fix up a few things

lint
fix lints
2026-01-12 07:42:48 +00:00 · 2022-11-09 15:17:43 +01:00 · 2022-11-09 13:51:33 +01:00 · 2022-11-01 14:18:13 +01:00 · 2022-11-01 11:58:53 +01:00 · 2022-11-01 11:26:46 +01:00
1547 changed files with 184560 additions and 93457 deletions
--- a/.circleci/codecov.sh
+++ b/.circleci/codecov.sh
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,468 +0,0 @@
-version: 2.1
-
-executors:
-  golang:
-    docker:
-      - image: tendermintdev/docker-tendermint-build
-    working_directory: /go/src/github.com/tendermint/tendermint
-    environment:
-      GOBIN: /tmp/bin
-  release:
-    machine: true
-  docs:
-    docker:
-      - image: tendermintdev/docker-website-deployment
-    environment:
-      AWS_REGION: us-east-1
-  protoc:
-    docker:
-      - image: tendermintdev/docker-protoc
-
-commands:
-  run_test:
-    parameters:
-      script_path:
-        type: string
-    steps:
-      - attach_workspace:
-          at: /tmp/bin
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - restore_cache:
-          name: "Restore go modules cache"
-          keys:
-            - go-mod-v1-{{ checksum "go.sum" }}
-      - run:
-          name: "Running test"
-          command: |
-            bash << parameters.script_path >>
-
-jobs:
-  setup_dependencies:
-    executor: golang
-    steps:
-      - checkout
-      - restore_cache:
-          name: "Restore go modules cache"
-          keys:
-            - go-mod-v1-{{ checksum "go.sum" }}
-      - run:
-          command: |
-            mkdir -p /tmp/bin
-      - run:
-          name: Cache go modules
-          command: make go-mod-cache
-      - run:
-          name: tools
-          command: make tools
-      - run:
-          name: "Build binaries"
-          command: make install install_abci
-      - save_cache:
-          name: "Save go modules cache"
-          key: go-mod-v1-{{ checksum "go.sum" }}
-          paths:
-            - "/go/pkg/mod"
-      - save_cache:
-          name: "Save source code cache"
-          key: go-src-v1-{{ .Revision }}
-          paths:
-            - ".git"
-      - persist_to_workspace:
-          root: "/tmp/bin"
-          paths:
-            - "."
-  proto-lint:
-    executor: protoc
-    steps:
-      - checkout
-      - run:
-          command: make proto-lint
-
-  proto-breakage:
-    executor: protoc
-    steps:
-      - checkout
-      - run:
-          command: make proto-check-breaking-ci
-
-  test_abci_apps:
-    executor: golang
-    steps:
-      - run_test:
-          script_path: abci/tests/test_app/test.sh
-
-  # if this test fails, fix it and update the docs at:
-  # https://github.com/tendermint/tendermint/blob/master/docs/abci-cli.md
-  test_abci_cli:
-    executor: golang
-    steps:
-      - run_test:
-          script_path: abci/tests/test_cli/test.sh
-
-  test_apps:
-    executor: golang
-    steps:
-      - run_test:
-          script_path: test/app/test.sh
-
-  test_persistence:
-    executor: golang
-    steps:
-      - run_test:
-          script_path: test/persist/test_failure_indices.sh
-
-  test_cover:
-    executor: golang
-    parallelism: 4
-    steps:
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - restore_cache:
-          name: "Restore go module cache"
-          keys:
-            - go-mod-v2-{{ checksum "go.sum" }}
-      - run:
-          name: "Run tests"
-          command: |
-            export VERSION="$(git describe --tags --long | sed 's/v\(.*\)/\1/')"
-            export GO111MODULE=on
-            mkdir -p /tmp/logs /tmp/workspace/profiles
-            for pkg in $(go list github.com/tendermint/tendermint/... | circleci tests split --split-by=timings); do
-              id=$(basename "$pkg")
-              go test -v -timeout 5m -mod=readonly -race -coverprofile=/tmp/workspace/profiles/$id.out -covermode=atomic "$pkg" | tee "/tmp/logs/$id-$RANDOM.log"
-            done
-      - persist_to_workspace:
-          root: /tmp/workspace
-          paths:
-            - "profiles/*"
-      - store_artifacts:
-          path: /tmp/logs
-
-  localnet:
-    working_directory: /home/circleci/.go_workspace/src/github.com/tendermint/tendermint
-    machine:
-      image: circleci/classic:latest
-    environment:
-      GOBIN: /home/circleci/.go_workspace/bin
-      GOPATH: /home/circleci/.go_workspace/
-      GOOS: linux
-      GOARCH: amd64
-    parallelism: 1
-    steps:
-      - checkout
-      - run:
-          name: run localnet and exit on failure
-          command: |
-            set -x
-            docker run --rm -v "$PWD":/go/src/github.com/tendermint/tendermint -w /go/src/github.com/tendermint/tendermint golang make build-linux
-            make localnet-start &
-            ./scripts/localnet-blocks-test.sh 40 5 10 localhost
-
-  test_p2p:
-    environment:
-      GOBIN: /home/circleci/.go_workspace/bin
-      GOPATH: /home/circleci/.go_workspace
-    machine:
-      image: circleci/classic:latest
-    parameters:
-      ipv:
-        type: integer
-        default: 4
-    steps:
-      - checkout
-      - run: mkdir -p $GOPATH/src/github.com/tendermint
-      - run: ln -sf /home/circleci/project $GOPATH/src/github.com/tendermint/tendermint
-      - run: bash test/p2p/circleci.sh << parameters.ipv >>
-      - store_artifacts:
-          path: /home/circleci/project/test/p2p/logs
-
-  upload_coverage:
-    executor: golang
-    steps:
-      - attach_workspace:
-          at: /tmp/workspace
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - restore_cache:
-          name: "Restore go module cache"
-          keys:
-            - go-mod-v2-{{ checksum "go.sum" }}
-      - run:
-          name: gather
-          command: |
-            echo "mode: atomic" > coverage.txt
-            for prof in $(ls /tmp/workspace/profiles/); do
-              tail -n +2 /tmp/workspace/profiles/"$prof" >> coverage.txt
-            done
-      - run:
-          name: upload
-          command: bash .circleci/codecov.sh -f coverage.txt
-
-  deploy_docs:
-    executor: docs
-    steps:
-      - checkout
-      - run:
-          name: "Build docs"
-          command: make build-docs
-      - run:
-          name: "Sync to S3"
-          command: make sync-docs
-
-  prepare_build:
-    executor: golang
-    steps:
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - run:
-          name: Get next release number
-          command: |
-            export LAST_TAG="`git describe --tags --abbrev=0 --match "${CIRCLE_BRANCH}.*"`"
-            echo "Last tag: ${LAST_TAG}"
-            if [ -z "${LAST_TAG}" ]; then
-              export LAST_TAG="${CIRCLE_BRANCH}"
-              echo "Last tag not found. Possibly fresh branch or feature branch. Setting ${LAST_TAG} as tag."
-            fi
-            export NEXT_TAG="`python -u scripts/release_management/bump-semver.py --version "${LAST_TAG}"`"
-            echo "Next tag: ${NEXT_TAG}"
-            echo "export CIRCLE_TAG=\"${NEXT_TAG}\"" > release-version.source
-      - run:
-          name: Build dependencies
-          command: make tools
-      - persist_to_workspace:
-          root: .
-          paths:
-            - "release-version.source"
-      - save_cache:
-          key: v2-release-deps-{{ checksum "go.sum" }}
-          paths:
-            - "/go/pkg/mod"
-
-  build_artifacts:
-    executor: golang
-    parallelism: 4
-    steps:
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - restore_cache:
-          name: "Restore release dependencies cache"
-          keys:
-            - v2-release-deps-{{ checksum "go.sum" }}
-      - attach_workspace:
-          at: /tmp/workspace
-      - run:
-          name: Build artifact
-          command: |
-            # Setting CIRCLE_TAG because we do not tag the release ourselves.
-            source /tmp/workspace/release-version.source
-            if test ${CIRCLE_NODE_INDEX:-0} == 0 ;then export GOOS=linux GOARCH=amd64   && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
-            if test ${CIRCLE_NODE_INDEX:-0} == 1 ;then export GOOS=darwin GOARCH=amd64  && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
-            if test ${CIRCLE_NODE_INDEX:-0} == 2 ;then export GOOS=windows GOARCH=amd64 && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
-            if test ${CIRCLE_NODE_INDEX:-0} == 3 ;then export GOOS=linux GOARCH=arm     && export OUTPUT=build/tendermint_${GOOS}_${GOARCH} && make build && python -u scripts/release_management/zip-file.py ;fi
-      - persist_to_workspace:
-          root: build
-          paths:
-            - "*.zip"
-            - "tendermint_linux_amd64"
-
-  release_artifacts:
-    executor: golang
-    steps:
-      - restore_cache:
-          name: "Restore source code cache"
-          keys:
-            - go-src-v1-{{ .Revision }}
-      - checkout
-      - attach_workspace:
-          at: /tmp/workspace
-      - run:
-          name: "Deploy to GitHub"
-          command: |
-            # Setting CIRCLE_TAG because we do not tag the release ourselves.
-            source /tmp/workspace/release-version.source
-            echo "---"
-            ls -la /tmp/workspace/*.zip
-            echo "---"
-            python -u scripts/release_management/sha-files.py
-            echo "---"
-            cat /tmp/workspace/SHA256SUMS
-            echo "---"
-            export RELEASE_ID="`python -u scripts/release_management/github-draft.py`"
-            echo "Release ID: ${RELEASE_ID}"
-            #Todo: Parallelize uploads
-            export GOOS=linux GOARCH=amd64   && python -u scripts/release_management/github-upload.py --id "${RELEASE_ID}"
-            export GOOS=darwin GOARCH=amd64  && python -u scripts/release_management/github-upload.py --id "${RELEASE_ID}"
-            export GOOS=windows GOARCH=amd64 && python -u scripts/release_management/github-upload.py --id "${RELEASE_ID}"
-            export GOOS=linux GOARCH=arm     && python -u scripts/release_management/github-upload.py --id "${RELEASE_ID}"
-            python -u scripts/release_management/github-upload.py --file "/tmp/workspace/SHA256SUMS" --id "${RELEASE_ID}"
-            python -u scripts/release_management/github-publish.py --id "${RELEASE_ID}"
-
-  release_docker:
-    machine:
-      image: ubuntu-1604:201903-01
-    steps:
-      - checkout
-      - attach_workspace:
-          at: /tmp/workspace
-      - run:
-          name: "Deploy to Docker Hub"
-          command: |
-            # Setting CIRCLE_TAG because we do not tag the release ourselves.
-            source /tmp/workspace/release-version.source
-            cp /tmp/workspace/tendermint_linux_amd64 DOCKER/tendermint
-            docker build --label="tendermint" --tag="tendermint/tendermint:${CIRCLE_TAG}" --tag="tendermint/tendermint:latest" "DOCKER"
-            docker login -u "${DOCKERHUB_USER}" --password-stdin \<<< "${DOCKERHUB_PASS}"
-            docker push "tendermint/tendermint"
-            docker logout
-
-  reproducible_builds:
-    executor: golang
-    steps:
-      - attach_workspace:
-          at: /tmp/workspace
-      - checkout
-      - setup_remote_docker:
-          docker_layer_caching: true
-      - run:
-          name: Build tendermint
-          no_output_timeout: 20m
-          command: |
-            sudo apt-get update
-            sudo apt-get install -y ruby
-            bash -x ./scripts/gitian-build.sh all
-            for os in darwin linux windows; do
-              cp gitian-build-${os}/result/tendermint-${os}-res.yml .
-              cp gitian-build-${os}/build/out/tendermint-*.tar.gz .
-              rm -rf gitian-build-${os}/
-            done
-      - store_artifacts:
-          path: /go/src/github.com/tendermint/tendermint/tendermint-darwin-res.yml
-      - store_artifacts:
-          path: /go/src/github.com/tendermint/tendermint/tendermint-linux-res.yml
-      - store_artifacts:
-          path: /go/src/github.com/tendermint/tendermint/tendermint-windows-res.yml
-      - store_artifacts:
-          path: /go/src/github.com/tendermint/tendermint/tendermint-*.tar.gz
-
-  # # Test RPC implementation against the swagger documented specs
-  # contract_tests:
-  #   working_directory: /home/circleci/.go_workspace/src/github.com/tendermint/tendermint
-  #   machine:
-  #     image: circleci/classic:latest
-  #   environment:
-  #     GOBIN: /home/circleci/.go_workspace/bin
-  #     GOPATH: /home/circleci/.go_workspace/
-  #     GOOS: linux
-  #     GOARCH: amd64
-  #   parallelism: 1
-  #   steps:
-  #     - checkout
-  #     - run:
-  #         name: Test RPC endpoints against swagger documentation
-  #         command: |
-  #           set -x
-  #           export PATH=~/.local/bin:$PATH
-  #           # install node and dredd
-  #           ./scripts/get_nodejs.sh
-  #           # build the binaries with a proper version of Go
-  #           docker run --rm -v "$PWD":/go/src/github.com/tendermint/tendermint -w /go/src/github.com/tendermint/tendermint golang make build-linux build-contract-tests-hooks
-  #           # This docker image works with go 1.7, we can install here the hook handler that contract-tests is going to use
-  #           go get github.com/snikch/goodman/cmd/goodman
-  #           make contract-tests
-
-workflows:
-  version: 2
-  test-suite:
-    jobs:
-      - deploy_docs:
-          context: tendermint-docs
-          filters:
-            branches:
-              only:
-                - master
-            tags:
-              only:
-                - /^v.*/
-      - deploy_docs:
-          context: tendermint-docs-staging
-          filters:
-            branches:
-              only:
-                - docs-theme-latest
-      - setup_dependencies
-      - test_abci_apps:
-          requires:
-            - setup_dependencies
-      - proto-breakage
-      - proto-lint
-      - test_abci_cli:
-          requires:
-            - setup_dependencies
-      - test_apps:
-          requires:
-            - setup_dependencies
-      - test_cover:
-          requires:
-            - setup_dependencies
-      - test_persistence:
-          requires:
-            - setup_dependencies
-      - localnet:
-          requires:
-            - setup_dependencies
-      - test_p2p
-      - test_p2p:
-          name: test_p2p_ipv6
-          ipv: 6
-      - upload_coverage:
-          requires:
-            - test_cover
-      - reproducible_builds:
-          filters:
-            branches:
-              only:
-                - master
-                - /v[0-9]+\.[0-9]+/
-      # - contract_tests:
-      #     requires:
-      #       - setup_dependencies
-
-  release:
-    jobs:
-      - prepare_build
-      - build_artifacts:
-          requires:
-            - prepare_build
-      - release_artifacts:
-          requires:
-            - prepare_build
-            - build_artifacts
-          filters:
-            branches:
-              only:
-                - /v[0-9]+\.[0-9]+/
-      - release_docker:
-          requires:
-            - prepare_build
-            - build_artifacts
-          filters:
-            branches:
-              only:
-                - /v[0-9]+\.[0-9]+/
-                - master
--- a/.clang-format
+++ b/.clang-format
@@ -0,0 +1,11 @@
+---
+Language: Proto
+BasedOnStyle: Google
+IndentWidth: 2
+ColumnLimit: 0
+AlignConsecutiveAssignments: true
+AlignConsecutiveDeclarations: true
+SpacesInSquareBrackets: true
+ReflowComments:  true
+SortIncludes:    true
+SortUsingDeclarations: true
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+build
+test/e2e/build
+test/e2e/networks
+test/logs
+test/p2p/data
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,9 +1,12 @@
 # CODEOWNERS: https://help.github.com/articles/about-codeowners/

-# Everything goes through Bucky, Anton, Tess. For now.
-*       @ebuchman @melekes @tessr
+# Everything goes through the following "global owners" by default.
+# Unless a later match takes precedence, these three will be
+# requested for review when someone opens a PR.
+# Note that the last matching pattern takes precedence, so
+# global owners are only requested if there isn't a more specific
+# codeowner specified below. For this reason, the global codeowners
+# are often repeated in package-level definitions.
+*     @ebuchman @tendermint/tendermint-engineering

-# Precious documentation
-/docs/README.md  @zramsay
-/docs/DOCS_README.md  @zramsay
-/docs/.vuepress/  @zramsay
+/spec @ebuchman @tendermint/tendermint-research @tendermint/tendermint-engineering
--- a/.github/ISSUE_TEMPLATE/bug-report.md
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -1,13 +1,18 @@
 ---
-name: Bug Report
+name: Bug report
 about: Create a report to help us squash bugs!

 ---
 <!--
+
 Please fill in as much of the template below as you can.

-Be ready for followup questions, and please respond in a timely
-manner. We might ask you to provide additional logs and data (tendermint & app).
+If you have general questions, please create a new discussion:
+https://github.com/tendermint/tendermint/discussions
+
+Be ready for followup questions, and please respond in a timely manner. We might
+ask you to provide additional logs and data (tendermint & app).
+
 -->

 **Tendermint version** (use `tendermint version` or `git rev-parse --verify HEAD` if installed from source):
@@ -37,6 +42,6 @@ manner. We might ask you to provide additional logs and data (tendermint & app).

 **node command runtime flags**:

-**`/dump_consensus_state` output for consensus bugs**
+**Please provide the output from the `http://<ip>:<port>/dump_consensus_state` RPC endpoint for consensus bugs**

 **Anything else we need to know**:
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,5 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Ask a question
+    url: https://github.com/tendermint/tendermint/discussions
+    about: Please ask and answer questions here
--- a/.github/ISSUE_TEMPLATE/feature-request.md
+++ b/.github/ISSUE_TEMPLATE/feature-request.md
@@ -1,5 +1,5 @@
 ---
-name: Feature Request
+name: Feature request
 about: Create a proposal to request a feature

 ---
@@ -25,12 +25,3 @@ Are there any disadvantages of including this feature? -->
 ## Proposal

 <!-- Detailed description of requirements of implementation -->
-
-____
-
-#### For Admin Use
-
- [ ] Not duplicate issue
- [ ] Appropriate labels applied
- [ ] Appropriate contributors tagged
- [ ] Contributor assigned/self-assigned
--- a/.github/ISSUE_TEMPLATE/proposal.md
+++ b/.github/ISSUE_TEMPLATE/proposal.md
@@ -0,0 +1,28 @@
+---
+name: Protocol change proposal
+about: Create a proposal to request a change to the protocol
+
+---
+
+<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺ 
+v                            ✰  Thanks for opening an issue! ✰    
+v    Before smashing the submit button please review the template.
+v    Word of caution: Under-specified proposals may be rejected summarily 
+☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
+
+# Protocol Change Proposal
+
+## Summary
+
+<!-- Short, concise description of the proposed change -->
+
+## Problem Definition
+
+<!-- Why do we need this change? 
+What problems may be addressed by introducing this change?
+What benefits does Tendermint stand to gain by including this change?
+Are there any disadvantages of including this change? -->
+
+## Proposal
+
+<!-- Detailed description of requirements of implementation -->
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,24 +1,32 @@
-<!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺
-v                               ✰  Thanks for creating a PR! ✰    
-v    Before smashing the submit button please review the checkboxes.
-v    If a checkbox is n/a - please still include it but + a little note why
-☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
+<!--

-Closes: #XXX
+Please add a reference to the issue that this PR addresses and indicate which
+files are most critical to review. If it fully addresses a particular issue,
+please include "Closes #XXX" (where "XXX" is the issue number).

