to slowly rise
- When the time interval is over, the percentage of good events becomes historic data.
-
-Some useful information about the inner workings of the trust metric:
-
- When a trust metric is first instantiated, a timer (ticker) periodically fires in order to handle transitions between trust metric time intervals
- If a peer is disconnected from a node, the timer should be paused, since the node is no longer connected to that peer
- The ability to pause the metric is supported with the store **PeerDisconnected** method and the metric **Pause** method
- After a pause, if a good or bad event method is called on a metric, it automatically becomes unpaused and begins a new time interval.
-
-## Decision
-
-The trust metric capability is now available, yet, it still leaves the question of how should it be applied throughout Tendermint in order to properly track the quality of peers?
-
-### Proposed Process
-
-Peers are managed using an address book and a trust metric:
-
- The address book keeps a record of peers and provides selection methods
- The trust metric tracks the quality of the peers
-
-#### Presence in Address Book
-
-Outbound peers are added to the address book before they are dialed,
-and inbound peers are added once the peer connection is set up.
-Peers are also added to the address book when they are received in response to
-a pexRequestMessage.
-
-While a node has less than `needAddressThreshold`, it will periodically request more,
-via pexRequestMessage, from randomly selected peers and from newly dialed outbound peers.
-
-When a new address is added to an address book that has more than `0.5*needAddressThreshold` addresses,
-then with some low probability, a randomly chosen low quality peer is removed.
-
-#### Outbound Peers
-
-Peers attempt to maintain a minimum number of outbound connections by
-repeatedly querying the address book for peers to connect to.
-While a node has few to no outbound connections, the address book is biased to return
-higher quality peers. As the node increases the number of outbound connections,
-the address book is biased to return less-vetted or lower-quality peers.
-
-#### Inbound Peers
-
-Peers also maintain a maximum number of total connections, MaxNumPeers.
-If a peer has MaxNumPeers, new incoming connections will be accepted with low probability.
-When such a new connection is accepted, the peer disconnects from a probabilistically chosen low ranking peer
-so it does not exceed MaxNumPeers.
-
-#### Peer Exchange
-
-When a peer receives a pexRequestMessage, it returns a random sample of high quality peers from the address book. Peers with no score or low score should not be inclided in a response to pexRequestMessage.
-
-#### Peer Quality
-
-Peer quality is tracked in the connection and across the reactors by storing the TrustMetric in the peer's
-thread safe Data store.
-
-Peer behaviour is then defined as one of the following:
-
- Fatal - something outright malicious that causes us to disconnect the peer and ban it from the address book for some amount of time
- Bad - Any kind of timeout, messages that don't unmarshal, fail other validity checks, or messages we didn't ask for or aren't expecting (usually worth one bad event)
- Neutral - Unknown channels/message types/version upgrades (no good or bad events recorded)
- Correct - Normal correct behavior (worth one good event)
- Good - some random majority of peers per reactor sending us useful messages (worth more than one good event).
-
-Note that Fatal behaviour causes us to remove the peer, and neutral behaviour does not affect the score.
-
-## Status
-
-Proposed.
-
-## Consequences
-
-### Positive
-
- Bringing the address book and trust metric store together will cause the network to be built in a way that encourages greater security and reliability.
-
-### Negative
-
- TBD
-
-### Neutral
-
- Keep in mind that, good events need to be recorded just as bad events do using this implementation.
--- a/docs/architecture/adr-008-priv-validator.md
+++ b/docs/architecture/adr-008-priv-validator.md
@@ -1,35 +0,0 @@
-# ADR 008: SocketPV
-
-Tendermint node's should support only two in-process PrivValidator
-implementations:
-
- FilePV uses an unencrypted private key in a "priv_validator.json" file - no
-  configuration required (just `tendermint init validator`).
- TCPVal and IPCVal use TCP and Unix sockets respectively to send signing requests
-  to another process - the user is responsible for starting that process themselves.
-
-Both TCPVal and IPCVal addresses can be provided via flags at the command line
-or in the configuration file; TCPVal addresses must be of the form
-`tcp://<ip_address>:<port>` and IPCVal addresses `unix:///path/to/file.sock` -
-doing so will cause Tendermint to ignore any private validator files.
-
-TCPVal will listen on the given address for incoming connections from an external
-private validator process. It will halt any operation until at least one external
-process successfully connected.
-
-The external priv_validator process will dial the address to connect to
-Tendermint, and then Tendermint will send requests on the ensuing connection to
-sign votes and proposals. Thus the external process initiates the connection,
-but the Tendermint process makes all requests. In a later stage we're going to
-support multiple validators for fault tolerance. To prevent double signing they
-need to be synced, which is deferred to an external solution (see #1185).
-
-Conversely, IPCVal will make an outbound connection to an existing socket opened
-by the external validator process.
-
-In addition, Tendermint will provide implementations that can be run in that
-external process. These include:
-
- FilePV will encrypt the private key, and the user must enter password to
-  decrypt key when process is started.
- LedgerPV uses a Ledger Nano S to handle all signing.
--- a/docs/architecture/adr-009-ABCI-design.md
+++ b/docs/architecture/adr-009-ABCI-design.md
@@ -1,271 +0,0 @@
-# ADR 009: ABCI UX Improvements
-
-## Changelog
-
-23-06-2018: Some minor fixes from review
-07-06-2018: Some updates based on discussion with Jae
-07-06-2018: Initial draft to match what was released in ABCI v0.11
-
-## Context
-
-The ABCI was first introduced in late 2015. It's purpose is to be:
-
- a generic interface between state machines and their replication engines
- agnostic to the language the state machine is written in
- agnostic to the replication engine that drives it
-
-This means ABCI should provide an interface for both pluggable applications and
-pluggable consensus engines.
-
-To achieve this, it uses Protocol Buffers (proto3) for message types. The dominant
-implementation is in Go.
-
-After some recent discussions with the community on github, the following were
-identified as pain points:
-
- Amino encoded types
- Managing validator sets
- Imports in the protobuf file
-
-See the [references](#references) for more.
-
-### Imports
-
-The native proto library in Go generates inflexible and verbose code.
-Many in the Go community have adopted a fork called
-[gogoproto](https://github.com/gogo/protobuf) that provides a
-variety of features aimed to improve the developer experience.
-While `gogoproto` is nice, it creates an additional dependency, and compiling
-the protobuf types for other languages has been reported to fail when `gogoproto` is used.
-
-### Amino
-
-Amino is an encoding protocol designed to improve over insufficiencies of protobuf.
-It's goal is to be proto4.
-
-Many people are frustrated by incompatibility with protobuf,
-and with the requirement for Amino to be used at all within ABCI.
-
-We intend to make Amino successful enough that we can eventually use it for ABCI
-message types directly. By then it should be called proto4. In the meantime,
-we want it to be easy to use.
-
-### PubKey
-
-PubKeys are encoded using Amino (and before that, go-wire).
-Ideally, PubKeys are an interface type where we don't know all the
-implementation types, so its unfitting to use `oneof` or `enum`.
-
-### Addresses
-
-The address for ED25519 pubkey is the RIPEMD160 of the Amino
-encoded pubkey. This introduces an Amino dependency in the address generation,
-a functionality that is widely required and should be easy to compute as
-possible.
-
-### Validators
-
-To change the validator set, applications can return a list of validator updates
-with ResponseEndBlock. In these updates, the public key _must_ be included,
-because Tendermint requires the public key to verify validator signatures. This
-means ABCI developers have to work with PubKeys. That said, it would also be
-convenient to work with address information, and for it to be simple to do so.
-
-### AbsentValidators
-
-Tendermint also provides a list of validators in BeginBlock who did not sign the
-last block. This allows applications to reflect availability behaviour in the
-application, for instance by punishing validators for not having votes included
-in commits.
-
-### InitChain
-
-Tendermint passes in a list of validators here, and nothing else. It would
-benefit the application to be able to control the initial validator set. For
-instance the genesis file could include application-based information about the
-initial validator set that the application could process to determine the
-initial validator set. Additionally, InitChain would benefit from getting all
-the genesis information.