-## Description
+If this PR is non-trivial/large/complex, please ensure that you have either
+created an issue that the team's had a chance to respond to, or had some
+discussion with the team prior to submitting substantial pull requests. The team
+can be reached via GitHub Discussions or the Cosmos Network Discord server in
+the #tendermint-core channel. GitHub Discussions is preferred over Discord as it
+allows us to keep track of conversations topically.
+https://github.com/tendermint/tendermint/discussions
+
+If the work in this PR is not aligned with the team's current priorities, please
+be advised that it may take some time before it is merged - especially if it has
+not yet been discussed with the team.
+
+See the project board for the team's current priorities:
+https://github.com/orgs/tendermint/projects/15/views/5

-<!-- Add a description of the changes that this PR introduces and the files that
-are the most critical to review.
 -->

+---

-______
+#### PR checklist

-For contributor use:
+- [ ] Tests written/updated, or no tests needed
+- [ ] `CHANGELOG_PENDING.md` updated, or no changelog entry needed
+- [ ] Updated relevant documentation (`docs/`) and code comments, or no
+      documentation updates needed

- [ ] Wrote tests
- [ ] Updated CHANGELOG_PENDING.md
- [ ] Linked to Github issue with discussion and accepted design OR link to spec that describes this work.
- [ ] Updated relevant documentation (`docs/`) and code comments
- [ ] Re-reviewed `Files changed` in the Github PR explorer
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@@ -0,0 +1,25 @@
+coverage:
+  precision: 2
+  round: down
+  range: "70...100"
+  status:
+    project:
+      default:
+        threshold: 20%
+    patch: off
+    changes: off
+
+github_checks:
+  annotations: false
+
+comment: false
+
+ignore:
+  - "docs"
+  - "DOCKER"
+  - "scripts"
+  - "**/*.pb.go"
+  - "libs/pubsub/query/query.peg.go"
+  - "*.md"
+  - "*.rst"
+  - "*.yml"
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,75 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    target-branch: "main"
+    open-pull-requests-limit: 10
+    labels:
+      - T:dependencies
+      - S:automerge
+
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    target-branch: "v0.37.x"
+    open-pull-requests-limit: 10
+    labels:
+      - T:dependencies
+      - S:automerge
+
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    target-branch: "v0.34.x"
+    open-pull-requests-limit: 10
+    labels:
+      - T:dependencies
+      - S:automerge
+
+  - package-ecosystem: npm
+    directory: "/docs"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 10
+
+  ###################################
+  ##
+  ## Update All Go Dependencies
+
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: weekly
+    target-branch: "main"
+    open-pull-requests-limit: 10
+    labels:
+      - T:dependencies
+      - S:automerge
+
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: daily
+    target-branch: "v0.37.x"
+    # Only allow automated security-related dependency updates on release
+    # branches.
+    open-pull-requests-limit: 0
+    labels:
+      - T:dependencies
+      - S:automerge
+
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: daily
+    target-branch: "v0.34.x"
+    # Only allow automated security-related dependency updates on release
+    # branches.
+    open-pull-requests-limit: 0
+    labels:
+      - T:dependencies
+      - S:automerge
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -0,0 +1,6 @@
+<!--
+
+If you want to ask a general question, please create a new discussion instead of
+an issue: https://github.com/tendermint/tendermint/discussions
+
+-->
--- a/.github/linters/markdownlint.yml
+++ b/.github/linters/markdownlint.yml
@@ -0,0 +1,15 @@
+# markdownlint configuration for Super-Linter
+# - https://github.com/DavidAnson/markdownlint
+# - https://github.com/github/super-linter
+
+# Default state for all rules
+default: true
+
+# See https://github.com/DavidAnson/markdownlint#rules--aliases for rules
+MD007: {"indent": 4}
+MD013: false
+MD024: {siblings_only: true}
+MD025: false
+MD033: {no-inline-html: false}
+no-hard-tabs: false
+whitespace: false
--- a/.github/linters/yaml-lint.yml
+++ b/.github/linters/yaml-lint.yml
@@ -0,0 +1,9 @@
+---
+# Default rules for YAML linting from super-linter.
+# See: See https://yamllint.readthedocs.io/en/stable/rules.html
+extends: default
+rules:
+  document-end: disable
+  document-start: disable
+  line-length: disable
+  truthy: disable
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -0,0 +1,35 @@
+queue_rules:
+  - name: default
+    conditions:
+      - base=main
+      - label=S:automerge
+
+pull_request_rules:
+  - name: Automerge to main
+    conditions:
+      - base=main
+      - label=S:automerge
+    actions:
+      queue:
+        method: squash
+        name: default
+        commit_message_template: |
+          {{ title }} (#{{ number }})
+
+          {{ body }}
+  - name: backport patches to v0.37.x branch
+    conditions:
+      - base=main
+      - label=S:backport-to-v0.37.x
+    actions:
+      backport:
+        branches:
+          - v0.37.x
+  - name: backport patches to v0.34.x branch
+    conditions:
+      - base=main
+      - label=S:backport-to-v0.34.x
+    actions:
+      backport:
+        branches:
+          - v0.34.x
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -1,47 +0,0 @@
-# Configuration for probot-stale - https://github.com/probot/stale
-
-# Number of days of inactivity before an Issue or Pull Request becomes stale
-daysUntilStale: 60
-
-# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
-# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale.
-daysUntilClose: 9
-
-# Only issues or pull requests with all of these labels are check if stale. Defaults to `[]` (disabled)
-onlyLabels: []
-
-# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
-exemptLabels:
-  - major-release
-
-# Set to true to ignore issues in a project (defaults to false)
-exemptProjects: true
-
-# Set to true to ignore issues in a milestone (defaults to false)
-exemptMilestones: true
-
-# Set to true to ignore issues with an assignee (defaults to false)
-exemptAssignees: false
-
-# Label to use when marking as stale
-staleLabel: stale
-
-# Comment to post when marking as stale. Set to `false` to disable
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-
-# Limit the number of actions per hour, from 1-30. Default is 30
-limitPerRun: 30
-
-Limit to only `issues` or `pulls`
-only: pulls
-
-Optionally, specify configuration settings that are specific to just 'issues' or 'pulls':
-pulls:
-  daysUntilStale: 30
-  markComment: >
-    This pull request has been automatically marked as stale because it has not had
-    recent activity. It will be closed if no further activity occurs. Thank you
-    for your contributions.
--- a/.github/workflows/action.yml
+++ b/.github/workflows/action.yml
@@ -1,10 +0,0 @@
-name: Check Markdown links
-on: push
-jobs:
-  markdown-link-check:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@master
-      - uses: gaurav-nelson/github-action-markdown-link-check@0.6.0
-        with:
-          folder-path: "docs"
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -0,0 +1,82 @@
+name: Build
+# Tests runs different tests (test_abci_apps, test_abci_cli, test_apps)
+# This workflow runs on every push to main or release branch and  every pull requests
+# All jobs will pass without running if no *{.go, .mod, .sum} files have been modified
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - release/**
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        goarch: ["arm", "amd64"]
+        goos: ["linux"]
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/*.go
+            "!test/"
+            go.mod
+            go.sum
+            Makefile
+      - name: install
+        run: GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} make build
+        if: "env.GIT_DIFF != ''"
+
+  test_abci_cli:
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/*.go
+            go.mod
+            go.sum
+      - name: install
+        run: make install_abci
+        if: "env.GIT_DIFF != ''"
+      - run: abci/tests/test_cli/test.sh
+        shell: bash
+        if: "env.GIT_DIFF != ''"
+
+  test_apps:
+    runs-on: ubuntu-latest
+    needs: build
+    timeout-minutes: 5
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/*.go
+            go.mod
+            go.sum
+      - name: install
+        run: make install install_abci
+        if: "env.GIT_DIFF != ''"
+      - name: test_apps
+        run: test/app/test.sh
+        shell: bash
+        if: "env.GIT_DIFF != ''"
--- a/.github/workflows/check-generated.yml
+++ b/.github/workflows/check-generated.yml
@@ -0,0 +1,73 @@
+# Verify that generated code is up-to-date.
+#
+# Note that we run these checks regardless whether the input files have
+# changed, because generated code can change in response to toolchain updates
+# even if no files in the repository are modified.
+name: Check generated code
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  check-mocks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+
+      - uses: actions/checkout@v3
+
+      - name: "Check generated mocks"
+        run: |
+          set -euo pipefail
+
+          make mockery 2>/dev/null
+
+          if ! git diff --stat --exit-code ; then
+            echo ">> ERROR:"
+            echo ">>"
+            echo ">> Generated mocks require update (either Mockery or source files may have changed)."
+            echo ">> Ensure your tools are up-to-date, re-run 'make mockery' and update this PR."
+            echo ">>"
+            exit 1
+          fi
+
+  check-proto:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 1 # we need a .git directory to run git diff
+
+      - name: "Check protobuf generated code"
+        run: |
+          set -euo pipefail
+
+          # Install buf and gogo tools, so that differences that arise from
+          # toolchain differences are also caught.
+          readonly tools="$(mktemp -d)"
+          export PATH="${PATH}:${tools}/bin"
+          export GOBIN="${tools}/bin"
+
+          go install github.com/bufbuild/buf/cmd/buf
+          go install github.com/cosmos/gogoproto/protoc-gen-gogofaster@latest
+
+          make proto-gen
+
+          if ! git diff --stat --exit-code ; then
+            echo ">> ERROR:"
+            echo ">>"
+            echo ">> Protobuf generated code requires update (either tools or .proto files may have changed)."
+            echo ">> Ensure your tools are up-to-date, re-run 'make proto-gen' and update this PR."
+            echo ">>"
+            exit 1
+          fi
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,60 @@
+name: Docker
+# Build & Push rebuilds the Tendermint docker image on every push to main and creation of tags
+# and pushes the image to https://hub.docker.com/r/tendermint/tendermint
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"               # Push events to matching v*, i.e. v1.0, v20.15.10
+      - "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"  # e.g. v0.37.0-alpha.1, v0.38.0-alpha.10
+      - "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"   # e.g. v0.37.0-beta.1, v0.38.0-beta.10
+      - "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"      # e.g. v0.37.0-rc1, v0.38.0-rc10
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Prepare
+        id: prep
+        run: |
+          DOCKER_IMAGE=tendermint/tendermint
+          VERSION=noop
+          if [[ $GITHUB_REF == refs/tags/* ]]; then
+            VERSION=${GITHUB_REF#refs/tags/}
+          elif [[ $GITHUB_REF == refs/heads/* ]]; then
+            VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
+            if [ "${{ github.event.repository.default_branch }}" = "$VERSION" ]; then
+              VERSION=latest
+            fi
+          fi
+          TAGS="${DOCKER_IMAGE}:${VERSION}"
+          if [[ $VERSION =~ ^v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+            TAGS="$TAGS,${DOCKER_IMAGE}:${VERSION}"
+          fi
+          echo ::set-output name=tags::${TAGS}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@master
+        with:
+          platforms: all
+
+      - name: Set up Docker Build
+        uses: docker/setup-buildx-action@v2.2.1
+
+      - name: Login to DockerHub
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@v2.1.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Publish to Docker Hub
+        uses: docker/build-push-action@v3.2.0
+        with:
+          context: .
+          file: ./DOCKER/Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.prep.outputs.tags }}
--- a/.github/workflows/docs-deployment.yml
+++ b/.github/workflows/docs-deployment.yml
@@ -0,0 +1,63 @@
+# Build and deploy the docs.tendermint.com website content.
+# The static content is published to GitHub Pages.
+#
+# For documentation build info, see docs/DOCS_README.md.
+name: Build static documentation site
+on:
+  workflow_dispatch:  # allow manual updates
+  push:
+    branches:
+      - main
+      - v0.34.x
+    paths:
+      - docs/**
+      - spec/**
+
+jobs:
+  # This is split into two jobs so that the build, which runs npm, does not
+  # have write access to anything. The deploy requires write access to publish
+  # to the branch used by GitHub Pages, however, so we can't just make the
+  # whole workflow read-only.
+  build:
+    name: VuePress build
+    runs-on: ubuntu-latest
+    container:
+      image: alpine:latest
+    permissions:
+      contents: read
+    steps:
+      - name: Install generator dependencies
+        run: |
+          apk add --no-cache make bash git npm
+      - uses: actions/checkout@v3
+        with:
+          # We need to fetch full history so the backport branches for previous
+          # versions will be available for the build.
+          fetch-depth: 0
+      - name: Build documentation
+        run: |
+          git config --global --add safe.directory "$PWD"
+          make build-docs
+      - uses: actions/upload-artifact@v3
+        with:
+          name: build-output
+          path: /tmp/tendermint-core-docs
+
+  deploy:
+    name: Deploy to GitHub Pages
+    runs-on: ubuntu-latest
+    needs: build
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/download-artifact@v3
+        with:
+          name: build-output
+          path: ~/output
+      - name: Deploy to GitHub Pages
+        uses: JamesIves/github-pages-deploy-action@v4
+        with:
+          branch: 'docs-tendermint-com'
+          folder: ~/output
+          single-commit: true
--- a/.github/workflows/docs-toc.yml
+++ b/.github/workflows/docs-toc.yml
@@ -0,0 +1,20 @@
+# Verify that important design docs have ToC entries.
+name: Check documentation ToC
+on:
+  pull_request:
+    push:
+      branches:
+        - main
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            docs/architecture/**
+            docs/rfc/**
+      - run: make check-docs-toc
+        if: env.GIT_DIFF
--- a/.github/workflows/e2e-manual.yml
+++ b/.github/workflows/e2e-manual.yml
@@ -0,0 +1,36 @@
+# Runs randomly generated E2E testnets nightly on main
+# manually run e2e tests
+name: e2e-manual
+on:
+  workflow_dispatch:
+
+jobs:
+  e2e-nightly-test:
+    # Run parallel jobs for the listed testnet groups (must match the
+    # ./build/generator -g flag)
+    strategy:
+      fail-fast: false
+      matrix:
+        group: ['00', '01', '02', '03']
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - uses: actions/checkout@v3
+
+      - name: Build
+        working-directory: test/e2e
+        # Run make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker generator runner tests
+
+      - name: Generate testnets
+        working-directory: test/e2e
+        # When changing -g, also change the matrix groups above
+        run: ./build/generator -g 5 -d networks/nightly/
+
+      - name: Run ${{ matrix.p2p }} p2p testnets
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/nightly/*-group${{ matrix.group }}-*.toml
--- a/.github/workflows/e2e-nightly-34x.yml
+++ b/.github/workflows/e2e-nightly-34x.yml
@@ -0,0 +1,79 @@
+# Runs randomly generated E2E testnets nightly on the 0.34.x branch.
+
+# !! This file should be kept in sync with the e2e-nightly-main.yml file,
+# modulo changes to the version labels.
+
+name: e2e-nightly-34x
+on:
+  schedule:
+    - cron: '0 2 * * *'
+
+jobs:
+  e2e-nightly-test:
+    # Run parallel jobs for the listed testnet groups (must match the
+    # ./build/generator -g flag)
+    strategy:
+      fail-fast: false
+      matrix:
+        group: ['00', '01']
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - uses: actions/checkout@v3
+        with:
+          ref: 'v0.34.x'
+
+      - name: Capture git repo info
+        id: git-info
+        run: |
+          echo "::set-output name=branch::`git branch --show-current`"
+          echo "::set-output name=commit::`git rev-parse HEAD`"
+
+      - name: Build
+        working-directory: test/e2e
+        # Run make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker generator runner
+
+      - name: Generate testnets
+        working-directory: test/e2e
+        # When changing -g, also change the matrix groups above
+        run: ./build/generator -g 2 -d networks/nightly
+
+      - name: Run testnets in group ${{ matrix.group }}
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/nightly/*-group${{ matrix.group }}-*.toml
+
+    outputs:
+      git-branch: ${{ steps.git-info.outputs.branch }}
+      git-commit: ${{ steps.git-info.outputs.commit }}
+
+  e2e-nightly-fail:
+    needs: e2e-nightly-test
+    if: ${{ failure() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack on failure
+        uses: slackapi/slack-github-action@v1.23.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          BRANCH: ${{ needs.e2e-nightly-test.outputs.git-branch }}
+          RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+          COMMIT_URL: "${{ github.server_url }}/${{ github.repository }}/commit/${{ needs.e2e-nightly-test.outputs.git-commit }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":skull: Nightly E2E tests for `${{ env.BRANCH }}` failed. See the <${{ env.RUN_URL }}|run details> and the <${{ env.COMMIT_URL }}|commit> related to the failure."
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/e2e-nightly-37x.yml
+++ b/.github/workflows/e2e-nightly-37x.yml
@@ -0,0 +1,79 @@
+# Runs randomly generated E2E testnets nightly on the v0.37.x branch.
+
+# !! This file should be kept in sync with the e2e-nightly-main.yml file,
+# modulo changes to the version labels.
+
+name: e2e-nightly-37x
+on:
+  schedule:
+    - cron: '0 2 * * *'
+
+jobs:
+  e2e-nightly-test:
+    # Run parallel jobs for the listed testnet groups (must match the
+    # ./build/generator -g flag)
+    strategy:
+      fail-fast: false
+      matrix:
+        group: ['00', '01', '02', '03', "04"]
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - uses: actions/checkout@v3
+        with:
+          ref: 'v0.37.x'
+
+      - name: Capture git repo info
+        id: git-info
+        run: |
+          echo "::set-output name=branch::`git branch --show-current`"
+          echo "::set-output name=commit::`git rev-parse HEAD`"
+
+      - name: Build
+        working-directory: test/e2e
+        # Run make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker generator runner tests
+
+      - name: Generate testnets
+        working-directory: test/e2e
+        # When changing -g, also change the matrix groups above
+        run: ./build/generator -g 5 -d networks/nightly/
+
+      - name: Run ${{ matrix.p2p }} p2p testnets
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/nightly/*-group${{ matrix.group }}-*.toml
+
+    outputs:
+      git-branch: ${{ steps.git-info.outputs.branch }}
+      git-commit: ${{ steps.git-info.outputs.commit }}
+
+  e2e-nightly-fail:
+    needs: e2e-nightly-test
+    if: ${{ failure() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack on failure
+        uses: slackapi/slack-github-action@v1.23.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          BRANCH: ${{ needs.e2e-nightly-test.outputs.git-branch }}
+          RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+          COMMIT_URL: "${{ github.server_url }}/${{ github.repository }}/commit/${{ needs.e2e-nightly-test.outputs.git-commit }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":skull: Nightly E2E tests for `${{ env.BRANCH }}` failed. See the <${{ env.RUN_URL }}|run details> and the <${{ env.COMMIT_URL }}|commit> related to the failure."
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/e2e-nightly-main.yml
+++ b/.github/workflows/e2e-nightly-main.yml
@@ -0,0 +1,68 @@
+# Runs randomly generated E2E testnets nightly on main
+
+# !! Relevant changes to this file should be propagated to the e2e-nightly-<V>x
+# files for the supported backport branches, when appropriate, modulo version
+# markers.
+
+name: e2e-nightly-main
+on:
+  schedule:
+    - cron: '0 2 * * *'
+
+jobs:
+  e2e-nightly-test:
+    # Run parallel jobs for the listed testnet groups (must match the
+    # ./build/generator -g flag)
+    strategy:
+      fail-fast: false
+      matrix:
+        group: ['00', '01', '02', '03', "04"]
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - uses: actions/checkout@v3
+
+      - name: Build
+        working-directory: test/e2e
+        # Run make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker generator runner tests
+
+      - name: Generate testnets
+        working-directory: test/e2e
+        # When changing -g, also change the matrix groups above
+        run: ./build/generator -g 5 -d networks/nightly/
+
+      - name: Run ${{ matrix.p2p }} p2p testnets
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/nightly/*-group${{ matrix.group }}-*.toml
+
+  e2e-nightly-fail:
+    needs: e2e-nightly-test
+    if: ${{ failure() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack on failure
+        uses: slackapi/slack-github-action@v1.23.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          BRANCH: ${{ github.ref_name }}
+          RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+          COMMIT_URL: "${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":skull: Nightly E2E tests for `${{ env.BRANCH }}` failed. See the <${{ env.RUN_URL }}|run details> and the <${{ env.COMMIT_URL }}|commit> related to the failure."
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -0,0 +1,37 @@
+name: e2e
+# Runs the CI end-to-end test network on all pushes to main or release branches
+# and every pull request, but only if any Go files have been changed.
+on:
+  workflow_dispatch:  # allow running workflow manually
+  pull_request:
+  push:
+    branches:
+      - main
+      - release/**
+
+jobs:
+  e2e-test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/**.go
+            go.mod
+            go.sum
+
+      - name: Build
+        working-directory: test/e2e
+        # Run two make jobs in parallel, since we can't run steps in parallel.
+        run: make -j2 docker runner tests
+        if: "env.GIT_DIFF != ''"
+
+      - name: Run CI testnet
+        working-directory: test/e2e
+        run: ./run-multiple.sh networks/ci.toml
+        if: "env.GIT_DIFF != ''"
--- a/.github/workflows/fuzz-nightly.yml
+++ b/.github/workflows/fuzz-nightly.yml
@@ -0,0 +1,98 @@
+# Runs fuzzing nightly.
+name: Fuzz Tests
+on:
+  workflow_dispatch:  # allow running workflow manually
+  schedule:
+    - cron: '0 3 * * *'
+  pull_request:
+    branches: [main]
+    paths:
+      - "test/fuzz/**/*.go"
+
+jobs:
+  fuzz-nightly-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - uses: actions/checkout@v3
+
+      - name: Install go-fuzz
+        working-directory: test/fuzz
+        run: go install github.com/dvyukov/go-fuzz/go-fuzz@latest github.com/dvyukov/go-fuzz/go-fuzz-build@latest
+
+      - name: Fuzz mempool
+        working-directory: test/fuzz
+        run: timeout -s SIGINT --preserve-status 10m make fuzz-mempool
+        continue-on-error: true
+
+      - name: Fuzz p2p-addrbook
+        working-directory: test/fuzz
+        run: timeout -s SIGINT --preserve-status 10m make fuzz-p2p-addrbook
+        continue-on-error: true
+
+      - name: Fuzz p2p-pex
+        working-directory: test/fuzz
+        run: timeout -s SIGINT --preserve-status 10m make fuzz-p2p-pex
+        continue-on-error: true
+
+      - name: Fuzz p2p-sc
+        working-directory: test/fuzz
+        run: timeout -s SIGINT --preserve-status 10m make fuzz-p2p-sc
+        continue-on-error: true
+
+      - name: Fuzz p2p-rpc-server
+        working-directory: test/fuzz
+        run: timeout -s SIGINT --preserve-status 10m make fuzz-rpc-server
+        continue-on-error: true
+
+      - name: Archive crashers
+        uses: actions/upload-artifact@v3
+        with:
+          name: crashers
+          path: test/fuzz/**/crashers
+          retention-days: 3
+
+      - name: Archive suppressions
+        uses: actions/upload-artifact@v3
+        with:
+          name: suppressions
+          path: test/fuzz/**/suppressions
+          retention-days: 3
+
+      - name: Set crashers count
+        working-directory: test/fuzz
+        run: echo "::set-output name=count::$(find . -type d -name 'crashers' | xargs -I % sh -c 'ls % | wc -l' | awk '{total += $1} END {print total}')"
+        id: set-crashers-count
+
+    outputs:
+      crashers-count: ${{ steps.set-crashers-count.outputs.count }}
+
+  fuzz-nightly-fail:
+    needs: fuzz-nightly-test
+    if: ${{ needs.fuzz-nightly-test.outputs.crashers-count != 0 }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack on failure
+        uses: slackapi/slack-github-action@v1.23.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          BRANCH: ${{ github.ref_name }}
+          CRASHERS: ${{ needs.fuzz-nightly-test.outputs.crashers-count }}
+          RUN_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":skull: Nightly fuzz tests for `${{ env.BRANCH }}` failed with ${{ env.CRASHERS }} crasher(s). See the <${{ env.RUN_URL }}|run details>."
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/janitor.yml
+++ b/.github/workflows/janitor.yml
@@ -0,0 +1,16 @@
+name: Janitor
+# Janitor cleans up previous runs of various workflows
+# To add more workflows to cancel visit https://api.github.com/repos/tendermint/tendermint/actions/workflows and find the actions name
+on:
+  pull_request:
+
+jobs:
+  cancel:
+    name: "Cancel Previous Runs"
+    runs-on: ubuntu-latest
+    timeout-minutes: 3
+    steps:
+      - uses: styfle/cancel-workflow-action@0.11.0
+        with:
+          workflow_id: 1041851,1401230,2837803
+          access_token: ${{ github.token }}
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -0,0 +1,37 @@
+name: Golang Linter
+# Lint runs golangci-lint over the entire Tendermint repository.
+#
+# This workflow is run on every pull request and push to main.
+#
+# The `golangci` job will pass without running if no *.{go, mod, sum}
+# files have been modified.
+#
+# To run this locally, simply run `make lint` from the root of the repo.
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+jobs:
+  golangci:
+    name: golangci-lint
+    runs-on: ubuntu-latest
+    timeout-minutes: 8
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/**.go
+            go.mod
+            go.sum
+      - uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.50.1
+          args: --timeout 10m
+          github-token: ${{ secrets.github_token }}
+        if: env.GIT_DIFF
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -0,0 +1,32 @@
+name: Markdown Linter
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "**.md"
+      - "**.yml"
+      - "**.yaml"
+  pull_request:
+    branches: [main]
+    paths:
+      - "**.md"
+      - "**.yml"
+
+jobs:
+  build:
+    name: Super linter
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+      - name: Lint Code Base
+        uses: docker://github/super-linter:v4
+        env:
+          VALIDATE_ALL_CODEBASE: true
+          DEFAULT_BRANCH: main
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          VALIDATE_MD: true
+          VALIDATE_OPENAPI: true
+          VALIDATE_YAML: true
+          YAML_CONFIG_FILE: yaml-lint.yml
--- a/.github/workflows/markdown-links.yml
+++ b/.github/workflows/markdown-links.yml
@@ -0,0 +1,20 @@
+name: Check Markdown links
+
+on:
+  schedule:
+    # 2am UTC daily
+    - cron: '0 2 * * *'
+
+jobs:
+  markdown-link-check:
+    strategy:
+      matrix:
+        branch: ['main', 'v0.37.x', 'v0.34.x']
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ matrix.branch }}
+      - uses: informalsystems/github-action-markdown-link-check@main
+        with:
+          config-file: '.md-link-check.json'
--- a/.github/workflows/pre-release.yml
+++ b/.github/workflows/pre-release.yml
@@ -0,0 +1,65 @@
+name: "Pre-release"
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"  # e.g. v0.37.0-alpha.1, v0.38.0-alpha.10
+      - "v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"   # e.g. v0.37.0-beta.1, v0.38.0-beta.10
+      - "v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"      # e.g. v0.37.0-rc1, v0.38.0-rc10
+
+jobs:
+  prerelease:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - name: Build
+        uses: goreleaser/goreleaser-action@v3
+        if: ${{ github.event_name == 'pull_request' }}
+        with:
+          version: latest
+          args: build --skip-validate   # skip validate skips initial sanity checks in order to be able to fully run
+
+      # Link to CHANGELOG_PENDING.md as release notes.
+      - run: echo https://github.com/tendermint/tendermint/blob/${GITHUB_REF#refs/tags/}/CHANGELOG_PENDING.md > ../release_notes.md
+
+      - name: Release
+        uses: goreleaser/goreleaser-action@v3
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          version: latest
+          args: release --rm-dist --release-notes=../release_notes.md
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  prerelease-success:
+    needs: prerelease
+    if: ${{ success() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack upon pre-release
+        uses: slackapi/slack-github-action@v1.22.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          RELEASE_URL: "${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":sparkles: New Tendermint pre-release: <${{ env.RELEASE_URL }}|${{ github.ref_name }}>"
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/proto-lint.yml
+++ b/.github/workflows/proto-lint.yml
@@ -0,0 +1,21 @@
+name: Protobuf Lint
+on:
+  pull_request:
+    paths:
+      - 'proto/**'
+  push:
+    branches:
+      - main
+    paths:
+      - 'proto/**'
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    steps:
+      - uses: actions/checkout@v3
+      - uses: bufbuild/buf-setup-action@v1.9.0
+      - uses: bufbuild/buf-lint-action@v1
+        with:
+          input: 'proto'
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,62 @@
+name: "Release"
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"  # Push events to matching v*, i.e. v1.0, v20.15.10
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.18'
+
+      - name: Build
+        uses: goreleaser/goreleaser-action@v3
+        if: ${{ github.event_name == 'pull_request' }}
+        with:
+          version: latest
+          args: build --skip-validate   # skip validate skips initial sanity checks in order to be able to fully run
+
+      - run: echo https://github.com/tendermint/tendermint/blob/${GITHUB_REF#refs/tags/}/CHANGELOG.md#${GITHUB_REF#refs/tags/} > ../release_notes.md
+
+      - name: Release
+        uses: goreleaser/goreleaser-action@v3
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          version: latest
+          args: release --rm-dist --release-notes=../release_notes.md
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  release-success:
+    needs: release
+    if: ${{ success() }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Notify Slack upon release
+        uses: slackapi/slack-github-action@v1.22.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+          RELEASE_URL: "${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ github.ref_name }}"
+        with:
+          payload: |
+            {
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": ":rocket: New Tendermint release: <${{ env.RELEASE_URL }}|${{ github.ref_name }}>"
+                  }
+                }
+              ]
+            }
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -0,0 +1,20 @@
+name: "Close stale pull requests"
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v6
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          stale-pr-message: "This pull request has been automatically marked as stale because it has not had
+    recent activity. It will be closed if no further activity occurs. Thank you
+    for your contributions."
+          days-before-stale: -1
+          days-before-close: -1
+          days-before-pr-stale: 10
+          days-before-pr-close: 4
+          exempt-pr-labels: "S:wip"
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,34 @@
+name: Test
+on:
+  pull_request:
+  push:
+    paths:
+      - "**.go"
+    branches:
+      - main
+      - release/**
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        part: ["00", "01", "02", "03", "04", "05"]
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: "1.18"
+      - uses: actions/checkout@v3
+      - uses: technote-space/get-diff-action@v6
+        with:
+          PATTERNS: |
+            **/**.go
+            "!test/"
+            go.mod
+            go.sum
+            Makefile
+      - name: Run Go Tests
+        run: |
+          make test-group-${{ matrix.part }} NUM_SPLIT=6
+        if: env.GIT_DIFF
--- a/.gitignore
+++ b/.gitignore
@@ -1,48 +1,59 @@
-*.swp
-*.swo
-.bak
 *.bak
+*.iml
+*.log
+*.swo
+*.swp
+*/.glide
+*/vendor
 .DS_Store
-build/*
-rpc/test/.tendermint
-.tendermint
-remote_dump
+.bak
+.idea/
 .revision
-vendor
+.tendermint
+.tendermint-lite
+.terraform
 .vagrant
-test/p2p/data/
-test/logs
+.vendor-new/
+.vscode/
+abci/abci-cli
+addrbook.json
+artifacts/*
+build/*
 coverage.txt
+docs/.vuepress/dist
 docs/_build
 docs/dist
-docs/.vuepress/dist
-*.log
-abci-cli
 docs/node_modules/
+docs/spec
+docs/.vuepress/public/rpc
 index.html.md
-
-scripts/wal2json/wal2json
-scripts/cutWALUntil/cutWALUntil
-
-.idea/
-*.iml
-
-.vscode/
-
 libs/pubsub/query/fuzz_test/output
+profile\.out
+remote_dump
+rpc/test/.tendermint
+scripts/cutWALUntil/cutWALUntil
+scripts/wal2json/wal2json
 shunit2
-
-.tendermint-lite
-addrbook.json
-
-*/vendor
-.vendor-new/
-*/.glide
-.terraform
 terraform.tfstate
 terraform.tfstate.backup
 terraform.tfstate.d
-
-.vscode
-
-profile\.out
+test/app/grpc_client
+test/loadtime/build
+test/e2e/build
+test/e2e/networks/*/
+test/logs
+test/p2p/data/
+vendor
+test/fuzz/**/corpus
+test/fuzz/**/crashers
+test/fuzz/**/suppressions
+test/fuzz/**/*.zip
+proto/spec/**/*.pb.go
+*.aux
+*.bbl
+*.blg
+*.pdf
+*.gz
+*.dvi
+# Python virtual environments
+.venv
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,70 +1,44 @@
 linters:
  enable:
+    - asciicheck
    - bodyclose
-    - deadcode
    - depguard
    - dogsled
    - dupl
-    # - errcheck
-    # - funlen
-    # - gochecknoglobals
-    # - gochecknoinits
+    - errcheck
+    - exportloopref
    - goconst
-    - gocritic
-    # - gocyclo
-    # - godox
    - gofmt
    - goimports
-    - golint
+    - revive
    - gosec
    - gosimple
    - govet
    - ineffassign
-    - interfacer
-    - lll
    - misspell
-    # - maligned
    - nakedret
+    - nolintlint
    - prealloc
-    - scopelint
    - staticcheck
-    - structcheck
+    # - structcheck // to be fixed by golangci-lint
    - stylecheck
    - typecheck
    - unconvert
-    # - unparam
    - unused
-    - varcheck
-    # - whitespace
-    # - wsl
-    # - gocognit
-  disable:
-    - errcheck