-
-### Header
-
-ABCI provides the Header in RequestBeginBlock so the application can have
-important information about the latest state of the blockchain.
-
-## Decision
-
-### Imports
-
-Move away from gogoproto. In the short term, we will just maintain a second
-protobuf file without the gogoproto annotations. In the medium term, we will
-make copies of all the structs in Golang and shuttle back and forth. In the long
-term, we will use Amino.
-
-### Amino
-
-To simplify ABCI application development in the short term,
-Amino will be completely removed from the ABCI:
-
- It will not be required for PubKey encoding
- It will not be required for computing PubKey addresses
-
-That said, we are working to make Amino a huge success, and to become proto4.
-To facilitate adoption and cross-language compatibility in the near-term, Amino
-v1 will:
-
- be fully compatible with the subset of proto3 that excludes `oneof`
- use the Amino prefix system to provide interface types, as opposed to `oneof`
-  style union types.
-
-That said, an Amino v2 will be worked on to improve the performance of the
-format and its useability in cryptographic applications.
-
-### PubKey
-
-Encoding schemes infect software. As a generic middleware, ABCI aims to have
-some cross scheme compatibility. For this it has no choice but to include opaque
-bytes from time to time. While we will not enforce Amino encoding for these
-bytes yet, we need to provide a type system. The simplest way to do this is to
-use a type string.
-
-PubKey will now look like:
-
-```
-message PubKey {
-    string type
-    bytes data
-}
-```
-
-where `type` can be:
-
- "ed225519", with `data = <raw 32-byte pubkey>`
- "secp256k1", with `data = <33-byte OpenSSL compressed pubkey>`
-
-As we want to retain flexibility here, and since ideally, PubKey would be an
-interface type, we do not use `enum` or `oneof`.
-
-### Addresses
-
-To simplify and improve computing addresses, we change it to the first 20-bytes of the SHA256
-of the raw 32-byte public key.
-
-We continue to use the Bitcoin address scheme for secp256k1 keys.
-
-### Validators
-
-Add a `bytes address` field:
-
-```
-message Validator {
-    bytes address
-    PubKey pub_key
-    int64 power
-}
-```
-
-### RequestBeginBlock and AbsentValidators
-
-To simplify this, RequestBeginBlock will include the complete validator set,
-including the address, and voting power of each validator, along
-with a boolean for whether or not they voted:
-
-```
-message RequestBeginBlock {
-  bytes hash
-  Header header
-  LastCommitInfo last_commit_info
-  repeated Evidence byzantine_validators
-}
-
-message LastCommitInfo {
-  int32 CommitRound
-  repeated SigningValidator validators
-}
-
-message SigningValidator {
-    Validator validator
-    bool signed_last_block
-}
-```
-
-Note that in Validators in RequestBeginBlock, we DO NOT include public keys. Public keys are
-larger than addresses and in the future, with quantum computers, will be much
-larger. The overhead of passing them, especially during fast-sync, is
-significant.
-
-Additional, addresses are changing to be simpler to compute, further removing
-the need to include pubkeys here.
-
-In short, ABCI developers must be aware of both addresses and public keys.
-
-### ResponseEndBlock
-
-Since ResponseEndBlock includes Validator, it must now include their address.
-
-### InitChain
-
-Change RequestInitChain to give the app all the information from the genesis file:
-
-```
-message RequestInitChain {
-    int64 time
-    string chain_id
-    ConsensusParams consensus_params
-    repeated Validator validators
-    bytes app_state_bytes
-}
-```
-
-Change ResponseInitChain to allow the app to specify the initial validator set
-and consensus parameters.
-
-```
-message ResponseInitChain {
-    ConsensusParams consensus_params
-    repeated Validator validators
-}
-```
-
-### Header
-
-Now that Tendermint Amino will be compatible with proto3, the Header in ABCI
-should exactly match the Tendermint header - they will then be encoded
-identically in ABCI and in Tendermint Core.