 issues:
  exclude-rules:
-    - linters:
-        - lll
-      source: "https://"
+    - path: _test\.go
+      linters:
+        - gosec
+  max-same-issues: 50

 linters-settings:
  dogsled:
    max-blank-identifiers: 3
-  maligned:
-    suggest-new: true
-  # govet:
-  #   check-shadowing: true
  golint:
    min-confidence: 0
-#   gocyclo:
-#     min-complexity: 10
-#   misspell:
-#     locale: US
-#   gocritic:
-#     enabled-tags:
-#       - performance
-#       - style
-#       - experimental
-#     disabled-checks:
-#       - wrapperFunc
-#       - commentFormatting # https://github.com/go-critic/go-critic/issues/755
+  maligned:
+    suggest-new: true
+  misspell:
+    locale: US
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -0,0 +1,37 @@
+project_name: tendermint
+
+env:
+  # Require use of Go modules.
+  - GO111MODULE=on
+
+builds:
+  - id: "tendermint"
+    main: ./cmd/tendermint/main.go
+    ldflags:
+      - -s -w -X github.com/tendermint/tendermint/version.TMCoreSemVer={{ .Version }}
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - darwin
+      - linux
+      - windows
+    goarch:
+      - amd64
+      - arm
+      - arm64
+
+checksum:
+  name_template: SHA256SUMS-{{.Version}}.txt
+  algorithm: sha256
+
+release:
+  prerelease: auto
+  name_template: "{{.Version}}"
+
+archives:
+  - files:
+      - LICENSE
+      - README.md
+      - UPGRADING.md
+      - SECURITY.md
+      - CHANGELOG.md
--- a/.markdownlint.yml
+++ b/.markdownlint.yml
@@ -0,0 +1,17 @@
+# markdownlint configuration
+# https://github.com/DavidAnson/markdownlint
+
+# Default state for all rules
+default: true
+
+# See https://github.com/DavidAnson/markdownlint#rules--aliases for rules
+MD001: false
+MD007: {indent: 4}
+MD013: false
+MD024: {siblings_only: true}
+MD025: false
+MD033: false
+MD036: false
+MD010: false
+MD012: false
+MD028: false
--- a/.markdownlintignore
+++ b/.markdownlintignore
@@ -0,0 +1,6 @@
+docs/node_modules
+CHANGELOG.md
+docs/architecture/*
+crypto/secp256k1/**
+scripts/*
+.github
--- a/.md-link-check.json
+++ b/.md-link-check.json
@@ -0,0 +1,17 @@
+{
+    "retryOn429": true,
+    "retryCount": 5,
+    "fallbackRetryDelay": "30s",
+    "aliveStatusCodes": [200, 206, 503],
+    "httpHeaders": [
+        {
+            "urls": [
+                "https://docs.github.com/",
+                "https://help.github.com/"
+            ],
+            "headers": {
+                "Accept-Encoding": "zstd, br, gzip, deflate"
+            }
+        }
+    ]
+}
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -1,9 +0,0 @@
-pull_request_rules:
-  - name: automerge to master with label S:automerge and branch protection passing
-    conditions:
-      - base=master
-      - label=S:automerge
-    actions:
-      merge:
-        method: squash
-        strict: true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CHANGELOG_PENDING.md
+++ b/CHANGELOG_PENDING.md
@@ -1,21 +1,100 @@
-## v0.33.3
+# Unreleased Changes

-\*\*
+## v0.38.0

-Special thanks to external contributors on this release:
-
-Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint).
-
-### BREAKING CHANGES:
+### BREAKING CHANGES

 - CLI/RPC/Config

 - Apps

+- P2P Protocol
+
 - Go API
+  - [p2p] \#9625 Remove unused p2p/trust package (@cmwaters)

-### FEATURES:
+- Blockchain Protocol

-### IMPROVEMENTS:
+- Data Storage
+  - [state] \#6541 Move pruneBlocks from consensus/state to state/execution. (@JayT106)
+  
+- Tooling
+  - [tools/tm-signer-harness] \#6498 Set OS home dir to instead of the hardcoded PATH. (@JayT106)

-### BUG FIXES:
+### FEATURES
+
+### IMPROVEMENTS
+
+- [pubsub] \#7319 Performance improvements for the event query API (@creachadair)
+- [p2p/pex] \#6509 Improve addrBook.hash performance (@cuonglm)
+- [crypto/merkle] \#6443 & \#6513 Improve HashAlternatives performance (@cuonglm, @marbar3778)
+
+### BUG FIXES
+
+- [docker] \#9462 ensure Docker image uses consistent version of Go
+
+## v0.37.0
+
+Special thanks to external contributors on this release:
+
+Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermint).
+
+### BREAKING CHANGES
+
+- CLI/RPC/Config
+  - [config] \#9259 Rename the fastsync section and the fast_sync key blocksync and block_sync respectively
+
+- Apps
+  - [abci/counter] \#6684 Delete counter example app
+  - [abci] \#5783 Make length delimiter encoding consistent (`uint64`) between ABCI and P2P wire-level protocols
+  - [abci] \#9145 Removes unused Response/Request `SetOption` from ABCI (@samricotta)
+  - [abci/params] \#9287 Deduplicate `ConsensusParams` and `BlockParams` so only `types` proto definitions are used (@cmwaters)
+    - Remove `TimeIotaMs` and use a hard-coded 1 millisecond value to ensure monotonically increasing block times.
+    - Rename `AppVersion` to `App` so as to not stutter.
+  - [types] \#9287 Reduce the use of protobuf types in core logic. (@cmwaters)
+    - `ConsensusParams`, `BlockParams`, `ValidatorParams`, `EvidenceParams`, `VersionParams` have become native types.
+      They still utilize protobuf when being sent over the wire or written to disk.
+    - Moved `ValidateConsensusParams` inside (now native type) `ConsensusParams`, and renamed it to `ValidateBasic`.
+  - [abci] \#9301 New ABCI methods `PrepareProposal` and `ProcessProposal` which give the app control over transactions proposed and allows for verification of proposed blocks.
+  - [abci] \#8216 Renamed `EvidenceType` to `MisbehaviorType` and `Evidence` to `Misbehavior` as a more accurate label of their contents. (@williambanfield, @sergio-mena)
+  - [abci] \#9122 Renamed `LastCommitInfo` to `CommitInfo` in preparation for vote extensions. (@cmwaters)
+  - [abci] \#8656, \#8901 Added cli commands for `PrepareProposal` and `ProcessProposal`. (@jmalicevic, @hvanz)
+  - [abci] \#6403 Change the `key` and `value` fields from `[]byte` to `string` in the `EventAttribute` type. (@alexanderbez)
+
+- P2P Protocol
+
+- Go API
+    - [all] \#9144 Change spelling from British English to American (@cmwaters)
+        - Rename "Subscription.Cancelled()" to "Subscription.Canceled()" in libs/pubsub
+    - [crypto/sr25519] \#6526 Do not re-execute the Ed25519-style key derivation step when doing signing and verification.  The derivation is now done once and only once.  This breaks `sr25519.GenPrivKeyFromSecret` output compatibility. (@Yawning)
+
+- Blockchain Protocol
+
+### FEATURES
+
+- [abci] \#9301 New ABCI methods `PrepareProposal` and `ProcessProposal` which give the app control over transactions proposed and allows for verification of proposed blocks.
+
+### IMPROVEMENTS
+- [crypto] \#9250 Update to use btcec v2 and the latest btcutil. (@wcsiu)
+
+- [cli] \#9171 add `--hard` flag to rollback command (and a boolean to the `RollbackState` method). This will rollback
+  state and remove the last block. This command can be triggered multiple times. The application must also rollback
+  state to the same height. (@tsutsu, @cmwaters)
+- [proto] \#9356 Migrate from `gogo/protobuf` to `cosmos/gogoproto` (@julienrbrt)
+- [rpc] \#9276 Added `header` and `header_by_hash` queries to the RPC client (@samricotta)
+- [abci] \#5706 Added `AbciVersion` to `RequestInfo` allowing applications to check ABCI version when connecting to Tendermint. (@marbar3778)
+- [node] \#6059 Validate and complete genesis doc before saving to state store (@silasdavis)
+
+- [crypto/ed25519] \#5632 Adopt zip215 `ed25519` verification. (@marbar3778)
+- [crypto/ed25519] \#6526 Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `ed25519` signing and verification. (@Yawning)
+- [crypto/sr25519] \#6526 Use [curve25519-voi](https://github.com/oasisprotocol/curve25519-voi) for `sr25519` signing and verification. (@Yawning)
+- [crypto] \#6120 Implement batch verification interface for ed25519 and sr25519. (@marbar3778 & @Yawning)
+- [types] \#6120 use batch verification for verifying commits signatures. (@marbar3778 & @cmwaters & @Yawning)
+    - If the key type supports the batch verification API it will try to batch verify. If the verification fails we will single verify each signature.
+- [state] \#9505 Added logic so when pruning, the evidence period is taken into consideration and only deletes unecessary data (@samricotta)
+
+### BUG FIXES
+
+- [consensus] \#9229 fix round number of `enterPropose` when handling `RoundStepNewRound` timeout. (@fatcat22)
+- [docker] \#9073 enable cross platform build using docker buildx
+- [blocksync] \#9518 handle the case when the sending queue is full: retry block request after a timeout
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -1,56 +1,109 @@
 # The Tendermint Code of Conduct
-This code of conduct applies to all projects run by the Tendermint/COSMOS team and hence to tendermint.

+This code of conduct applies to all projects run by the Tendermint/COSMOS team
+and hence to Tendermint.

 ----

-
 # Conduct
+
 ## Contact: conduct@tendermint.com

-* We are committed to providing a friendly, safe and welcoming environment for all, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, nationality, or other similar characteristic.
+* We are committed to providing a friendly, safe and welcoming environment for
+  all, regardless of level of experience, gender, gender identity and
+  expression, sexual orientation, disability, personal appearance, body size,
+  race, ethnicity, age, religion, nationality, or other similar characteristics.

-* On Slack, please avoid using overtly sexual nicknames or other nicknames that might detract from a friendly, safe and welcoming environment for all.
+* On Slack, please avoid using overtly sexual nicknames or other nicknames that
+  might detract from a friendly, safe and welcoming environment for all.

 * Please be kind and courteous. There’s no need to be mean or rude.

-* Respect that people have differences of opinion and that every design or implementation choice carries a trade-off and numerous costs. There is seldom a right answer.
+* Respect that people have differences of opinion and that every design or
+  implementation choice carries a trade-off and numerous costs. There is seldom
+  a right answer.

-* Please keep unstructured critique to a minimum. If you have solid ideas you want to experiment with, make a fork and see how it works.
+* Please keep unstructured critique to a minimum. If you have solid ideas you
+  want to experiment with, make a fork and see how it works.

-* We will exclude you from interaction if you insult, demean or harass anyone. That is not welcome behaviour. We interpret the term “harassment” as including the definition in the [Citizen Code of Conduct](http://citizencodeofconduct.org/); if you have any lack of clarity about what might be included in that concept, please read their definition. In particular, we don’t tolerate behavior that excludes people in socially marginalized groups.
+* We will exclude you from interaction if you insult, demean or harass anyone.
+  That is not welcome behavior. We interpret the term “harassment” as including
+  the definition in the [Citizen Code of Conduct][ccoc]; if you have any lack of
+  clarity about what might be included in that concept, please read their
+  definition. In particular, we don’t tolerate behavior that excludes people in
+  socially marginalized groups.

-* Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or made uncomfortable by a community member, please contact one of the channel admins or the person mentioned above immediately. Whether you’re a regular contributor or a newcomer, we care about making this community a safe place for you and we’ve got your back.
-
-* Likewise any spamming, trolling, flaming, baiting or other attention-stealing behaviour is not welcome.
+* Private harassment is also unacceptable. No matter who you are, if you feel
+  you have been or are being harassed or made uncomfortable by a community
+  member, please contact one of the channel admins or the person mentioned above
+  immediately. Whether you’re a regular contributor or a newcomer, we care about
+  making this community a safe place for you and we’ve got your back.

+* Likewise any spamming, trolling, flaming, baiting or other attention-stealing
+  behavior is not welcome.

 ----

-
 # Moderation
-These are the policies for upholding our community’s standards of conduct. If you feel that a thread needs moderation, please contact the above mentioned person.

-1. Remarks that violate the Tendermint/COSMOS standards of conduct, including hateful, hurtful, oppressive, or exclusionary remarks, are not allowed. (Cursing is allowed, but never targeting another user, and never in a hateful manner.)
+These are the policies for upholding our community’s standards of conduct. If
+you feel that a thread needs moderation, please contact the above mentioned
+person.

-2. Remarks that moderators find inappropriate, whether listed in the code of conduct or not, are also not allowed.
+1. Remarks that violate the Tendermint/COSMOS standards of conduct, including
+   hateful, hurtful, oppressive, or exclusionary remarks, are not allowed.
+   (Cursing is allowed, but never targeting another user, and never in a hateful
+   manner.)
+
+2. Remarks that moderators find inappropriate, whether listed in the code of
+   conduct or not, are also not allowed.

 3. Moderators will first respond to such remarks with a warning.

-4. If the warning is unheeded, the user will be “kicked,” i.e., kicked out of the communication channel to cool off.
+4. If the warning is unheeded, the user will be “kicked,” i.e., kicked out of
+   the communication channel to cool off.

-5. If the user comes back and continues to make trouble, they will be banned, i.e., indefinitely excluded.
+5. If the user comes back and continues to make trouble, they will be banned,
+   i.e., indefinitely excluded.

-6. Moderators may choose at their discretion to un-ban the user if it was a first offense and they offer the offended party a genuine apology.
+6. Moderators may choose at their discretion to un-ban the user if it was a
+   first offense and they offer the offended party a genuine apology.

-7. If a moderator bans someone and you think it was unjustified, please take it up with that moderator, or with a different moderator, in private. Complaints about bans in-channel are not allowed.
+7. If a moderator bans someone and you think it was unjustified, please take it
+   up with that moderator, or with a different moderator, in private. Complaints
+   about bans in-channel are not allowed.

-8. Moderators are held to a higher standard than other community members. If a moderator creates an inappropriate situation, they should expect less leeway than others.
+8. Moderators are held to a higher standard than other community members. If a
+   moderator creates an inappropriate situation, they should expect less leeway
+   than others.

-In the Tendermint/COSMOS community we strive to go the extra step to look out for each other. Don’t just aim to be technically unimpeachable, try to be your best self. In particular, avoid flirting with offensive or sensitive issues, particularly if they’re off-topic; this all too often leads to unnecessary fights, hurt feelings, and damaged trust; worse, it can drive people away from the community entirely.
+In the Tendermint/COSMOS community we strive to go the extra step to look out
+for each other. Don’t just aim to be technically unimpeachable, try to be your
+best self. In particular, avoid flirting with offensive or sensitive issues,
+particularly if they’re off-topic; this all too often leads to unnecessary
+fights, hurt feelings, and damaged trust; worse, it can drive people away
+from the community entirely.

-And if someone takes issue with something you said or did, resist the urge to be defensive. Just stop doing what it was they complained about and apologize. Even if you feel you were misinterpreted or unfairly accused, chances are good there was something you could’ve communicated better — remember that it’s your responsibility to make your fellow Cosmonauts comfortable. Everyone wants to get along and we are all here first and foremost because we want to talk about cool technology. You will find that people will be eager to assume good intent and forgive as long as you earn their trust.
+And if someone takes issue with something you said or did, resist the urge to be
+defensive. Just stop doing what it was they complained about and apologize. Even
+if you feel you were misinterpreted or unfairly accused, chances are good there
+was something you could’ve communicated better — remember that it’s your
+responsibility to make your fellow Cosmonauts comfortable. Everyone wants to
+get along and we are all here first and foremost because we want to talk
+about cool technology. You will find that people will be eager to assume
+good intent and forgive as long as you earn their trust.

-The enforcement policies listed above apply to all official Tendermint/COSMOS venues.For other projects adopting the Tendermint/COSMOS Code of Conduct, please contact the maintainers of those projects for enforcement. If you wish to use this code of conduct for your own project, consider explicitly mentioning your moderation policy or making a copy with your own moderation policy so as to avoid confusion.
+The enforcement policies listed above apply to all official Tendermint/COSMOS
+venues. For other projects adopting the Tendermint/COSMOS Code of Conduct,
+please contact the maintainers of those projects for enforcement. If you wish to
+use this code of conduct for your own project, consider explicitly mentioning
+your moderation policy or making a copy with your own moderation policy so as to
+avoid confusion.

-*Adapted from the [Node.js Policy on Trolling](http://blog.izs.me/post/30036893703/policy-on-trolling), the [Contributor Covenant v1.3.0](http://contributor-covenant.org/version/1/3/0/) and the [Rust Code of Conduct](https://www.rust-lang.org/en-US/conduct.html).
+\*Adapted from the [Node.js Policy on Trolling][node-trolling-policy], the
+[Contributor Covenant v1.3.0][ccov] and the [Rust Code of Conduct][rust-coc].
+
+[ccoc]: https://github.com/stumpsyn/policies/blob/master/citizen_code_of_conduct.md
+[node-trolling-policy]: http://blog.izs.me/post/30036893703/policy-on-trolling
+[ccov]: http://contributor-covenant.org/version/1/3/0/
+[rust-coc]: https://www.rust-lang.org/en-US/conduct.html
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,14 +5,14 @@ contributing, it may be helpful to understand the goal of the project. The goal
 of Tendermint is to develop a BFT consensus engine robust enough to
 support permissionless value-carrying networks. While all contributions are
 welcome, contributors should bear this goal in mind in deciding if they should
-target the main tendermint project or a potential fork. When targeting the
+target the main Tendermint project or a potential fork. When targeting the
 main Tendermint project, the following process leads to the best chance of
-landing changes in master.
+landing changes in `main`.

 All work on the code base should be motivated by a [Github
 Issue](https://github.com/tendermint/tendermint/issues).
 [Search](https://github.com/tendermint/tendermint/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22)
-is a good place start when looking for places to contribute.  If you
+is a good place to start when looking for places to contribute. If you
 would like to work on an issue which already exists, please indicate so
 by leaving a comment.

@@ -26,31 +26,36 @@ will indicate their support with a heartfelt emoji.

 If the issue would benefit from thorough discussion, maintainers may
 request that you create a [Request For
-Comment](https://github.com/tendermint/spec/tree/master/rfc). Discussion
+Comment](https://github.com/tendermint/tendermint/tree/main/docs/rfc)
+in the Tendermint spec repo. Discussion
 at the RFC stage will build collective understanding of the dimensions
 of the problems and help structure conversations around trade-offs.

-When the problem is well understood but the solution leads to large
-structural changes to the code base, these changes should be proposed in
-the form of an [Architectural Decision Record
-(ADR)](./docs/architecture/). The ADR will help build consensus on an
-overall strategy to ensure the code base maintains coherence
-in the larger context. If you are not comfortable with writing an ADR,
-you can open a less-formal issue and the maintainers will help you
-turn it into an ADR. ADR numbers can be registered [here](https://github.com/tendermint/tendermint/issues/2313).
+When the problem is well understood but the solution leads to large structural
+changes to the code base, these changes should be proposed in the form of an
+[Architectural Decision Record (ADR)](./docs/architecture/). The ADR will help
+build consensus on an overall strategy to ensure the code base maintains
+coherence in the larger context. If you are not comfortable with writing an
+ADR, you can open a less-formal issue and the maintainers will help you turn it
+into an ADR.
+
+> How to pick a number for the ADR?
+
+Find the largest existing ADR number and bump it by 1.

 When the problem as well as proposed solution are well understood,
 changes should start with a [draft
 pull request](https://github.blog/2019-02-14-introducing-draft-pull-requests/)
-against master. The draft signals that work is underway. When the work
+against `main`. The draft signals that work is underway. When the work
 is ready for feedback, hitting "Ready for Review" will signal to the
 maintainers to take a look.

 ![Contributing flow](./docs/imgs/contributing.png)

 Each stage of the process is aimed at creating feedback cycles which align contributors and maintainers to make sure:
-* Contributors don’t waste their time implementing/proposing features which won’t land in master.
-* Maintainers have the necessary context in order to support and review contributions.
+
+- Contributors don’t waste their time implementing/proposing features which won’t land in `main`.
+- Maintainers have the necessary context in order to support and review contributions.

 ## Forking

@@ -62,25 +67,25 @@ Instead, we use `git remote` to add the fork as a new remote for the original re

 For instance, to create a fork and work on a branch of it, I would:

- Create the fork on github, using the fork button.
+- Create the fork on GitHub, using the fork button.
 - Go to the original repo checked out locally (i.e. `$GOPATH/src/github.com/tendermint/tendermint`)
 - `git remote rename origin upstream`
 - `git remote add origin git@github.com:ebuchman/basecoin.git`

-Now `origin` refers to my fork and `upstream` refers to the tendermint version.
-So I can `git push -u origin master` to update my fork, and make pull requests to tendermint from there.
+Now `origin` refers to my fork and `upstream` refers to the Tendermint version.
+So I can `git push -u origin main` to update my fork, and make pull requests to tendermint from there.
 Of course, replace `ebuchman` with your git handle.

 To pull in updates from the origin repo, run

 - `git fetch upstream`
- `git rebase upstream/master` (or whatever branch you want)
+- `git rebase upstream/main` (or whatever branch you want)

 ## Dependencies

 We use [go modules](https://github.com/golang/go/wiki/Modules) to manage dependencies.

-That said, the master branch of every Tendermint repository should just build
+That said, the `main` branch of every Tendermint repository should just build
 with `go get`, which means they should be kept up-to-date with their
 dependencies so we can get away with telling people they can just `go get` our
 software.
@@ -100,38 +105,46 @@ specify exactly the dependency you want to update, eg.

 ## Protobuf

-We use [Protocol Buffers](https://developers.google.com/protocol-buffers) along with [gogoproto](https://github.com/gogo/protobuf) to generate code for use across Tendermint Core.
+We use [Protocol Buffers](https://developers.google.com/protocol-buffers) along
+with [`gogoproto`](https://github.com/cosmos/gogoproto) to generate code for use
+across Tendermint Core.

-For linting and checking breaking changes, we use [buf](https://buf.build/). If you would like to run linting and check if the changes you have made are breaking then you will have to install the needed dependencies with `make buf`. Then the linting cmd will be `make proto-lint` and the breaking changes check will be `make proto-check-breaking`.
+To generate proto stubs, lint, and check protos for breaking changes, you will
+need to install [buf](https://buf.build/) and `gogoproto`. Then, from the root
+of the repository, run:

-To generate new stubs based off of your changes you can run `make proto-gen` after installing `protoc` and gogoproto.
+```bash
+# Lint all of the .proto files in proto/tendermint
+make proto-lint

-### Installation Instructions
+# Check if any of your local changes (prior to committing to the Git repository)
+# are breaking
+make proto-check-breaking

-To install `protoc`, download an appropriate release (https://github.com/protocolbuffers/protobuf) and then move the provided binaries into your PATH (follow instructions in README included with the download).
-
-To install `gogoproto`, do the following:
-
-```sh
-$ go get github.com/gogo/protobuf/gogoproto
-$ cd $GOPATH/pkg/mod/github.com/gogo/protobuf@v1.3.1 # or wherever go get installs things
-$ make install
+# Generate Go code from the .proto files in proto/tendermint
+make proto-gen
 ```

-You should now be able to run `make proto-gen` from inside the root Tendermint directory to generate new files from proto files.
-
-## Vagrant
-
-If you are a [Vagrant](https://www.vagrantup.com/) user, you can get started
-hacking Tendermint with the commands below.
-
-NOTE: In case you installed Vagrant in 2017, you might need to run
-`vagrant box update` to upgrade to the latest `ubuntu/xenial64`.
+To automatically format `.proto` files, you will need
+[`clang-format`](https://clang.llvm.org/docs/ClangFormat.html) installed. Once
+installed, you can run:

+```bash
+make proto-format
 ```
-vagrant up
-vagrant ssh
-make test
+
+### Visual Studio Code
+
+If you are a VS Code user, you may want to add the following to your `.vscode/settings.json`:
+
+```json
+{
+  "protoc": {
+    "options": [
+      "--proto_path=${workspaceRoot}/proto",
+    ]
+  }
+}
 ```

 ## Changelog
@@ -139,17 +152,54 @@ make test
 Every fix, improvement, feature, or breaking change should be made in a
 pull-request that includes an update to the `CHANGELOG_PENDING.md` file.

+A feature can also be worked on a feature branch, if its size and/or risk
+justifies it (see #branching-model-and-release) below.
+
+### What does a good changelog entry look like?
+
+Changelog entries should answer the question: "what is important about this
+change for users to know?" or "what problem does this solve for users?". It
+should not simply be a reiteration of the title of the associated PR, unless the
+title of the PR _very_ clearly explains the benefit of a change to a user.
+
+Some good examples of changelog entry descriptions:
+
+```md
+- [consensus] \#1111 Small transaction throughput improvement (approximately
+  3-5\% from preliminary tests) through refactoring the way we use channels
+- [mempool] \#1112 Refactor Go API to be able to easily swap out the current
+  mempool implementation in Tendermint forks
+- [p2p] \#1113 Automatically ban peers when their messages are unsolicited or
+  are received too frequently
+```
+
+Some bad examples of changelog entry descriptions:
+
+```md
+- [consensus] \#1111 Refactor channel usage
+- [mempool] \#1112 Make API generic
+- [p2p] \#1113 Ban for PEX message abuse
+```
+
+For more on how to write good changelog entries, see:
+
+- <https://keepachangelog.com>
+- <https://docs.gitlab.com/ee/development/changelog.html#writing-good-changelog-entries>
+- <https://depfu.com/blog/what-makes-a-good-changelog>
+
+### Changelog entry format
+
 Changelog entries should be formatted as follows:

-```
- [module] \#xxx Some description about the change (@contributor)
+```md
+- [module] \#xxx Some description of the change (@contributor)
 ```

 Here, `module` is the part of the code that changed (typically a
 top-level Go package), `xxx` is the pull-request number, and `contributor`
 is the author/s of the change.

-It's also acceptable for `xxx` to refer to the relevent issue number, but pull-request
+It's also acceptable for `xxx` to refer to the relevant issue number, but pull-request
 numbers are preferred.
 Note this means pull-requests should be opened first so the changelog can then
 be updated with the pull-request's number.
@@ -163,87 +213,167 @@ Changes with multiple classifications should be doubly included (eg. a bug fix
 that is also a breaking change should be recorded under both).

 Breaking changes are further subdivided according to the APIs/users they impact.
-Any change that effects multiple APIs/users should be recorded multiply - for
+Any change that affects multiple APIs/users should be recorded multiply - for
 instance, a change to the `Blockchain Protocol` that removes a field from the
 header should also be recorded under `CLI/RPC/Config` since the field will be
-removed from the header in rpc responses as well.
+removed from the header in RPC responses as well.

 ## Branching Model and Release

-The main development branch is master.
+The main development branch is `main`.

 Every release is maintained in a release branch named `vX.Y.Z`.

+Pending minor releases have long-lived release candidate ("RC") branches. Minor release changes should be merged to these long-lived RC branches at the same time that the changes are merged to `main`.
+
+If a feature's size is big and/or its risk is high, it can be implemented in a feature branch.
+While the feature work is in progress,
+pull requests are open and squash merged against the feature branch.
+Branch `main` is periodically merged (merge commit) into the feature branch,
+to reduce branch divergence.
+When the feature is complete, the feature branch is merged back (merge commit) into `main`.
+The moment of the final merge can be carefully chosen
+so as to land different features in different releases.
+
 Note all pull requests should be squash merged except for merging to a release branch (named `vX.Y`). This keeps the commit history clean and makes it
 easy to reference the pull request where a change was introduced.

 ### Development Procedure

- the latest state of development is on `master`
- `master` must never fail `make test`
- never --force onto `master` (except when reverting a broken commit, which should seldom happen)
- create a development branch either on github.com/tendermint/tendermint, or your fork (using `git remote add origin`)
- make changes and update the `CHANGELOG_PENDING.md` to record your change
- before submitting a pull request, run `git rebase` on top of the latest `master`
+The latest state of development is on `main`, which must never fail `make test`. _Never_ force push `main`, unless fixing broken git history (which we rarely do anyways).

-### Pull Merge Procedure
+To begin contributing, create a development branch either on `github.com/tendermint/tendermint`, or your fork (using `git remote add origin`).

- ensure pull branch is based on a recent `master`
- run `make test` to ensure that all tests pass
- squash merge pull request
- the `unstable` branch may be used to aggregate pull merges before fixing tests
+Make changes, and before submitting a pull request, update the `CHANGELOG_PENDING.md` to record your change. Also, run either `git rebase` or `git merge` on top of the latest `main`. (Since pull requests are squash-merged, either is fine!)

-### Release Procedure
+Update the `UPGRADING.md` if the change you've made is breaking and the
+instructions should be in place for a user on how he/she can upgrade its
+software (ABCI application, Tendermint-based blockchain, light client, wallet).

-#### Major Release
+Once you have submitted a pull request label the pull request with either `R:minor`, if the change should be included in the next minor release, or `R:major`, if the change is meant for a major release.

-1. start on `master`
-2. run integration tests (see `test_integrations` in Makefile)
-3. prepare release in a pull request against `master` (to be squash merged):
-   - copy `CHANGELOG_PENDING.md` to top of `CHANGELOG.md`
-   - run `python ./scripts/linkify_changelog.py CHANGELOG.md` to add links for
-     all issues
-   - run `bash ./scripts/authors.sh` to get a list of authors since the latest
-     release, and add the github aliases of external contributors to the top of
-     the changelog. To lookup an alias from an email, try `bash ./scripts/authors.sh <email>`
-   - reset the `CHANGELOG_PENDING.md`
-   - bump versions
-4. push your changes with prepared release details to `vX.X` (this will trigger the release `vX.X.0`)
-5. merge back to master (don't squash merge!)
+Sometimes (often!) pull requests get out-of-date with `main`, as other people merge different pull requests to `main`. It is our convention that pull request authors are responsible for updating their branches with `main`. (This also means that you shouldn't update someone else's branch for them; even if it seems like you're doing them a favor, you may be interfering with their git flow in some way!)

-#### Minor Release
+#### Merging Pull Requests

-If there were no breaking changes and you need to create a release nonetheless,
-the procedure is almost exactly like with a new release above.
+It is also our convention that authors merge their own pull requests, when possible. External contributors may not have the necessary permissions to do this, in which case, a member of the core team will merge the pull request once it's been approved.

-The only difference is that in the end you create a pull request against the existing `X.X` branch.
-The branch name should match the release number you want to create.
-Merging this PR will trigger the next release.
-For example, if the PR is against an existing 0.34 branch which already contains a v0.34.0 release/tag,
-the patch version will be incremented and the created release will be v0.34.1.
+Before merging a pull request:

-#### Backport Release
+- Ensure pull branch is up-to-date with a recent `main` (GitHub won't let you merge without this!)
+- Run `make test` to ensure that all tests pass
+- [Squash](https://stackoverflow.com/questions/5189560/squash-my-last-x-commits-together-using-git) merge pull request

-1. start from the existing release branch you want to backport changes to (e.g. v0.30)
-   Branch to a release/vX.X.X branch locally (e.g. release/v0.30.7)
-2. cherry pick the commit(s) that contain the changes you want to backport (usually these commits are from squash-merged PRs which were already reviewed)
-3. steps 2 and 3 from [Major Release](#major-release)
-4. push changes to release/vX.X.X branch
-5. open a PR against the existing vX.X branch
+#### Pull Requests for Minor Releases
+
+If your change should be included in a minor release, please also open a PR against the long-lived minor release candidate branch (e.g., `rc1/v0.33.5`) _immediately after your change has been merged to main_.
+
+You can do this by cherry-picking your commit off `main`:
+
+```sh
+$ git checkout rc1/v0.33.5
+$ git checkout -b {new branch name}
+$ git cherry-pick {commit SHA from main}
+# may need to fix conflicts, and then use git add and git cherry-pick --continue
+$ git push origin {new branch name}
+```
+
+After this, you can open a PR. Please note in the PR body if there were merge conflicts so that reviewers can be sure to take a thorough look.
+
+### Git Commit Style
+
+We follow the [Go style guide on commit messages](https://tip.golang.org/doc/contribute.html#commit_messages). Write concise commits that start with the package name and have a description that finishes the sentence "This change modifies Tendermint to...". For example,
+
+```sh
+cmd/debug: execute p.Signal only when p is not nil
+
+[potentially longer description in the body]
+
+Fixes #nnnn
+```
+
+Each PR should have one commit once it lands on `main`; this can be accomplished by using the "squash and merge" button on Github. Be sure to edit your commit message, though!