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- Easier for developers to build on the ABCI
- ABCI and Tendermint headers are identically serialized
-
-### Negative
-
- Maintenance overhead of alternative type encoding scheme
- Performance overhead of passing all validator info every block (at least its
-  only addresses, and not also pubkeys)
- Maintenance overhead of duplicate types
-
-### Neutral
-
- ABCI developers must know about validator addresses
-
-## References
-
- [ABCI v0.10.3 Specification (before this
-  proposal)](https://github.com/tendermint/abci/blob/v0.10.3/specification.rst)
- [ABCI v0.11.0 Specification (implementing first draft of this
-  proposal)](https://github.com/tendermint/abci/blob/v0.11.0/specification.md)
- [Ed25519 addresses](https://github.com/tendermint/go-crypto/issues/103)
- [InitChain contains the
-  Genesis](https://github.com/tendermint/abci/issues/216)
- [PubKeys](https://github.com/tendermint/tendermint/issues/1524)
- [Notes on
-  Header](https://github.com/tendermint/tendermint/issues/1605)
- [Gogoproto issues](https://github.com/tendermint/abci/issues/256)
- [Absent Validators](https://github.com/tendermint/abci/issues/231)
--- a/docs/architecture/adr-010-crypto-changes.md
+++ b/docs/architecture/adr-010-crypto-changes.md
@@ -1,77 +0,0 @@
-# ADR 010: Crypto Changes
-
-## Context
-
-Tendermint is a cryptographic protocol that uses and composes a variety of cryptographic primitives.
-
-After nearly 4 years of development, Tendermint has recently undergone multiple security reviews to search for vulnerabilities and to assess the the use and composition of cryptographic primitives.
-
-### Hash Functions
-
-Tendermint uses RIPEMD160 universally as a hash function, most notably in its Merkle tree implementation.
-
-RIPEMD160 was chosen because it provides the shortest fingerprint that is long enough to be considered secure (ie. birthday bound of 80-bits).
-It was also developed in the open academic community, unlike NSA-designed algorithms like SHA256.
-
-That said, the cryptographic community appears to unanimously agree on the security of SHA256. It has become a universal standard, especially now that SHA1 is broken, being required in TLS connections and having optimized support in hardware.
-
-### Merkle Trees
-
-Tendermint uses a simple Merkle tree to compute digests of large structures like transaction batches
-and even blockchain headers. The Merkle tree length prefixes byte arrays before concatenating and hashing them.
-It uses RIPEMD160.
-
-### Addresses
-
-ED25519 addresses are computed using the RIPEMD160 of the Amino encoding of the public key.
-RIPEMD160 is generally considered an outdated hash function, and is much slower
-than more modern functions like SHA256 or Blake2.
-
-### Authenticated Encryption
-
-Tendermint P2P connections use authenticated encryption to provide privacy and authentication in the communications.
-This is done using the simple Station-to-Station protocol with the NaCL Ed25519 library.
-
-While there have been no vulnerabilities found in the implementation, there are some concerns:
-
- NaCL uses Salsa20, a not-widely used and relatively out-dated stream cipher that has been obsoleted by ChaCha20
- Connections use RIPEMD160 to compute a value that is used for the encryption nonce with subtle requirements on how it's used
-
-## Decision
-
-### Hash Functions
-
-Use the first 20-bytes of the SHA256 hash instead of RIPEMD160 for everything
-
-### Merkle Trees
-
-TODO
-
-### Addresses
-
-Compute ED25519 addresses as the first 20-bytes of the SHA256 of the raw 32-byte public key
-
-### Authenticated Encryption
-
-Make the following changes:
-
- Use xChaCha20 instead of xSalsa20 - https://github.com/tendermint/tendermint/issues/1124
- Use an HKDF instead of RIPEMD160 to compute nonces - https://github.com/tendermint/tendermint/issues/1165
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
- More modern and standard cryptographic functions with wider adoption and hardware acceleration
-
-### Negative
-
- Exact authenticated encryption construction isn't already provided in a well-used library
-
-### Neutral
-
-## References
--- a/docs/architecture/adr-011-monitoring.md
+++ b/docs/architecture/adr-011-monitoring.md
@@ -1,116 +0,0 @@
-# ADR 011: Monitoring
-
-## Changelog
-
-08-06-2018: Initial draft
-11-06-2018: Reorg after @xla comments
-13-06-2018: Clarification about usage of labels
-
-## Context
-
-In order to bring more visibility into Tendermint, we would like it to report
-metrics and, maybe later, traces of transactions and RPC queries. See
-https://github.com/tendermint/tendermint/issues/986.
-
-A few solutions were considered:
-
-1. [Prometheus](https://prometheus.io)
-   a) Prometheus API
-   b) [go-kit metrics package](https://github.com/go-kit/kit/tree/master/metrics) as an interface plus Prometheus
-   c) [telegraf](https://github.com/influxdata/telegraf)
-   d) new service, which will listen to events emitted by pubsub and report metrics
-2. [OpenCensus](https://opencensus.io/introduction/)
-
-### 1. Prometheus
-
-Prometheus seems to be the most popular product out there for monitoring. It has
-a Go client library, powerful queries, alerts.
-
-**a) Prometheus API**
-
-We can commit to using Prometheus in Tendermint, but I think Tendermint users
-should be free to choose whatever monitoring tool they feel will better suit
-their needs (if they don't have existing one already). So we should try to
-abstract interface enough so people can switch between Prometheus and other
-similar tools.
-
-**b) go-kit metrics package as an interface**
-
-metrics package provides a set of uniform interfaces for service
-instrumentation and offers adapters to popular metrics packages:
-
-https://godoc.org/github.com/go-kit/kit/metrics#pkg-subdirectories
-
-Comparing to Prometheus API, we're losing customisability and control, but gaining
-freedom in choosing any instrument from the above list given we will extract
-metrics creation into a separate function (see "providers" in node/node.go).
-
-**c) telegraf**
-
-Unlike already discussed options, telegraf does not require modifying Tendermint
-source code. You create something called an input plugin, which polls
-Tendermint RPC every second and calculates the metrics itself.
-
-While it may sound good, but some metrics we want to report are not exposed via
-RPC or pubsub, therefore can't be accessed externally.
-
-**d) service, listening to pubsub**
-
-Same issue as the above.
-
-### 2. opencensus
-
-opencensus provides both metrics and tracing, which may be important in the
-future. It's API looks different from go-kit and Prometheus, but looks like it
-covers everything we need.
-
-Unfortunately, OpenCensus go client does not define any
-interfaces, so if we want to abstract away metrics we
-will need to write interfaces ourselves.
-
-### List of metrics
-
-|     | Name                                 | Type   | Description                                                                   |
-| --- | ------------------------------------ | ------ | ----------------------------------------------------------------------------- |
-| A   | consensus_height                     | Gauge  |                                                                               |
-| A   | consensus_validators                 | Gauge  | Number of validators who signed                                               |
-| A   | consensus_validators_power           | Gauge  | Total voting power of all validators                                          |
-| A   | consensus_missing_validators         | Gauge  | Number of validators who did not sign                                         |
-| A   | consensus_missing_validators_power   | Gauge  | Total voting power of the missing validators                                  |
-| A   | consensus_byzantine_validators       | Gauge  | Number of validators who tried to double sign                                 |
-| A   | consensus_byzantine_validators_power | Gauge  | Total voting power of the byzantine validators                                |
-| A   | consensus_block_interval             | Timing | Time between this and last block (Block.Header.Time)                          |
-|     | consensus_block_time                 | Timing | Time to create a block (from creating a proposal to commit)                   |
-|     | consensus_time_between_blocks        | Timing | Time between committing last block and (receiving proposal creating proposal) |
-| A   | consensus_rounds                     | Gauge  | Number of rounds                                                              |
-|     | consensus_prevotes                   | Gauge  |                                                                               |
-|     | consensus_precommits                 | Gauge  |                                                                               |
-|     | consensus_prevotes_total_power       | Gauge  |                                                                               |
-|     | consensus_precommits_total_power     | Gauge  |                                                                               |
-| A   | consensus_num_txs                    | Gauge  |                                                                               |
-| A   | mempool_size                         | Gauge  |                                                                               |
-| A   | consensus_total_txs                  | Gauge  |                                                                               |
-| A   | consensus_block_size                 | Gauge  | In bytes                                                                      |
-| A   | p2p_peers                            | Gauge  | Number of peers node's connected to                                           |
-
-`A` - will be implemented in the fist place.