 ## Testing

-All repos should be hooked up to [CircleCI](https://circleci.com/).
+### Unit tests

-If they have `.go` files in the root directory, they will be automatically
-tested by circle using `go test -v -race ./...`. If not, they will need a
-`circle.yml`. Ideally, every repo has a `Makefile` that defines `make test` and
-includes its continuous integration status using a badge in the `README.md`.
+Unit tests are located in `_test.go` files as directed by [the Go testing
+package](https://golang.org/pkg/testing/). If you're adding or removing a
+function, please check there's a `TestType_Method` test for it.
+
+Run: `make test`
+
+### Integration tests
+
+Integration tests are also located in `_test.go` files. What differentiates
+them is a more complicated setup, which usually involves setting up two or more
+components.
+
+Run: `make test_integrations`
+
+### End-to-end tests
+
+End-to-end tests are used to verify a fully integrated Tendermint network.
+
+See [README](./test/e2e/README.md) for details.
+
+Run:
+
+```sh
+cd test/e2e && \
+  make && \
+  ./build/runner -f networks/ci.toml
+```
+
+### Model-based tests (ADVANCED)
+
+*NOTE: if you're just submitting your first PR, you won't need to touch these
+most probably (99.9%)*.
+
+For components, that have been [formally
+verified](https://en.wikipedia.org/wiki/Formal_verification) using
+[TLA+](https://en.wikipedia.org/wiki/TLA%2B), it may be possible to generate
+tests using a combination of the [Apalache Model
+Checker](https://apalache.informal.systems/) and [tendermint-rs testgen
+util](https://github.com/informalsystems/tendermint-rs/tree/master/testgen).
+
+Now, I know there's a lot to take in. If you want to learn more, check out [
+this video](https://www.youtube.com/watch?v=aveoIMphzW8) by Andrey Kupriyanov
+& Igor Konnov.
+
+At the moment, we have model-based tests for the light client, located in the
+`./light/mbt` directory.
+
+Run: `cd light/mbt && go test`
+
+### Fuzz tests (ADVANCED)
+
+*NOTE: if you're just submitting your first PR, you won't need to touch these
+most probably (99.9%)*.
+
+[Fuzz tests](https://en.wikipedia.org/wiki/Fuzzing) can be found inside the
+`./test/fuzz` directory. See [README.md](./test/fuzz/README.md) for details.
+
+Run: `cd test/fuzz && make fuzz-{PACKAGE-COMPONENT}`
+
+### Jepsen tests (ADVANCED)
+
+*NOTE: if you're just submitting your first PR, you won't need to touch these
+most probably (99.9%)*.
+
+[Jepsen](http://jepsen.io/) tests are used to verify the
+[linearizability](https://jepsen.io/consistency/models/linearizable) property
+of the Tendermint consensus. They are located in a separate repository
+-> <https://github.com/tendermint/jepsen>. Please refer to its README for more
+information.

 ### RPC Testing

-If you contribute to the RPC endpoints it's important to document your changes in the [Swagger file](./rpc/swagger/swagger.yaml)
-To test your changes you should install `nodejs` and run:
+**If you contribute to the RPC endpoints it's important to document your
+changes in the [Openapi file](./rpc/openapi/openapi.yaml)**.
+
+To test your changes you must install `nodejs` and run:

 ```bash
 npm i -g dredd
@@ -251,4 +381,8 @@ make build-linux build-contract-tests-hooks
 make contract-tests
 ```

-This command will popup a network and check every endpoint against what has been documented
+**WARNING: these are currently broken due to <https://github.com/apiaryio/dredd>
+not supporting complete OpenAPI 3**.
+
+This command will popup a network and check every endpoint against what has
+been documented.
--- a/DOCKER/Dockerfile
+++ b/DOCKER/Dockerfile
@@ -1,4 +1,18 @@
-FROM alpine:3.9
+# Use a build arg to ensure that both stages use the same,
+# hopefully current, go version.
+ARG GOLANG_BASE_IMAGE=golang:1.18-alpine
+
+# stage 1 Generate Tendermint Binary
+FROM --platform=$BUILDPLATFORM $GOLANG_BASE_IMAGE as builder
+RUN apk update && \
+    apk upgrade && \
+    apk --no-cache add make
+COPY / /tendermint
+WORKDIR /tendermint
+RUN TARGETPLATFORM=$TARGETPLATFORM make build-linux
+
+# stage 2
+FROM $GOLANG_BASE_IMAGE
 LABEL maintainer="hello@tendermint.com"

 # Tendermint will be looking for the genesis file in /tendermint/config/genesis.json
@@ -22,17 +36,25 @@ RUN apk update && \
 # Run the container with tmuser by default. (UID=100, GID=1000)
 USER tmuser

-# Expose the data directory as a volume since there's mutable state in there
-VOLUME [ $TMHOME ]
-
 WORKDIR $TMHOME

-# p2p and rpc port
-EXPOSE 26656 26657
+# p2p, rpc and prometheus port
+EXPOSE 26656 26657 26660

-ENTRYPOINT ["/usr/bin/tendermint"]
-CMD ["node", "--moniker=`hostname`"]
 STOPSIGNAL SIGTERM

-ARG BINARY=tendermint
-COPY $BINARY /usr/bin/tendermint
+COPY --from=builder /tendermint/build/tendermint /usr/bin/tendermint
+
+# You can overwrite these before the first run to influence
+# config.json and genesis.json. Additionally, you can override
+# CMD to add parameters to `tendermint node`.
+ENV PROXY_APP=kvstore MONIKER=dockernode CHAIN_ID=dockerchain
+
+COPY ./DOCKER/docker-entrypoint.sh /usr/local/bin/
+
+ENTRYPOINT ["docker-entrypoint.sh"]
+CMD ["node"]
+
+# Expose the data directory as a volume since there's mutable state in there
+VOLUME [ "$TMHOME" ]
+
--- a/DOCKER/Dockerfile.build_c-amazonlinux
+++ b/DOCKER/Dockerfile.build_c-amazonlinux
@@ -24,5 +24,5 @@ ENV GOPATH=/go/src
 RUN mkdir -p /tendermint
 WORKDIR /tendermint

-CMD ["/usr/bin/make", "build_c"]
+CMD ["/usr/bin/make", "build", "TENDERMINT_BUILD_OPTIONS=cleveldb"]

--- a/DOCKER/README.md
+++ b/DOCKER/README.md
@@ -6,23 +6,23 @@ DockerHub tags for official releases are [here](https://hub.docker.com/r/tenderm

 Official releases can be found [here](https://github.com/tendermint/tendermint/releases).

-The Dockerfile for tendermint is not expected to change in the near future. The master file used for all builds can be found [here](https://raw.githubusercontent.com/tendermint/tendermint/master/DOCKER/Dockerfile).
+The Dockerfile for Tendermint is not expected to change in the near future. The main file used for all builds can be found [here](https://raw.githubusercontent.com/tendermint/tendermint/main/DOCKER/Dockerfile).

-Respective versioned files can be found https://raw.githubusercontent.com/tendermint/tendermint/vX.XX.XX/DOCKER/Dockerfile (replace the Xs with the version number).
+Respective versioned files can be found at `https://raw.githubusercontent.com/tendermint/tendermint/vX.XX.XX/DOCKER/Dockerfile` (replace the Xs with the version number).

 ## Quick reference

- **Where to get help:** https://tendermint.com/
- **Where to file issues:** https://github.com/tendermint/tendermint/issues
+- **Where to get help:** <https://tendermint.com/>
+- **Where to file issues:** <https://github.com/tendermint/tendermint/issues>
 - **Supported Docker versions:** [the latest release](https://github.com/moby/moby/releases) (down to 1.6 on a best-effort basis)

 ## Tendermint

 Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine, written in any programming language, and securely replicates it on many machines.

-For more background, see the [the docs](https://docs.tendermint.com/master/introduction/#quick-start).
+For more background, see the [the docs](https://docs.tendermint.com/main/introduction/#quick-start).

-To get started developing applications, see the [application developers guide](https://docs.tendermint.com/master/introduction/quick-start.html).
+To get started developing applications, see the [application developers guide](https://docs.tendermint.com/main/introduction/quick-start.html).

 ## How to use this image

@@ -30,16 +30,16 @@ To get started developing applications, see the [application developers guide](h

 A quick example of a built-in app and Tendermint core in one container.

-```
+```sh
 docker run -it --rm -v "/tmp:/tendermint" tendermint/tendermint init
 docker run -it --rm -v "/tmp:/tendermint" tendermint/tendermint node --proxy_app=kvstore
 ```

 ## Local cluster

-To run a 4-node network, see the `Makefile` in the root of [the repo](https://github.com/tendermint/tendermint/blob/master/Makefile) and run:
+To run a 4-node network, see the `Makefile` in the root of [the repo](https://github.com/tendermint/tendermint/blob/main/Makefile) and run:

-```
+```sh
 make build-linux
 make build-docker-localnode
 make localnet-start
@@ -49,8 +49,8 @@ Note that this will build and use a different image than the ones provided here.

 ## License

- Tendermint's license is [Apache 2.0](https://github.com/tendermint/tendermint/blob/master/LICENSE).
+- Tendermint's license is [Apache 2.0](https://github.com/tendermint/tendermint/blob/main/LICENSE).

 ## Contributing

-Contributions are most welcome! See the [contributing file](https://github.com/tendermint/tendermint/blob/master/CONTRIBUTING.md) for more information.
+Contributions are most welcome! See the [contributing file](https://github.com/tendermint/tendermint/blob/main/CONTRIBUTING.md) for more information.
--- a/DOCKER/docker-entrypoint.sh
+++ b/DOCKER/docker-entrypoint.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+if [ ! -d "$TMHOME/config" ]; then
+	echo "Running tendermint init to create (default) configuration for docker run."
+	tendermint init
+
+	sed -i \
+		-e "s/^proxy_app\s*=.*/proxy_app = \"$PROXY_APP\"/" \
+		-e "s/^moniker\s*=.*/moniker = \"$MONIKER\"/" \
+		-e 's/^addr_book_strict\s*=.*/addr_book_strict = false/' \
+		-e 's/^timeout_commit\s*=.*/timeout_commit = "500ms"/' \
+		-e 's/^index_all_tags\s*=.*/index_all_tags = true/' \
+		-e 's,^laddr = "tcp://127.0.0.1:26657",laddr = "tcp://0.0.0.0:26657",' \
+		-e 's/^prometheus\s*=.*/prometheus = true/' \
+		"$TMHOME/config/config.toml"
+
+	jq ".chain_id = \"$CHAIN_ID\" | .consensus_params.block.time_iota_ms = \"500\"" \
+		"$TMHOME/config/genesis.json" > "$TMHOME/config/genesis.json.new"
+	mv "$TMHOME/config/genesis.json.new" "$TMHOME/config/genesis.json"
+fi
+
+exec tendermint "$@"
--- a/6
+++ b/6
@@ -1,5 +1,3 @@
-Tendermint Core
-License: Apache2.0

                                 Apache License
                           Version 2.0, January 2004
@@ -181,7 +179,7 @@ License: Apache2.0
   APPENDIX: How to apply the Apache License to your work.

      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "{}"
+      boilerplate notice, with the fields enclosed by brackets "[]"
      replaced with your own identifying information. (Don't include
      the brackets!)  The text should be enclosed in the appropriate
      comment syntax for the file format. We also recommend that a
@@ -189,7 +187,7 @@ License: Apache2.0
      same "printed page" as the copyright notice for easier
      identification within third-party archives.

-   Copyright 2016 All in Bits, Inc
+   Copyright [yyyy] [name of copyright owner]

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
--- a/281
+++ b/281
@@ -1,16 +1,116 @@
 PACKAGES=$(shell go list ./...)
-OUTPUT?=build/tendermint
+BUILDDIR?=$(CURDIR)/build
+OUTPUT?=$(BUILDDIR)/tendermint

-BUILD_TAGS?='tendermint'
-LD_FLAGS = -X github.com/tendermint/tendermint/version.GitCommit=`git rev-parse --short=8 HEAD` -s -w
+BUILD_TAGS?=tendermint
+
+COMMIT_HASH := $(shell git rev-parse --short HEAD)
+LD_FLAGS = -X github.com/tendermint/tendermint/version.TMGitCommitHash=$(COMMIT_HASH)
 BUILD_FLAGS = -mod=readonly -ldflags "$(LD_FLAGS)"
 HTTPS_GIT := https://github.com/tendermint/tendermint.git
+CGO_ENABLED ?= 0
+
+# handle nostrip
+ifeq (,$(findstring nostrip,$(TENDERMINT_BUILD_OPTIONS)))
+  BUILD_FLAGS += -trimpath
+  LD_FLAGS += -s -w
+endif
+
+# handle race
+ifeq (race,$(findstring race,$(TENDERMINT_BUILD_OPTIONS)))
+  CGO_ENABLED=1
+  BUILD_FLAGS += -race
+endif
+
+# handle cleveldb
+ifeq (cleveldb,$(findstring cleveldb,$(TENDERMINT_BUILD_OPTIONS)))
+  CGO_ENABLED=1
+  BUILD_TAGS += cleveldb
+endif
+
+# handle badgerdb
+ifeq (badgerdb,$(findstring badgerdb,$(TENDERMINT_BUILD_OPTIONS)))
+  BUILD_TAGS += badgerdb
+endif
+
+# handle rocksdb
+ifeq (rocksdb,$(findstring rocksdb,$(TENDERMINT_BUILD_OPTIONS)))
+  CGO_ENABLED=1
+  BUILD_TAGS += rocksdb
+endif
+
+# handle boltdb
+ifeq (boltdb,$(findstring boltdb,$(TENDERMINT_BUILD_OPTIONS)))
+  BUILD_TAGS += boltdb
+endif
+
+# allow users to pass additional flags via the conventional LDFLAGS variable
+LD_FLAGS += $(LDFLAGS)
+
+# Process Docker environment varible TARGETPLATFORM 
+# in order to build binary with correspondent ARCH
+# by default will always build for linux/amd64
+TARGETPLATFORM ?= 
+GOOS ?= linux
+GOARCH ?= amd64
+GOARM ?=
+
+ifeq (linux/arm,$(findstring linux/arm,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=arm
+	GOARM=7
+endif
+
+ifeq (linux/arm/v6,$(findstring linux/arm/v6,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=arm
+	GOARM=6
+endif
+
+ifeq (linux/arm64,$(findstring linux/arm64,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=arm64
+	GOARM=7
+endif
+
+ifeq (linux/386,$(findstring linux/386,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=386
+endif
+
+ifeq (linux/amd64,$(findstring linux/amd64,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=amd64
+endif
+
+ifeq (linux/mips,$(findstring linux/mips,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=mips
+endif
+
+ifeq (linux/mipsle,$(findstring linux/mipsle,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=mipsle
+endif
+
+ifeq (linux/mips64,$(findstring linux/mips64,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=mips64
+endif
+
+ifeq (linux/mips64le,$(findstring linux/mips64le,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=mips64le
+endif
+
+ifeq (linux/riscv64,$(findstring linux/riscv64,$(TARGETPLATFORM)))
+	GOOS=linux
+	GOARCH=riscv64
+endif

 all: check build test install
 .PHONY: all

-# The below include contains the tools.
-include tools.mk
 include tests.mk

 ###############################################################################
@@ -18,51 +118,81 @@ include tests.mk
 ###############################################################################

 build:
-	CGO_ENABLED=0 go build $(BUILD_FLAGS) -tags $(BUILD_TAGS) -o $(OUTPUT) ./cmd/tendermint/
+	CGO_ENABLED=$(CGO_ENABLED) go build $(BUILD_FLAGS) -tags '$(BUILD_TAGS)' -o $(OUTPUT) ./cmd/tendermint/
 .PHONY: build

-build_c:
-	CGO_ENABLED=1 go build $(BUILD_FLAGS) -tags "$(BUILD_TAGS) cleveldb" -o $(OUTPUT) ./cmd/tendermint/
-.PHONY: build_c
-
-build_race:
-	CGO_ENABLED=1 go build -race $(BUILD_FLAGS) -tags $(BUILD_TAGS) -o $(OUTPUT) ./cmd/tendermint
-.PHONY: build_race
-
 install:
-	CGO_ENABLED=0 go install $(BUILD_FLAGS) -tags $(BUILD_TAGS) ./cmd/tendermint
+	CGO_ENABLED=$(CGO_ENABLED) go install $(BUILD_FLAGS) -tags $(BUILD_TAGS) ./cmd/tendermint
 .PHONY: install

-install_c:
-	CGO_ENABLED=1 go install $(BUILD_FLAGS) -tags "$(BUILD_TAGS) cleveldb" ./cmd/tendermint
-.PHONY: install_c
+###############################################################################
+###                               Metrics                                   ###
+###############################################################################
+
+metrics: testdata-metrics
+	go generate -run="scripts/metricsgen" ./...
+.PHONY: metrics
+
+# By convention, the go tool ignores subdirectories of directories named
+# 'testdata'. This command invokes the generate command on the folder directly
+# to avoid this.
+testdata-metrics:
+	ls ./scripts/metricsgen/testdata | xargs -I{} go generate -v -run="scripts/metricsgen" ./scripts/metricsgen/testdata/{}
+.PHONY: testdata-metrics
+
+###############################################################################
+###                                Mocks                                    ###
+###############################################################################
+
+mockery:
+	go generate -run="./scripts/mockery_generate.sh" ./...
+.PHONY: mockery

 ###############################################################################
 ###                                Protobuf                                 ###
 ###############################################################################

-proto-all: proto-gen proto-lint proto-check-breaking
-.PHONY: proto-all
+check-proto-deps:
+ifeq (,$(shell which protoc-gen-gogofaster))
+	@go install github.com/cosmos/gogoproto/protoc-gen-gogofaster@latest
+endif
+.PHONY: check-proto-deps

-proto-gen:
-	## If you get the following error,
-	## "error while loading shared libraries: libprotobuf.so.14: cannot open shared object file: No such file or directory"
-	## See https://stackoverflow.com/a/25518702
-	## Note the $< here is substituted for the %.proto
-	## Note the $@ here is substituted for the %.pb.go
-	@sh scripts/protocgen.sh
+check-proto-format-deps:
+ifeq (,$(shell which clang-format))
+	$(error "clang-format is required for Protobuf formatting. See instructions for your platform on how to install it.")
+endif
+.PHONY: check-proto-format-deps
+
+proto-gen: check-proto-deps
+	@echo "Generating Protobuf files"
+	@go run github.com/bufbuild/buf/cmd/buf generate
+	@mv ./proto/tendermint/abci/types.pb.go ./abci/types/
+	@cp ./proto/tendermint/rpc/grpc/types.pb.go ./rpc/grpc
 .PHONY: proto-gen

-proto-lint:
-	@buf check lint --error-format=json
+# These targets are provided for convenience and are intended for local
+# execution only.
+proto-lint: check-proto-deps
+	@echo "Linting Protobuf files"
+	@go run github.com/bufbuild/buf/cmd/buf lint
 .PHONY: proto-lint

-proto-check-breaking:
-	@buf check breaking --against-input ".git#branch=master"
+proto-format: check-proto-format-deps
+	@echo "Formatting Protobuf files"
+	@find . -name '*.proto' -path "./proto/*" -exec clang-format -i {} \;
+.PHONY: proto-format
+
+proto-check-breaking: check-proto-deps
+	@echo "Checking for breaking changes in Protobuf files against local branch"
+	@echo "Note: This is only useful if your changes have not yet been committed."
+	@echo "      Otherwise read up on buf's \"breaking\" command usage:"
+	@echo "      https://docs.buf.build/breaking/usage"
+	@go run github.com/bufbuild/buf/cmd/buf breaking --against ".git"
 .PHONY: proto-check-breaking

 proto-check-breaking-ci:
-	@buf check breaking --against-input "$(HTTPS_GIT)#branch=master"
+	@go run github.com/bufbuild/buf/cmd/buf breaking --against $(HTTPS_GIT)#branch=v0.34.x
 .PHONY: proto-check-breaking-ci

 ###############################################################################
@@ -119,28 +249,29 @@ gen_certs: clean_certs
 	certstrap init --common-name "tendermint.com" --passphrase ""
 	certstrap request-cert --common-name "server" -ip "127.0.0.1" --passphrase ""
 	certstrap sign "server" --CA "tendermint.com" --passphrase ""
-	mv out/server.crt rpc/lib/server/test.crt
-	mv out/server.key rpc/lib/server/test.key
+	mv out/server.crt rpc/jsonrpc/server/test.crt
+	mv out/server.key rpc/jsonrpc/server/test.key
 	rm -rf out
 .PHONY: gen_certs

 # deletes generated certificates
 clean_certs:
-	rm -f rpc/lib/server/test.crt
-	rm -f rpc/lib/server/test.key
+	rm -f rpc/jsonrpc/server/test.crt
+	rm -f rpc/jsonrpc/server/test.key
 .PHONY: clean_certs

 ###############################################################################
 ###                  Formatting, linting, and vetting                       ###
 ###############################################################################

-fmt:
-	@go fmt ./...
-.PHONY: fmt
+format:
+	find . -name '*.go' -type f -not -path "*.git*" -not -name '*.pb.go' -not -name '*pb_test.go' | xargs gofmt -w -s
+	find . -name '*.go' -type f -not -path "*.git*"  -not -name '*.pb.go' -not -name '*pb_test.go' | xargs goimports -w -local github.com/tendermint/tendermint
+.PHONY: format

 lint:
 	@echo "--> Running linter"
-	@golangci-lint run
+	@go run github.com/golangci/golangci-lint/cmd/golangci-lint run
 .PHONY: lint

 DESTINATION = ./index.html.md
@@ -149,16 +280,33 @@ DESTINATION = ./index.html.md
 ###                           Documentation                                 ###
 ###############################################################################

+DOCS_OUTPUT?=/tmp/tendermint-core-docs
+
+# This builds a docs site for each branch/tag in `./docs/versions` and copies
+# each site to a version prefixed path. The last entry inside the `versions`
+# file will be the default root index.html. Only redirects that are built into
+# the "redirects" folder of each of the branches will be copied out to the root
+# of the build at the end.
 build-docs:
-	cd docs && \
-	while read p; do \
-		(git checkout $${p} && npm install && VUEPRESS_BASE="/$${p}/" npm run build) ; \
-		mkdir -p ~/output/$${p} ; \
-		cp -r .vuepress/dist/* ~/output/$${p}/ ; \
-		cp ~/output/$${p}/index.html ~/output ; \
+	@cd docs && \
+	while read -r branch path_prefix; do \
+		(git checkout $${branch} && npm ci && VUEPRESS_BASE="/$${path_prefix}/" npm run build) ; \
+		mkdir -p $(DOCS_OUTPUT)/$${path_prefix} ; \
+		cp -r .vuepress/dist/* $(DOCS_OUTPUT)/$${path_prefix}/ ; \
+		cp $(DOCS_OUTPUT)/$${path_prefix}/index.html $(DOCS_OUTPUT) ; \
+		cp $(DOCS_OUTPUT)/$${path_prefix}/404.html $(DOCS_OUTPUT) ; \
+		cp -r $(DOCS_OUTPUT)/$${path_prefix}/redirects/* $(DOCS_OUTPUT) || true ; \
 	done < versions ;
 .PHONY: build-docs

+# Build and serve the local version of the docs on the current branch from
+# http://0.0.0.0:8080
+serve-docs:
+	@cd docs && \
+		npm ci && \
+		npm run serve
+.PHONY: serve-docs
+
 sync-docs:
 	cd ~/output && \
 	echo "role_arn = ${DEPLOYMENT_ROLE_ARN}" >> /root/.aws/config ; \
@@ -167,11 +315,16 @@ sync-docs:
 	aws cloudfront create-invalidation --distribution-id ${CF_DISTRIBUTION_ID} --profile terraform --path "/*" ;
 .PHONY: sync-docs

+# Verify that important design docs have ToC entries.
+check-docs-toc:
+	@./docs/presubmit.sh
+.PHONY: check-docs-toc
+
 ###############################################################################
 ###                            Docker image                                 ###
 ###############################################################################

-build-docker:
+build-docker: build-linux
 	cp $(OUTPUT) DOCKER/tendermint
 	docker build --label=tendermint --tag="tendermint/tendermint" DOCKER
 	rm -rf DOCKER/tendermint
@@ -182,17 +335,17 @@ build-docker:
 ###############################################################################

 # Build linux binary on other platforms
-build-linux: tools
-	GOOS=linux GOARCH=amd64 $(MAKE) build
+build-linux:
+	GOOS=$(GOOS) GOARCH=$(GOARCH) GOARM=$(GOARM) $(MAKE) build
 .PHONY: build-linux

 build-docker-localnode:
 	@cd networks/local && make
 .PHONY: build-docker-localnode

-# Runs `make build_c` from within an Amazon Linux (v2)-based Docker build
-# container in order to build an Amazon Linux-compatible binary. Produces a
-# compatible binary at ./build/tendermint
+# Runs `make build TENDERMINT_BUILD_OPTIONS=cleveldb` from within an Amazon
+# Linux (v2)-based Docker build container in order to build an Amazon
+# Linux-compatible binary. Produces a compatible binary at ./build/tendermint
 build_c-amazonlinux:
 	$(MAKE) -C ./DOCKER build_amazonlinux_buildimage
 	docker run --rm -it -v `pwd`:/tendermint tendermint/tendermint:build_c-amazonlinux
@@ -200,7 +353,7 @@ build_c-amazonlinux:

 # Run a 4-node testnet locally
 localnet-start: localnet-stop build-docker-localnode
-	@if ! [ -f build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --config /etc/tendermint/config-template.toml --v 4 --o . --populate-persistent-peers --starting-ip-address 192.167.10.2; fi
+	@if ! [ -f build/node0/config/genesis.json ]; then docker run --rm -v $(CURDIR)/build:/tendermint:Z tendermint/localnode testnet --config /etc/tendermint/config-template.toml --o . --starting-ip-address 192.167.10.2; fi
 	docker-compose up
 .PHONY: localnet-start

@@ -226,3 +379,25 @@ endif
 contract-tests:
 	dredd
 .PHONY: contract-tests
+
+# Implements test splitting and running. This is pulled directly from
+# the github action workflows for better local reproducibility.
+
+GO_TEST_FILES != find $(CURDIR) -name "*_test.go"
+
+# default to four splits by default
+NUM_SPLIT ?= 4
+
+$(BUILDDIR):
+	mkdir -p $@
+
+# The format statement filters out all packages that don't have tests.
+# Note we need to check for both in-package tests (.TestGoFiles) and
+# out-of-package tests (.XTestGoFiles).
+$(BUILDDIR)/packages.txt:$(GO_TEST_FILES) $(BUILDDIR)
+	go list -f "{{ if (or .TestGoFiles .XTestGoFiles) }}{{ .ImportPath }}{{ end }}" ./... | sort > $@
+
+split-test-packages:$(BUILDDIR)/packages.txt
+	split -d -n l/$(NUM_SPLIT) $< $<.
+test-group-%:split-test-packages
+	cat $(BUILDDIR)/packages.txt.$* | xargs go test -mod=readonly -timeout=15m -race -coverprofile=$(BUILDDIR)/$*.profile.out
--- a/PHILOSOPHY.md
+++ b/PHILOSOPHY.md
@@ -1,16 +1,16 @@
-## Design goals
+# Design goals

 The design goals for Tendermint (and the SDK and related libraries) are:

- * Simplicity and Legibility
- * Parallel performance, namely ability to utilize multicore architecture
- * Ability to evolve the codebase bug-free
- * Debuggability
- * Complete correctness that considers all edge cases, esp in concurrency
- * Future-proof modular architecture, message protocol, APIs, and encapsulation
+* Simplicity and Legibility
+* Parallel performance, namely ability to utilize multicore architecture
+* Ability to evolve the codebase bug-free
+* Debuggability
+* Complete correctness that considers all edge cases, esp in concurrency
+* Future-proof modular architecture, message protocol, APIs, and encapsulation


-### Justification
+## Justification

 Legibility is key to maintaining bug-free software as it evolves toward more
 optimizations, more ease of debugging, and additional features.
@@ -44,7 +44,7 @@ become more complicated over time, and it becomes more and more difficult to
 assess the correctness of such a for-loop by visual inspection.


-### On performance
+## On performance

 It doesn't matter whether there are alternative implementations that are 2x or
 3x more performant, when the software doesn't work, deadlocks, or if bugs
@@ -74,7 +74,7 @@ that works well enough, can be debugged and maintained, and can serve as a spec
 for future implementations.


-### On encapsulation
+## On encapsulation

 In order to create maintainable, forward-optimizable software, it is critical
 to develop well-encapsulated objects that have well understood properties, and
@@ -92,12 +92,12 @@ and the rand.Rand struct.  It's one single struct declaration that can be used
 in both concurrent and non-concurrent logic, and due to its well encapsulation,
 it's easy to get the usage of the mutex right.

-#### example: rand.Rand:
+### example: rand.Rand

 `The default Source is safe for concurrent use by multiple goroutines, but
 Sources created by NewSource are not`.  The reason why the default
 package-level source is safe for concurrent use is because it is protected (see
-`lockedSource` in https://golang.org/src/math/rand/rand.go).
+`lockedSource` in <https://golang.org/src/math/rand/rand.go>).

 But we shouldn't rely on the global source, we should be creating our own
 Rand/Source instances and using them, especially for determinism in testing.
@@ -120,7 +120,7 @@ clear what methods have what side effects, then there is something wrong about
 the design of abstractions that should be revisited.


-### On concurrency
+## On concurrency

 In order for Tendermint to remain relevant in the years to come, it is vital
 for Tendermint to take advantage of multicore architectures.  Due to the nature
@@ -131,24 +131,24 @@ design, especially when it comes to the reactor design, and also for RPC
 request handling.


-## Guidelines
+# Guidelines

 Here are some guidelines for designing for (sufficient) performance and concurrency:

- * Mutex locks are cheap enough when there isn't contention.
- * Do not optimize code without analytical or observed proof that it is in a hot path.
- * Don't over-use channels when mutex locks w/ encapsulation are sufficient.
- * The need to drain channels are often a hint of unconsidered edge cases.
- * The creation of O(N) one-off goroutines is generally technical debt that
+* Mutex locks are cheap enough when there isn't contention.
+* Do not optimize code without analytical or observed proof that it is in a hot path.
+* Don't over-use channels when mutex locks w/ encapsulation are sufficient.
+* The need to drain channels are often a hint of unconsidered edge cases.
+* The creation of O(N) one-off goroutines is generally technical debt that
   needs to get addressed sooner than later.  Avoid creating too many
 goroutines as a patch around incomplete concurrency design, or at least be
 aware of the debt and do not invest in the debt.  On the other hand, Tendermint
 is designed to have a limited number of peers (e.g. 10 or 20), so the creation
 of O(C) goroutines per O(P) peers is still O(C\*P=constant).
-  * Use defer statements to unlock as much as possible.  If you want to unlock sooner,
+* Use defer statements to unlock as much as possible.  If you want to unlock sooner,
    try to create more modular functions that do make use of defer statements.

-## Matras
+# Mantras

 * Premature optimization kills
 * Readability is paramount
--- a/README.md
+++ b/README.md
@@ -2,160 +2,174 @@

 ![banner](docs/tendermint-core-image.jpg)

-[Byzantine-Fault Tolerant](https://en.wikipedia.org/wiki/Byzantine_fault_tolerance)
-[State Machines](https://en.wikipedia.org/wiki/State_machine_replication).
-Or [Blockchain](<https://en.wikipedia.org/wiki/Blockchain_(database)>), for short.
+[Byzantine-Fault Tolerant][bft] [State Machine Replication][smr]. Or
+[Blockchain], for short.

-[![version](https://img.shields.io/github/tag/tendermint/tendermint.svg)](https://github.com/tendermint/tendermint/releases/latest)
-[![API Reference](https://camo.githubusercontent.com/915b7be44ada53c290eb157634330494ebe3e30a/68747470733a2f2f676f646f632e6f72672f6769746875622e636f6d2f676f6c616e672f6764646f3f7374617475732e737667)](https://godoc.org/github.com/tendermint/tendermint)
-[![Go version](https://img.shields.io/badge/go-1.13-blue.svg)](https://github.com/moovweb/gvm)
-[![Discord](https://img.shields.io/discord/669268347736686612.svg)](https://discord.gg/AzefAFd)  
-[![license](https://img.shields.io/github/license/tendermint/tendermint.svg)](https://github.com/tendermint/tendermint/blob/master/LICENSE)
-[![](https://tokei.rs/b1/github/tendermint/tendermint?category=lines)](https://github.com/tendermint/tendermint)
+[![Version][version-badge]][version-url]
+[![API Reference][api-badge]][api-url]
+[![Go version][go-badge]][go-url]
+[![Discord chat][discord-badge]][discord-url]
+[![License][license-badge]][license-url]
+[![Sourcegraph][sg-badge]][sg-url]

-| Branch | Tests                                                                                                                                                | Coverage                                                                                                                             |
-| ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
-| master | [![CircleCI](https://circleci.com/gh/tendermint/tendermint/tree/master.svg?style=shield)](https://circleci.com/gh/tendermint/tendermint/tree/master) | [![codecov](https://codecov.io/gh/tendermint/tendermint/branch/master/graph/badge.svg)](https://codecov.io/gh/tendermint/tendermint) |
+| Branch | Tests                              | Linting                         |
+|--------|------------------------------------|---------------------------------|
+| main   | [![Tests][tests-badge]][tests-url] | [![Lint][lint-badge]][lint-url] |

-Tendermint Core is Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language -
-and securely replicates it on many machines.
+Tendermint Core is a Byzantine Fault Tolerant (BFT) middleware that takes a
+state transition machine - written in any programming language - and securely
+replicates it on many machines.

-For protocol details, see [the specification](https://github.com/tendermint/spec).
+For protocol details, refer to the [Tendermint Specification](./spec/README.md).

-For detailed analysis of the consensus protocol, including safety and liveness proofs,
-see our recent paper, "[The latest gossip on BFT consensus](https://arxiv.org/abs/1807.04938)".
+For detailed analysis of the consensus protocol, including safety and liveness
+proofs, read our paper, "[The latest gossip on BFT
+consensus](https://arxiv.org/abs/1807.04938)".
+
+## Documentation
+
+Complete documentation can be found on the
+[website](https://docs.tendermint.com/).

 ## Releases

-NOTE: The master branch is now an active development branch (starting with `v0.32`). Please, do not depend on it and
-use [releases](https://github.com/tendermint/tendermint/releases) instead.
+Please do not depend on `main` as your production branch. Use
+[releases](https://github.com/tendermint/tendermint/releases) instead.

-Tendermint is being used in production in both private and public environments,
-most notably the blockchains of the [Cosmos Network](https://cosmos.network/).
-However, we are still making breaking changes to the protocol and the APIs and have not yet released v1.0.
-See below for more details about [versioning](#versioning).
+Tendermint has been in the production of private and public environments, most
+notably the blockchains of the Cosmos Network. we haven't released v1.0 yet
+since we are making breaking changes to the protocol and the APIs. See below for
+more details about [versioning](#versioning).

-In any case, if you intend to run Tendermint in production,
-please [contact us](mailto:partners@tendermint.com) and [join the chat](https://riot.im/app/#/room/#tendermint:matrix.org).
+In any case, if you intend to run Tendermint in production, we're happy to help.
+You can contact us [over email](mailto:hello@interchain.io) or [join the
+chat](https://discord.gg/cosmosnetwork).
+
+More on how releases are conducted can be found [here](./RELEASES.md).

 ## Security

 To report a security vulnerability, see our [bug bounty
-program](https://hackerone.com/tendermint)
+program](https://hackerone.com/cosmos). For examples of the kinds of bugs we're
+looking for, see [our security policy](SECURITY.md).

-For examples of the kinds of bugs we're looking for, see [SECURITY.md](SECURITY.md)
+We also maintain a dedicated mailing list for security updates. We will only
+ever use this mailing list to notify you of vulnerabilities and fixes in
+Tendermint Core. You can subscribe [here](http://eepurl.com/gZ5hQD).

 ## Minimum requirements

-| Requirement | Notes            |
-| ----------- | ---------------- |
-| Go version  | Go1.13 or higher |
-
-## Documentation
-
-Complete documentation can be found on the [website](https://docs.tendermint.com/master/).