-
-**Proposed solution**
-
-## Status
-
-Implemented
-
-## Consequences
-
-### Positive
-
-Better visibility, support of variety of monitoring backends
-
-### Negative
-
-One more library to audit, messing metrics reporting code with business domain.
-
-### Neutral
-
-
--- a/docs/architecture/adr-012-peer-transport.md
+++ b/docs/architecture/adr-012-peer-transport.md
@@ -1,113 +0,0 @@
-# ADR 012: PeerTransport
-
-## Context
-
-One of the more apparent problems with the current architecture in the p2p
-package is that there is no clear separation of concerns between different
-components. Most notably the `Switch` is currently doing physical connection
-handling. An artifact is the dependency of the Switch on
-`[config.P2PConfig`](https://github.com/tendermint/tendermint/blob/05a76fb517f50da27b4bfcdc7b4cf185fc61eff6/config/config.go#L272-L339).
-
-Addresses:
-
- [#2046](https://github.com/tendermint/tendermint/issues/2046)
- [#2047](https://github.com/tendermint/tendermint/issues/2047)
-
-First iteraton in [#2067](https://github.com/tendermint/tendermint/issues/2067)
-
-## Decision
-
-Transport concerns will be handled by a new component (`PeerTransport`) which
-will provide Peers at its boundary to the caller. In turn `Switch` will use
-this new component accept new `Peer`s and dial them based on `NetAddress`.
-
-### PeerTransport
-
-Responsible for emitting and connecting to Peers. The implementation of `Peer`
-is left to the transport, which implies that the chosen transport dictates the
-characteristics of the implementation handed back to the `Switch`. Each
-transport implementation is responsible to filter establishing peers specific
-to its domain, for the default multiplexed implementation the following will
-apply:
-
- connections from our own node
- handshake fails
- upgrade to secret connection fails
- prevent duplicate ip
- prevent duplicate id
- nodeinfo incompatibility
-
-```go
-// PeerTransport proxies incoming and outgoing peer connections.
-type PeerTransport interface {
-	// Accept returns a newly connected Peer.
-	Accept() (Peer, error)
-
-	// Dial connects to a Peer.
-	Dial(NetAddress) (Peer, error)
-}
-
-// EXAMPLE OF DEFAULT IMPLEMENTATION
-
-// multiplexTransport accepts tcp connections and upgrades to multiplexted
-// peers.
-type multiplexTransport struct {
-	listener net.Listener
-
-	acceptc chan accept
-	closec  <-chan struct{}
-	listenc <-chan struct{}
-
-	dialTimeout      time.Duration
-	handshakeTimeout time.Duration
-	nodeAddr         NetAddress
-	nodeInfo         NodeInfo
-	nodeKey          NodeKey
-
-	// TODO(xla): Remove when MConnection is refactored into mPeer.
-	mConfig conn.MConnConfig
-}
-
-var _ PeerTransport = (*multiplexTransport)(nil)
-
-// NewMTransport returns network connected multiplexed peers.
-func NewMTransport(
-	nodeAddr NetAddress,
-	nodeInfo NodeInfo,
-	nodeKey NodeKey,
-) *multiplexTransport
-```
-
-### Switch
-
-From now the Switch will depend on a fully setup `PeerTransport` to
-retrieve/reach out to its peers. As the more low-level concerns are pushed to
-the transport, we can omit passing the `config.P2PConfig` to the Switch.
-
-```go
-func NewSwitch(transport PeerTransport, opts ...SwitchOption) *Switch
-```
-
-## Status
-
-In Review.
-
-## Consequences
-
-### Positive
-
- free Switch from transport concerns - simpler implementation
- pluggable transport implementation - simpler test setup
- remove Switch dependency on P2PConfig - easier to test
-
-### Negative
-
- more setup for tests which depend on Switches
-
-### Neutral
-
- multiplexed will be the default implementation
-
-[0] These guards could be potentially extended to be pluggable much like
-middlewares to express different concerns required by differentally configured
-environments.
--- a/Show More
+++ b/Show More