+| Requirement | Notes             |
+|-------------|-------------------|
+| Go version  | Go 1.18 or higher |

 ### Install

-See the [install instructions](/docs/introduction/install.md)
+See the [install instructions](./docs/introduction/install.md).

 ### Quick Start

- [Single node](/docs/introduction/quick-start.md)
- [Local cluster using docker-compose](/docs/networks/docker-compose.md)
- [Remote cluster using terraform and ansible](/docs/networks/terraform-and-ansible.md)
- [Join the Cosmos testnet](https://cosmos.network/testnet)
+- [Single node](./docs/introduction/quick-start.md)
+- [Local cluster using docker-compose](./docs/networks/docker-compose.md)
+- [Remote cluster using Terraform and Ansible](./docs/networks/terraform-and-ansible.md)

 ## Contributing

-Please abide by the [Code of Conduct](CODE_OF_CONDUCT.md) in all interactions,
-and the [contributing guidelines](CONTRIBUTING.md) when submitting code.
+Please abide by the [Code of Conduct](CODE_OF_CONDUCT.md) in all interactions.

-Join the larger community on the [forum](https://forum.cosmos.network/) and the [chat](https://riot.im/app/#/room/#tendermint:matrix.org).
-
-To learn more about the structure of the software, watch the [Developer
-Sessions](/docs/DEV_SESSIONS.md) and read some [Architectural Decision
-Records](https://github.com/tendermint/tendermint/tree/master/docs/architecture).
-
-Learn more by reading the code and comparing it to the
-[specification](https://github.com/tendermint/spec).
+Before contributing to the project, please take a look at the [contributing
+guidelines](CONTRIBUTING.md) and the [style guide](STYLE_GUIDE.md). You may also
+find it helpful to read the [specifications](./spec/README.md), and familiarize
+yourself with our [Architectural Decision Records
+(ADRs)](./docs/architecture/README.md) and
+[Request For Comments (RFCs)](./docs/rfc/README.md).

 ## Versioning

 ### Semantic Versioning

-Tendermint uses [Semantic Versioning](http://semver.org/) to determine when and how the version changes.
-According to SemVer, anything in the public API can change at any time before version 1.0.0
+Tendermint uses [Semantic Versioning](http://semver.org/) to determine when and
+how the version changes. According to SemVer, anything in the public API can
+change at any time before version 1.0.0

-To provide some stability to Tendermint users in these 0.X.X days, the MINOR version is used
-to signal breaking changes across a subset of the total public API. This subset includes all
-interfaces exposed to other processes (cli, rpc, p2p, etc.), but does not
-include the in-process Go APIs.
+To provide some stability to users of 0.X.X versions of Tendermint, the MINOR
+version is used to signal breaking changes across Tendermint's API. This API
+includes all publicly exposed types, functions, and methods in non-internal Go
+packages as well as the types and methods accessible via the Tendermint RPC
+interface.

-That said, breaking changes in the following packages will be documented in the
-CHANGELOG even if they don't lead to MINOR version bumps:
-
- crypto
- types
- rpc/client
- config
- node
- libs
-  - bech32
-  - common
-  - db
-  - errors
-  - log
-
-Exported objects in these packages that are not covered by the versioning scheme
-are explicitly marked by `// UNSTABLE` in their go doc comment and may change at any
-time without notice. Functions, types, and values in any other package may also change at any time.
+Breaking changes to these public APIs will be documented in the CHANGELOG.

 ### Upgrades

-In an effort to avoid accumulating technical debt prior to 1.0.0,
-we do not guarantee that breaking changes (ie. bumps in the MINOR version)
-will work with existing tendermint blockchains. In these cases you will
-have to start a new blockchain, or write something custom to get the old
-data into the new chain.
+In an effort to avoid accumulating technical debt prior to 1.0.0, we do not
+guarantee that breaking changes (ie. bumps in the MINOR version) will work with
+existing Tendermint blockchains. In these cases you will have to start a new
+blockchain, or write something custom to get the old data into the new chain.
+However, any bump in the PATCH version should be compatible with existing
+blockchain histories.

-However, any bump in the PATCH version should be compatible with existing histories
-(if not please open an [issue](https://github.com/tendermint/tendermint/issues)).
+For more information on upgrading, see [UPGRADING.md](./UPGRADING.md).

-For more information on upgrading, see [UPGRADING.md](./UPGRADING.md)
+### Supported Versions
+
+Because we are a small core team, we only ship patch updates, including security
+updates, to the most recent minor release and the second-most recent minor
+release. Consequently, we strongly recommend keeping Tendermint up-to-date.
+Upgrading instructions can be found in [UPGRADING.md](./UPGRADING.md).

 ## Resources

-### Tendermint Core
+### Libraries

-For details about the blockchain data structures and the p2p protocols, see the
-[Tendermint specification](https://docs.tendermint.com/master/spec/).
-
-For details on using the software, see the [documentation](/docs/) which is also
-hosted at: https://docs.tendermint.com/master/
-
-### Tools
-
-Benchmarking is provided by `tm-load-test`.
-The code for `tm-load-test` can be found [here](https://github.com/interchainio/tm-load-test) this binary needs to be built separately.
-Additional documentation is found [here](/docs/tools).
-
-### Sub-projects
-
- [Amino](http://github.com/tendermint/go-amino), reflection-based proto3, with
-  interfaces
- [IAVL](http://github.com/tendermint/iavl), Merkleized IAVL+ Tree implementation
- [Tm-db](http://github.com/tendermint/tm-db), Data Base abstractions to be used in applications.
+- [Cosmos SDK](http://github.com/cosmos/cosmos-sdk); A framework for building
+  applications in Golang
+- [Tendermint in Rust](https://github.com/informalsystems/tendermint-rs)
+- [ABCI Tower](https://github.com/penumbra-zone/tower-abci)

 ### Applications

- [Cosmos SDK](http://github.com/cosmos/cosmos-sdk); a cryptocurrency application framework
- [Ethermint](http://github.com/cosmos/ethermint); Ethereum on Tendermint
- [Many more](https://tendermint.com/ecosystem)
+- [Cosmos Hub](https://hub.cosmos.network/)
+- [Terra](https://www.terra.money/)
+- [Celestia](https://celestia.org/)
+- [Anoma](https://anoma.network/)
+- [Vocdoni](https://docs.vocdoni.io/)

 ### Research

 - [The latest gossip on BFT consensus](https://arxiv.org/abs/1807.04938)
 - [Master's Thesis on Tendermint](https://atrium.lib.uoguelph.ca/xmlui/handle/10214/9769)
 - [Original Whitepaper: "Tendermint: Consensus Without Mining"](https://tendermint.com/static/docs/tendermint.pdf)
- [Blog](https://blog.cosmos.network/tendermint/home)
+- [Tendermint Core Blog](https://medium.com/tendermint/tagged/tendermint-core)
+- [Cosmos Blog](https://blog.cosmos.network/tendermint/home)
+
+## Join us!
+
+Tendermint Core is maintained by [Interchain GmbH](https://interchain.io).
+If you'd like to work full-time on Tendermint Core,
+[we're hiring](https://interchain-gmbh.breezy.hr/)!
+
+Funding for Tendermint Core development comes primarily from the
+[Interchain Foundation](https://interchain.io), a Swiss non-profit. The
+Tendermint trademark is owned by [Tendermint Inc.](https://tendermint.com), the
+for-profit entity that also maintains [tendermint.com](https://tendermint.com).
+
+[bft]: https://en.wikipedia.org/wiki/Byzantine_fault_tolerance
+[smr]: https://en.wikipedia.org/wiki/State_machine_replication
+[Blockchain]: https://en.wikipedia.org/wiki/Blockchain
+[version-badge]: https://img.shields.io/github/v/release/tendermint/tendermint.svg
+[version-url]: https://github.com/tendermint/tendermint/releases/latest
+[api-badge]: https://camo.githubusercontent.com/915b7be44ada53c290eb157634330494ebe3e30a/68747470733a2f2f676f646f632e6f72672f6769746875622e636f6d2f676f6c616e672f6764646f3f7374617475732e737667
+[api-url]: https://pkg.go.dev/github.com/tendermint/tendermint
+[go-badge]: https://img.shields.io/badge/go-1.18-blue.svg
+[go-url]: https://github.com/moovweb/gvm
+[discord-badge]: https://img.shields.io/discord/669268347736686612.svg
+[discord-url]: https://discord.gg/cosmosnetwork
+[license-badge]: https://img.shields.io/github/license/tendermint/tendermint.svg
+[license-url]: https://github.com/tendermint/tendermint/blob/main/LICENSE
+[sg-badge]: https://sourcegraph.com/github.com/tendermint/tendermint/-/badge.svg
+[sg-url]: https://sourcegraph.com/github.com/tendermint/tendermint?badge
+[tests-url]: https://github.com/tendermint/tendermint/actions/workflows/tests.yml
+[tests-badge]: https://github.com/tendermint/tendermint/actions/workflows/tests.yml/badge.svg?branch=main
+[lint-badge]: https://github.com/tendermint/tendermint/actions/workflows/lint.yml/badge.svg
+[lint-url]: https://github.com/tendermint/tendermint/actions/workflows/lint.yml
--- a/RELEASES.md
+++ b/RELEASES.md
@@ -0,0 +1,371 @@
+# Releases
+
+Tendermint uses modified [semantic versioning](https://semver.org/) with each
+release following a `vX.Y.Z` format. Tendermint is currently on major version 0
+and uses the minor version to signal breaking changes. The `main` branch is
+used for active development and thus it is not advisable to build against it.
+
+The latest changes are always initially merged into `main`. Releases are
+specified using tags and are built from long-lived "backport" branches that are
+cut from `main` when the release process begins. Each release "line" (e.g.
+0.34 or 0.33) has its own long-lived backport branch, and the backport branches
+have names like `v0.34.x` or `v0.33.x` (literally, `x`; it is not a placeholder
+in this case). Tendermint only maintains the last two releases at a time (the
+oldest release is predominantly just security patches).
+
+## Backporting
+
+As non-breaking changes land on `main`, they should also be backported to
+these backport branches.
+
+We use Mergify's [backport feature](https://mergify.io/features/backports) to
+automatically backport to the needed branch. There should be a label for any
+backport branch that you'll be targeting. To notify the bot to backport a pull
+request, mark the pull request with the label corresponding to the correct
+backport branch. For example, to backport to v0.38.x, add the label
+`S:backport-to-v0.38.x`. Once the original pull request is merged, the bot will
+try to cherry-pick the pull request to the backport branch. If the bot fails to
+backport, it will open a pull request. The author of the original pull request
+is responsible for solving the conflicts and merging the pull request.
+
+### Creating a backport branch
+
+If this is the first release candidate for a minor version release, e.g.
+v0.25.0, you get to have the honor of creating the backport branch!
+
+Note that, after creating the backport branch, you'll also need to update the
+tags on `main` so that `go mod` is able to order the branches correctly. You
+should tag `main` with a "dev" tag that is "greater than" the backport
+branches tags. See [#6072](https://github.com/tendermint/tendermint/pull/6072)
+for more context.
+
+In the following example, we'll assume that we're making a backport branch for
+the 0.38.x line.
+
+1. Start on `main`
+
+2. Ensure that there is a [branch protection
+   rule](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) for the
+   branch you are about to create (you will need admin access to the repository
+   in order to do this).
+
+3. Create and push the backport branch:
+   ```sh
+   git checkout -b v0.38.x
+   git push origin v0.38.x
+   ```
+
+4. Create a PR to update the documentation directory for the backport branch.
+
+   We rewrite any URLs pointing to `main` to point to the backport branch,
+   so that generated documentation will link to the correct versions of files
+   elsewhere in the repository. The following files are to be excluded from this
+   search:
+
+   * [`README.md`](./README.md)
+   * [`CHANGELOG.md`](./CHANGELOG.md)
+   * [`UPGRADING.md`](./UPGRADING.md)
+
+   The following links are to always point to `main`, regardless of where they
+   occur in the codebase:
+
+   * `https://github.com/tendermint/tendermint/blob/main/LICENSE`
+
+   Be sure to search for all of the following links and replace `main` with your
+   corresponding branch label or version (e.g. `v0.38.x` or `v0.38`):
+
+   * `github.com/tendermint/tendermint/blob/main` ->
+     `github.com/tendermint/tendermint/blob/v0.38.x`
+   * `github.com/tendermint/tendermint/tree/main` ->
+     `github.com/tendermint/tendermint/tree/v0.38.x`
+   * `docs.tendermint.com/main` -> `docs.tendermint.com/v0.38`
+
+   Once you have updated all of the relevant documentation:
+   ```sh
+   # Create and push the PR.
+   git checkout -b update-docs-v038x
+   git commit -m "Update docs for v0.38.x backport branch."
+   git push -u origin update-docs-v038x
+   ```
+
+   Be sure to merge this PR before making other changes on the newly-created
+   backport branch.
+
+After doing these steps, go back to `main` and do the following:
+
+1. Create a new workflow to run e2e nightlies for the new backport branch. (See
+   [e2e-nightly-main.yml][e2e] for an example.)
+
+2. Add a new section to the Mergify config (`.github/mergify.yml`) to enable the
+   backport bot to work on this branch, and add a corresponding `S:backport-to-v0.38.x`
+   [label](https://github.com/tendermint/tendermint/labels) so the bot can be triggered.
+
+3. Add a new section to the Dependabot config (`.github/dependabot.yml`) to
+   enable automatic update of Go dependencies on this branch. Copy and edit one
+   of the existing branch configurations to set the correct `target-branch`.
+
+[e2e]: https://github.com/tendermint/tendermint/blob/main/.github/workflows/e2e-nightly-main.yml
+
+## Pre-releases
+
+Before creating an official release, especially a minor release, we may want to
+create an alpha or beta version, or release candidate (RC) for our friends and
+partners to test out. We use git tags to create pre-releases, and we build them
+off of backport branches, for example:
+
+- `v0.38.0-alpha.1` - The first alpha release of `v0.38.0`. Subsequent alpha
+  releases will be numbered `v0.38.0-alpha.2`, `v0.38.0-alpha.3`, etc.
+
+  Alpha releases are to be considered the _most_ unstable of pre-releases, and
+  are most likely not yet properly QA'd. These are made available to allow early
+  adopters to start integrating and testing new functionality before we're done
+  with QA.
+
+- `v0.38.0-beta.1` - The first beta release of `v0.38.0`. Subsequent beta
+  releases will be numbered `v0.38.0-beta.2`, `v0.38.0-beta.3`, etc.
+
+  Beta releases can be considered more stable than alpha releases in that we
+  will have QA'd them better than alpha releases, but there still may be
+  minor breaking API changes if users have strong demands for such changes.
+
+- `v0.38.0-rc1` - The first release candidate (RC) of `v0.38.0`. Subsequent RCs
+  will be numbered `v0.38.0-rc2`, `v0.38.0-rc3`, etc.
+
+  RCs are considered more stable than beta releases in that we will have
+  completed our QA on them. APIs will most likely be stable at this point. The
+  difference between an RC and a release is that there may still be small
+  changes (bug fixes, features) that may make their way into the series before
+  cutting a final release.
+
+(Note that branches and tags _cannot_ have the same names, so it's important
+that these branches have distinct names from the tags/release names.)
+
+If this is the first pre-release for a minor release, you'll have to make a new
+backport branch (see above). Otherwise:
+
+1. Start from the backport branch (e.g. `v0.38.x`).
+2. Run the integration tests and the E2E nightlies
+   (which can be triggered from the GitHub UI;
+   e.g., https://github.com/tendermint/tendermint/actions/workflows/e2e-nightly-37x.yml).
+3. Prepare the pre-release documentation:
+   - Ensure that all relevant changes are in the `CHANGELOG_PENDING.md` file.
+     This file's contents must only be included in the `CHANGELOG.md` when we
+     cut final releases.
+   - Ensure that `UPGRADING.md` is up-to-date and includes notes on any breaking changes
+      or other upgrading flows.
+4. Prepare the versioning:
+   - Bump TMVersionDefault version in  `version.go`
+   - Bump P2P and block protocol versions in  `version.go`, if necessary.
+     Check the changelog for breaking changes in these components.
+   - Bump ABCI protocol version in `version.go`, if necessary
+5. Open a PR with these changes against the backport branch.
+6. Once these changes have landed on the backport branch, be sure to pull them back down locally.
+7. Once you have the changes locally, create the new tag, specifying a name and a tag "message":
+   `git tag -a v0.38.0-rc1 -m "Release Candidate v0.38.0-rc1`
+8. Push the tag back up to origin:
+   `git push origin v0.38.0-rc1`
+   Now the tag should be available on the repo's releases page.
+9. Future pre-releases will continue to be built off of this branch.
+
+## Minor release
+
+This minor release process assumes that this release was preceded by release
+candidates. If there were no release candidates, begin by creating a backport
+branch, as described above.
+
+Before performing these steps, be sure the
+[Minor Release Checklist](#minor-release-checklist) has been completed.
+
+1. Start on the backport branch (e.g. `v0.38.x`)
+2. Run integration tests (`make test_integrations`) and the e2e nightlies.
+3. Prepare the release:
+   - "Squash" changes from the changelog entries for the pre-releases into a
+     single entry, and add all changes included in `CHANGELOG_PENDING.md`.
+     (Squashing includes both combining all entries, as well as removing or
+     simplifying any intra-pre-release changes. It may also help to alphabetize
+     the entries by package name.)
+   - Run `python ./scripts/linkify_changelog.py CHANGELOG.md` to add links for
+     all PRs
+   - Ensure that `UPGRADING.md` is up-to-date and includes notes on any breaking changes
+      or other upgrading flows.
+   - Bump TMVersionDefault version in  `version.go`
+   - Bump P2P and block protocol versions in  `version.go`, if necessary
+   - Bump ABCI protocol version in `version.go`, if necessary
+4. Open a PR with these changes against the backport branch.
+5. Once these changes are on the backport branch, push a tag with prepared release details.
+   This will trigger the actual release `v0.38.0`.
+   - `git tag -a v0.38.0 -m 'Release v0.38.0'`
+   - `git push origin v0.38.0`
+6. Make sure that `main` is updated with the latest `CHANGELOG.md`, `CHANGELOG_PENDING.md`, and `UPGRADING.md`.
+7. Add the release to the documentation site generator config (see
+   [DOCS\_README.md](./docs/DOCS_README.md) for more details). In summary:
+   - Start on branch `main`.
+   - Add a new line at the bottom of [`docs/versions`](./docs/versions) to
+     ensure the newest release is the default for the landing page.
+   - Add a new entry to `themeConfig.versions` in
+     [`docs/.vuepress/config.js`](./docs/.vuepress/config.js) to include the
+	 release in the dropdown versions menu.
+   - Commit these changes to `main` and backport them into the backport
+     branch for this release.
+
+## Patch release
+
+Patch releases are done differently from minor releases: They are built off of
+long-lived backport branches, rather than from main.  As non-breaking changes
+land on `main`, they should also be backported into these backport branches.
+
+Patch releases don't have release candidates by default, although any tricky
+changes may merit a release candidate.
+
+To create a patch release:
+
+1. Checkout the long-lived backport branch: `git checkout v0.38.x`
+2. Run integration tests (`make test_integrations`) and the nightlies.
+3. Check out a new branch and prepare the release:
+   - Copy `CHANGELOG_PENDING.md` to top of `CHANGELOG.md`
+   - Run `python ./scripts/linkify_changelog.py CHANGELOG.md` to add links for all issues
+   - Run `bash ./scripts/authors.sh` to get a list of authors since the latest release, and add the GitHub aliases of external contributors to the top of the CHANGELOG. To lookup an alias from an email, try `bash ./scripts/authors.sh <email>`
+   - Reset the `CHANGELOG_PENDING.md`
+   - Bump the TMDefaultVersion in `version.go`
+   - Bump the ABCI version number, if necessary.
+     (Note that ABCI follows semver, and that ABCI versions are the only versions
+     which can change during patch releases, and only field additions are valid patch changes.)
+4. Open a PR with these changes that will land them back on `v0.38.x`
+5. Once this change has landed on the backport branch, make sure to pull it locally, then push a tag.
+   - `git tag -a v0.38.1 -m 'Release v0.38.1'`
+   - `git push origin v0.38.1`
+6. Create a pull request back to main with the CHANGELOG & version changes from the latest release.
+   - Remove all `R:patch` labels from the pull requests that were included in the release.
+   - Do not merge the backport branch into main.
+
+## Minor Release Checklist
+
+The following set of steps are performed on all releases that increment the
+_minor_ version, e.g. v0.25 to v0.26. These steps ensure that Tendermint is well
+tested, stable, and suitable for adoption by the various diverse projects that
+rely on Tendermint.
+
+### Feature Freeze
+
+Ahead of any minor version release of Tendermint, the software enters 'Feature
+Freeze' for at least two weeks. A feature freeze means that _no_ new features
+are added to the code being prepared for release. No code changes should be made
+to the code being released that do not directly improve pressing issues of code
+quality. The following must not be merged during a feature freeze:
+
+* Refactors that are not related to specific bug fixes.
+* Dependency upgrades.
+* New test code that does not test a discovered regression.
+* New features of any kind.
+* Documentation or spec improvements that are not related to the newly developed
+  code.
+
+This period directly follows the creation of the [backport
+branch](#creating-a-backport-branch). The Tendermint team instead directs all
+attention to ensuring that the existing code is stable and reliable. Broken
+tests are fixed, flakey-tests are remedied, end-to-end test failures are
+thoroughly diagnosed and all efforts of the team are aimed at improving the
+quality of the code. During this period, the upgrade harness tests are run
+repeatedly and a variety of in-house testnets are run to ensure Tendermint
+functions at the scale it will be used by application developers and node
+operators.
+
+### Nightly End-To-End Tests
+
+The Tendermint team maintains [a set of end-to-end
+tests](https://github.com/tendermint/tendermint/blob/main/test/e2e/README.md#L1)
+that run each night on the latest commit of the project and on the code in the
+tip of each supported backport branch. These tests start a network of
+containerized Tendermint processes and run automated checks that the network
+functions as expected in both stable and unstable conditions. During the feature
+freeze, these tests are run nightly and must pass consistently for a release of
+Tendermint to be considered stable.
+
+### Upgrade Harness
+
+> TODO(williambanfield): Change to past tense and clarify this section once
+> upgrade harness is complete.
+
+The Tendermint team is creating an upgrade test harness to exercise the workflow
+of stopping an instance of Tendermint running one version of the software and
+starting up the same application running the next version. To support upgrade
+testing, we will add the ability to terminate the Tendermint process at specific
+pre-defined points in its execution so that we can verify upgrades work in a
+representative sample of stop conditions.
+
+### Large Scale Testnets
+
+The Tendermint end-to-end tests run a small network (~10s of nodes) to exercise
+basic consensus interactions. Real world deployments of Tendermint often have
+over a hundred nodes just in the validator set, with many others acting as full
+nodes and sentry nodes. To gain more assurance before a release, we will also
+run larger-scale test networks to shake out emergent behaviors at scale.
+
+Large-scale test networks are run on a set of virtual machines (VMs). Each VM is
+equipped with 4 Gigabytes of RAM and 2 CPU cores. The network runs a very simple
+key-value store application. The application adds artificial delays to different
+ABCI calls to simulate a slow application. Each testnet is briefly run with no
+load being generated to collect a baseline performance. Once baseline is
+captured, a consistent load is applied across the network. This load takes the
+form of 10% of the running nodes all receiving a consistent stream of two
+hundred transactions per minute each.
+
+During each test net, the following metrics are monitored and collected on each
+node:
+
+* Consensus rounds per height
+* Maximum connected peers, Minimum connected peers, Rate of change of peer connections
+* Memory resident set size
+* CPU utilization
+* Blocks produced per minute
+* Seconds for each step of consensus (Propose, Prevote, Precommit, Commit)
+* Latency to receive block proposals
+
+For these tests we intentionally target low-powered host machines (with low core
+counts and limited memory) to ensure we observe similar kinds of resource contention
+and limitation that real-world  deployments of Tendermint experience in production.
+
+#### 200 Node Testnet
+
+To test the stability and performance of Tendermint in a real world scenario,
+a 200 node test network is run. The network comprises 5 seed nodes, 100
+validators and 95 non-validating full nodes. All nodes begin by dialing
+a subset of the seed nodes to discover peers. The network is run for several
+days, with metrics being collected continuously. In cases of changes to performance
+critical systems, testnets of larger sizes should be considered.
+
+#### Rotating Node Testnet
+
+Real-world deployments of Tendermint frequently see new nodes arrive and old
+nodes exit the network. The rotating node testnet ensures that Tendermint is
+able to handle this reliably. In this test, a network with 10 validators and
+3 seed nodes is started. A rolling set of 25 full nodes are started and each
+connects to the network by dialing one of the seed nodes. Once the node is able
+to blocksync to the head of the chain and begins producing blocks using
+Tendermint consensus it is stopped. Once stopped, a new node is started and
+takes its place. This network is run for several days.
+
+#### Network Partition Testnet
+
+Tendermint is expected to recover from network partitions. A partition where no
+subset of the nodes is left with the super-majority of the stake is expected to
+stop making blocks. Upon alleviation of the partition, the network is expected
+to once again become fully connected and capable of producing blocks. The
+network partition testnet ensures that Tendermint is able to handle this
+reliably at scale. In this test, a network with 100 validators and 95 full
+nodes is started. All validators have equal stake. Once the network is
+producing blocks, a set of firewall rules is deployed to create a partitioned
+network with 50% of the stake on one side and 50% on the other. Once the
+network stops producing blocks, the firewall rules are removed and the nodes
+are monitored to ensure they reconnect and that the network again begins
+producing blocks.
+
+#### Absent Stake Testnet
+
+Tendermint networks often run with _some_ portion of the voting power offline.
+The absent stake testnet ensures that large networks are able to handle this
+reliably. A set of 150 validator nodes and three seed nodes is started. The set
+of 150 validators is configured to only possess a cumulative stake of 67% of
+the total stake. The remaining 33% of the stake is configured to belong to
+a validator that is never actually run in the test network. The network is run
+for multiple days, ensuring that it is able to produce blocks without issue.
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,72 +1,209 @@
 # Security

-As part of our [Coordinated Vulnerability Disclosure
-Policy](https://tendermint.com/security), we operate a [bug
-bounty](https://hackerone.com/tendermint).
-See the policy for more details on submissions and rewards.
+## Reporting a Bug

-Here is a list of examples of the kinds of bugs we're most interested in:
+As part of our [Coordinated Vulnerability Disclosure Policy](https://tendermint.com/security),
+we operate a [bug bounty][hackerone]. See the policy for more
+details on submissions and rewards, and see "Example Vulnerabilities" (below)
+for examples of the kinds of bugs we're most interested in.

-## Specification
+### Guidelines

- Conceptual flaws
- Ambiguities, inconsistencies, or incorrect statements
- Mis-match between specification and implementation of any component
+We require that all researchers:

-## Consensus
+* Use the bug bounty to disclose all vulnerabilities, and avoid posting
+  vulnerability information in public places, including Github Issues, Discord
+  channels, and Telegram groups
+* Make every effort to avoid privacy violations, degradation of user experience,
+  disruption to production systems (including but not limited to the Cosmos
+  Hub), and destruction of data
+* Keep any information about vulnerabilities that you’ve discovered confidential
+  between yourself and the Tendermint Core engineering team until the issue has
+  been resolved and disclosed
+* Avoid posting personally identifiable information, privately or publicly
+
+If you follow these guidelines when reporting an issue to us, we commit to:
+
+* Not pursue or support any legal action related to your research on this
+  vulnerability
+* Work with you to understand, resolve and ultimately disclose the issue in a
+  timely fashion
+
+## Disclosure Process
+
+Tendermint Core uses the following disclosure process:
+
+1. Once a security report is received, the Tendermint Core team works to verify
+   the issue and confirm its severity level using CVSS.
+2. The Tendermint Core team collaborates with the Gaia team to determine the
+   vulnerability’s potential impact on the Cosmos Hub.
+3. Patches are prepared for eligible releases of Tendermint in private
+   repositories. See “Supported Releases” below for more information on which
+   releases are considered eligible.
+4. If it is determined that a CVE-ID is required, we request a CVE through a CVE
+   Numbering Authority.
+5. We notify the community that a security release is coming, to give users time
+   to prepare their systems for the update. Notifications can include forum
+   posts, tweets, and emails to partners and validators, including emails sent
+   to the [Tendermint Security Mailing List][tmsec-mailing].
+6. 24 hours following this notification, the fixes are applied publicly and new
+   releases are issued.
+7. Cosmos SDK and Gaia update their Tendermint Core dependencies to use these
+   releases, and then themselves issue new releases.
+8. Once releases are available for Tendermint Core, Cosmos SDK and Gaia, we
+   notify the community, again, through the same channels as above. We also
+   publish a Security Advisory on Github and publish the CVE, as long as neither
+   the Security Advisory nor the CVE include any information on how to exploit
+   these vulnerabilities beyond what information is already available in the
+   patch itself.
+9. Once the community is notified, we will pay out any relevant bug bounties to
+   submitters.
+10. One week after the releases go out, we will publish a post with further
+    details on the vulnerability as well as our response to it.
+
+This process can take some time. Every effort will be made to handle the bug in
+as timely a manner as possible, however it's important that we follow the
+process described above to ensure that disclosures are handled consistently and
+to keep Tendermint Core and its downstream dependent projects--including but not
+limited to Gaia and the Cosmos Hub--as secure as possible.
+
+### Example Timeline
+
+The following is an example timeline for the triage and response. The required
+roles and team members are described in parentheses after each task; however,
+multiple people can play each role and each person may play multiple roles.
+
+#### 24+ Hours Before Release Time
+
+1. Request CVE number (ADMIN)
+2. Gather emails and other contact info for validators (COMMS LEAD)
+3. Create patches in a private security repo, and ensure that PRs are open
+   targeting all relevant release branches (TENDERMINT ENG, TENDERMINT LEAD)
+4. Test fixes on a testnet  (TENDERMINT ENG, COSMOS SDK ENG)
+5. Write “Security Advisory” for forum (TENDERMINT LEAD)
+
+#### 24 Hours Before Release Time
+
+1. Post “Security Advisory” pre-notification on forum (TENDERMINT LEAD)
+2. Post Tweet linking to forum post (COMMS LEAD)
+3. Announce security advisory/link to post in various other social channels
+   (Telegram, Discord) (COMMS LEAD)
+4. Send emails to validators or other users (PARTNERSHIPS LEAD)
+
+#### Release Time
+
+1. Cut Tendermint releases for eligible versions (TENDERMINT ENG, TENDERMINT
+   LEAD)
+2. Cut Cosmos SDK release for eligible versions (COSMOS ENG)
+3. Cut Gaia release for eligible versions (GAIA ENG)
+4. Post “Security releases” on forum (TENDERMINT LEAD)
+5. Post new Tweet linking to forum post (COMMS LEAD)
+6. Remind everyone via social channels (Telegram, Discord)  that the release is
+   out (COMMS LEAD)
+7. Send emails to validators or other users (COMMS LEAD)
+8. Publish Security Advisory and CVE, if CVE has no sensitive information
+   (ADMIN)
+
+#### After Release Time
+
+1. Write forum post with exploit details (TENDERMINT LEAD)
+2. Approve pay-out on HackerOne for submitter (ADMIN)
+
+#### 7 Days After Release Time
+
+1. Publish CVE if it has not yet been published (ADMIN)
+2. Publish forum post with exploit details (TENDERMINT ENG, TENDERMINT LEAD)
+
+## Supported Releases
+
+The Tendermint Core team commits to releasing security patch releases for both
+the latest minor release as well for the major/minor release that the Cosmos Hub
+is running.
+
+If you are running older versions of Tendermint Core, we encourage you to
+upgrade at your earliest opportunity so that you can receive security patches
+directly from the Tendermint repo. While you are welcome to backport security
+patches to older versions for your own use, we will not publish or promote these
+backports.
+
+## Scope
+
+The full scope of our bug bounty program is outlined on our
+[Hacker One program page][hackerone]. Please also note that, in the interest of
+the safety of our users and staff, a few things are explicitly excluded from
+scope:
+
+* Any third-party services
+* Findings from physical testing, such as office access
+* Findings derived from social engineering (e.g., phishing)
+
+## Example Vulnerabilities
+
+The following is a list of examples of the kinds of vulnerabilities that we’re
+most interested in. It is not exhaustive: there are other kinds of issues we may
+also be interested in!
+
+### Specification
+
+* Conceptual flaws
+* Ambiguities, inconsistencies, or incorrect statements
+* Mis-match between specification and implementation of any component
+
+### Consensus

 Assuming less than 1/3 of the voting power is Byzantine (malicious):

- Validation of blockchain data structures, including blocks, block parts,
+* Validation of blockchain data structures, including blocks, block parts,
  votes, and so on
- Execution of blocks
- Validator set changes
- Proposer round robin
- Two nodes committing conflicting blocks for the same height (safety failure)
- A correct node signing conflicting votes
- A node halting (liveness failure)
- Syncing new and old nodes
+* Execution of blocks
+* Validator set changes
+* Proposer round robin
+* Two nodes committing conflicting blocks for the same height (safety failure)
+* A correct node signing conflicting votes
+* A node halting (liveness failure)
+* Syncing new and old nodes

-## Networking
+Assuming more than 1/3 the voting power is Byzantine:

- Authenticated encryption (MITM, information leakage)
- Eclipse attacks
- Sybil attacks
- Long-range attacks
- Denial-of-Service
+* Attacks that go unpunished (unhandled evidence)

-## RPC
+### Networking

- Write-access to anything besides sending transactions
- Denial-of-Service
- Leakage of secrets
+* Authenticated encryption (MITM, information leakage)
+* Eclipse attacks
+* Sybil attacks
+* Long-range attacks
+* Denial-of-Service

-## Denial-of-Service
+### RPC

-Attacks may come through the P2P network or the RPC:
+* Write-access to anything besides sending transactions
+* Denial-of-Service
+* Leakage of secrets

- Amplification attacks
- Resource abuse
- Deadlocks and race conditions
- Panics and unhandled errors
+### Denial-of-Service

-## Libraries
+Attacks may come through the P2P network or the RPC layer:

- Serialization (Amino)
- Reading/Writing files and databases
- Logging and monitoring
+* Amplification attacks
+* Resource abuse
+* Deadlocks and race conditions

-## Cryptography
+### Libraries

- Elliptic curves for validator signatures
- Hash algorithms and Merkle trees for block validation
- Authenticated encryption for P2P connections
+* Serialization
+* Reading/Writing files and databases

-## Light Client
+### Cryptography

- Validation of blockchain data structures
- Correctly validating an incorrect proof
- Incorrectly validating a correct proof
- Syncing validator set changes
+* Elliptic curves for validator signatures
+* Hash algorithms and Merkle trees for block validation
+* Authenticated encryption for P2P connections

+### Light Client

+* Core verification
+* Bisection/sequential algorithms
+
+[hackerone]: https://hackerone.com/cosmos
+[tmsec-mailing]: https://berlin.us4.list-manage.com/subscribe?u=431b35421ff7edcc77df5df10&id=3fe93307bc
--- a/STYLE_GUIDE.md
+++ b/STYLE_GUIDE.md
@@ -0,0 +1,162 @@
+# Go Coding Style Guide
+
+In order to keep our code looking good with lots of programmers working on it, it helps to have a "style guide", so all
+the code generally looks quite similar. This doesn't mean there is only one "right way" to write code, or even that this
+standard is better than your style.  But if we agree to a number of stylistic practices, it makes it much easier to read
+and modify new code. Please feel free to make suggestions if there's something you would like to add or modify.
+
+We expect all contributors to be familiar with [Effective Go](https://golang.org/doc/effective_go.html)
+(and it's recommended reading for all Go programmers anyways). Additionally, we generally agree with the suggestions
+ in [Uber's style guide](https://github.com/uber-go/guide/blob/master/style.md) and use that as a starting point.
+
+
+## Code Structure
+
+Perhaps more key for code readability than good commenting is having the right structure. As a rule of thumb, try to write
+in a logical order of importance, taking a little time to think how to order and divide the code such that someone could
+scroll down and understand the functionality of it just as well as you do. A loose example of such order would be:
+
+* Constants, global and package-level variables
+* Main Struct
+* Options (only if they are seen as critical to the struct else they should be placed in another file)
+* Initialization / Start and stop of the service
+* Msgs/Events
+* Public Functions (In order of most important)
+* Private/helper functions
+* Auxiliary structs and function (can also be above private functions or in a separate file)
+
+## General
+
+* Use `gofmt` (or `goimport`) to format all code upon saving it.  (If you use VIM, check out vim-go).
+* Use a linter (see below) and generally try to keep the linter happy (where it makes sense).
+* Think about documentation, and try to leave godoc comments, when it will help new developers.
+* Every package should have a high level doc.go file to describe the purpose of that package, its main functions, and any other relevant information.
+* `TODO` should not be used. If important enough should be recorded as an issue.
+* `BUG` / `FIXME` should be used sparingly to guide future developers on some of the vulnerabilities of the code.
+* `XXX` can be used in work-in-progress (prefixed with "WIP:" on github) branches but they must be removed before approving a PR.
+* Applications (e.g. clis/servers) *should* panic on unexpected unrecoverable errors and print a stack trace.
+
+## Comments
+
+* Use a space after comment deliminter (ex. `// your comment`).
+* Many comments are not sentences. These should begin with a lower case letter and end without a period.
+* Conversely, sentences in comments should be sentenced-cased and end with a period.
+
+## Linters
+
+These must be applied to all (Go) repos.
+
+* [shellcheck](https://github.com/koalaman/shellcheck)
+* [golangci-lint](https://github.com/golangci/golangci-lint) (covers all important linters)
+    * See the `.golangci.yml` file in each repo for linter configuration.
+
+## Various
+
+* Reserve "Save" and "Load" for long-running persistence operations. When parsing bytes, use "Encode" or "Decode".
+* Maintain consistency across the codebase.
+* Functions that return functions should have the suffix `Fn`
+* Names should not [stutter](https://blog.golang.org/package-names). For example, a struct generally shouldn’t have
+  a field named after itself; e.g., this shouldn't occur:
+
+``` golang
+type middleware struct {
+	middleware Middleware
+}
+```
+
+* In comments, use "iff" to mean, "if and only if".
+* Product names are capitalized, like "Tendermint", "Basecoin", "Protobuf", etc except in command lines: `tendermint --help`
+* Acronyms are all capitalized, like "RPC", "gRPC", "API".  "MyID", rather than "MyId".
+* Prefer errors.New() instead of fmt.Errorf() unless you're actually using the format feature with arguments.
+
+## Importing Libraries
+
+Sometimes it's necessary to rename libraries to avoid naming collisions or ambiguity.
+
+* Use [goimports](https://godoc.org/golang.org/x/tools/cmd/goimports)
+* Separate imports into blocks - one for the standard lib, one for external libs and one for application libs.
+* Here are some common library labels for consistency:
+    * dbm "github.com/tendermint/tm-db"
+    * tmcmd "github.com/tendermint/tendermint/cmd/tendermint/commands"
+    * tmcfg "github.com/tendermint/tendermint/config/tendermint"
+    * tmtypes "github.com/tendermint/tendermint/types"
+* Never use anonymous imports (the `.`), for example, `tmlibs/common` or anything else.
+* When importing a pkg from the `tendermint/libs` directory, prefix the pkg alias with tm.
+    * tmbits "github.com/tendermint/tendermint/libs/bits"
+* tip: Use the `_` library import to import a library for initialization effects (side effects)
+
+## Dependencies
+
+* Dependencies should be pinned by a release tag, or specific commit, to avoid breaking `go get` when external dependencies are updated.
+* Refer to the [contributing](CONTRIBUTING.md) document for more details
+
+## Testing
+
+* The first rule of testing is: we add tests to our code
+* The second rule of testing is: we add tests to our code
+* For Golang testing:
+    * Make use of table driven testing where possible and not-cumbersome
+        * [Inspiration](https://dave.cheney.net/2013/06/09/writing-table-driven-tests-in-go)
+    * Make use of [assert](https://godoc.org/github.com/stretchr/testify/assert) and [require](https://godoc.org/github.com/stretchr/testify/require)
+* When using mocks, it is recommended to use Testify [mock] (<https://pkg.go.dev/github.com/stretchr/testify/mock>
+ ) along with [Mockery](https://github.com/vektra/mockery) for autogeneration
+
+## Errors
+
+* Ensure that errors are concise, clear and traceable.
+* Use stdlib errors package.
+* For wrapping errors, use `fmt.Errorf()` with `%w`.
+* Panic is appropriate when an internal invariant of a system is broken, while all other cases (in particular,
+  incorrect or invalid usage) should return errors.
+
+## Config
+
+* Currently the TOML filetype is being used for config files
+* A good practice is to store per-user config files under `~/.[yourAppName]/config.toml`
+
+## CLI
+
+* When implementing a CLI use [Cobra](https://github.com/spf13/cobra) and [Viper](https://github.com/spf13/viper).
+* Helper messages for commands and flags must be all lowercase.
+* Instead of using pointer flags (eg. `FlagSet().StringVar`) use Viper to retrieve flag values (eg. `viper.GetString`)
+    * The flag key used when setting and getting the flag should always be stored in a
+   variable taking the form `FlagXxx` or `flagXxx`.
+    * Flag short variable descriptions should always start with a lower case character as to remain consistent with
+   the description provided in the default `--help` flag.
+
+## Version
+
+* Every repo should have a version/version.go file that mimics the Tendermint Core repo
+* We read the value of the constant version in our build scripts and hence it has to be a string
+
+## Non-Go Code
+
+* All non-Go code (`*.proto`, `Makefile`, `*.sh`), where there is no common
+   agreement on style, should be formatted according to
+   [EditorConfig](http://editorconfig.org/) config:
+
+   ```toml
+   # top-most EditorConfig file
+   root = true
+
+   # Unix-style newlines with a newline ending every file
+   [*]
+   charset = utf-8
+   end_of_line = lf
+   insert_final_newline = true
+   trim_trailing_whitespace = true
+
+   [Makefile]
+   indent_style = tab
+
+   [*.sh]
+   indent_style = tab
+
+   [*.proto]
+   indent_style = space
+   indent_size = 2
+   ```
+
+   Make sure the file above (`.editorconfig`) are in the root directory of your
+   repo and you have a [plugin for your
+   editor](http://editorconfig.org/#download) installed.
--- a/UPGRADING.md
+++ b/UPGRADING.md
@@ -1,46 +1,350 @@
 # Upgrading Tendermint Core

-This guide provides steps to be followed when you upgrade your applications to
-a newer version of Tendermint Core.
+This guide provides instructions for upgrading to specific versions of
+Tendermint Core.

 ## Unreleased

-<Overview>
+### ABCI Changes
+
+* The `ABCIVersion` is now `1.0.0`.
+
+* Added new ABCI methods `PrepareProposal` and `ProcessProposal`. For details,
+  please see the [spec](spec/abci/README.md). Applications upgrading to
+  v0.37.0 must implement these methods, at the very minimum, as described
+  [here](./spec/abci/abci++_app_requirements.md)
+* Deduplicated `ConsensusParams` and `BlockParams`.
+  In the v0.34 branch they are defined both in `abci/types.proto` and `types/params.proto`.
+  The definitions in `abci/types.proto` have been removed.
+  In-process applications should make sure they are not using the deleted
+  version of those structures.
+* In v0.34, messages on the wire used to be length-delimited with `int64` varint
+  values, which was inconsistent with the `uint64` varint length delimiters used
+  in the P2P layer. Both now consistently use `uint64` varint length delimiters.
+* Added `AbciVersion` to `RequestInfo`.
+  Applications should check that Tendermint's ABCI version matches the one they expect
+  in order to ensure compatibility.
+* The `SetOption` method has been removed from the ABCI `Client` interface.
+  The corresponding Protobuf types have been deprecated.
+* The `key` and `value` fields in the `EventAttribute` type have been changed
+  from type `bytes` to `string`. As per the [Protocol Buffers updating
+  guidelines](https://developers.google.com/protocol-buffers/docs/proto3#updating),
+  this should have no effect on the wire-level encoding for UTF8-encoded
+  strings.
+
+## v0.34.20
+
+### Feature: Priority Mempool
+
+This release backports an implementation of the Priority Mempool from the v0.35
+branch. This implementation of the mempool permits the application to set a
+priority on each transaction during CheckTx, and during block selection the
+highest-priority transactions are chosen (subject to the constraints on size
+and gas cost).
+
+Operators can enable the priority mempool by setting `mempool.version` to
+`"v1"` in the `config.toml`. For more technical details about the priority
+mempool, see [ADR 067: Mempool
+Refactor](https://github.com/tendermint/tendermint/blob/main/docs/architecture/adr-067-mempool-refactor.md).
+
+## v0.34.0
+
+**Upgrading to Tendermint 0.34 requires a blockchain restart.**
+This release is not compatible with previous blockchains due to changes to
+the encoding format (see "Protocol Buffers," below) and the block header (see "Blockchain Protocol").
+
+Note also that Tendermint 0.34 also requires Go 1.16 or higher.
+
+### ABCI Changes
+
+* The `ABCIVersion` is now `0.17.0`.
+
+* New ABCI methods (`ListSnapshots`, `LoadSnapshotChunk`, `OfferSnapshot`, and `ApplySnapshotChunk`)
+  were added to support the new State Sync feature.
+  Previously, syncing a new node to a preexisting network could take days; but with State Sync,
+  new nodes are able to join a network in a matter of seconds.
+  Read [the spec](https://github.com/tendermint/tendermint/blob/v0.34.x/spec/abci/apps.md#state-sync)
+  if you want to learn more about State Sync, or if you'd like your application to use it.
+  (If you don't want to support State Sync in your application, you can just implement these new
+  ABCI methods as no-ops, leaving them empty.)
+
+* `KV.Pair` has been replaced with `abci.EventAttribute`. The `EventAttribute.Index` field
+  allows ABCI applications to dictate which events should be indexed.
+
+* The blockchain can now start from an arbitrary initial height,
+  provided to the application via `RequestInitChain.InitialHeight`.
+
+* ABCI evidence type is now an enum with two recognized types of evidence:
+  `DUPLICATE_VOTE` and `LIGHT_CLIENT_ATTACK`.
+  Applications should be able to handle these evidence types
+  (i.e., through slashing or other accountability measures).
+
+* The [`PublicKey` type](https://github.com/tendermint/tendermint/blob/main/proto/tendermint/crypto/keys.proto#L13-L15)
+  (used in ABCI as part of `ValidatorUpdate`) now uses a `oneof` protobuf type.
+  Note that since Tendermint only supports ed25519 validator keys, there's only one
+  option in the `oneof`.  For more, see "Protocol Buffers," below.
+
+* The field `Proof`, on the ABCI type `ResponseQuery`, is now named `ProofOps`.
+  For more, see "Crypto," below.
+
+### P2P Protocol
+
+The default codec is now proto3, not amino. The schema files can be found in the `/proto`
+directory. For more, see "Protobuf," below.
+
+### Blockchain Protocol
+
+* `Header#LastResultsHash`, which is the root hash of a Merkle tree built from
+  `ResponseDeliverTx(Code, Data)` as of v0.34 also includes `GasWanted` and `GasUsed`
+  fields.
+
+* Merkle hashes of empty trees previously returned nothing, but now return the hash of an empty input,
+  to conform with [RFC-6962](https://tools.ietf.org/html/rfc6962).
+  This mainly affects `Header#DataHash`, `Header#LastResultsHash`, and
+  `Header#EvidenceHash`, which are often empty. Non-empty hashes can also be affected, e.g. if their
+  inputs depend on other (empty) Merkle hashes, giving different results.
+
+### Transaction Indexing
+
+Tendermint now relies on the application to tell it which transactions to index. This means that
+in the `config.toml`, generated by Tendermint, there is no longer a way to specify which
+transactions to index. `tx.height` and `tx.hash` will always be indexed when using the `kv` indexer.
+
+Applications must now choose to either a) enable indexing for all transactions, or
+b) allow node operators to decide which transactions to index.
+Applications can notify Tendermint to index a specific transaction by setting
+`Index: bool` to `true` in the Event Attribute:
+
+```go
+[]types.Event{
+	{
+		Type: "app",
+		Attributes: []types.EventAttribute{
+			{Key: []byte("creator"), Value: []byte("Cosmoshi Netowoko"), Index: true},
+		},
+	},
+}
+```
+
+### Protocol Buffers
+
+Tendermint 0.34 replaces Amino with Protocol Buffers for encoding.
+This migration is extensive and results in a number of changes, however,
+Tendermint only uses the types generated from Protocol Buffers for disk and
+wire serialization.
+**This means that these changes should not affect you as a Tendermint user.**
+
+However, Tendermint users and contributors may note the following changes:
+
+* Directory layout changes: All proto files have been moved under one directory, `/proto`.
+  This is in line with the recommended file layout by [Buf](https://buf.build).
+  For more, see the [Buf documentation](https://buf.build/docs/lint-checkers#file_layout).
+* ABCI Changes: As noted in the "ABCI Changes" section above, the `PublicKey` type now uses
+  a `oneof` type.
+
+For more on the Protobuf changes, please see our [blog post on this migration](https://medium.com/tendermint/tendermint-0-34-protocol-buffers-and-you-8c40558939ae).
+
+### Consensus Parameters
+
+Tendermint 0.34 includes new and updated consensus parameters.
+
+#### Version Parameters (New)
+
+* `AppVersion`, which is the version of the ABCI application.
+
+#### Evidence Parameters
+
+* `MaxBytes`, which caps the total amount of evidence. The default is 1048576 (1 MB).
+
+### Crypto
+
+#### Keys
+
+* Keys no longer include a type prefix. For example, ed25519 pubkeys have been renamed from
+  `PubKeyEd25519` to `PubKey`. This reduces stutter (e.g., `ed25519.PubKey`).
+* Keys are now byte slices (`[]byte`) instead of byte arrays (`[<size>]byte`).
+* The multisig functionality that was previously in Tendermint now has
+  a new home within the Cosmos SDK:
+  [`cosmos/cosmos-sdk/types/multisig`](https://github.com/cosmos/cosmos-sdk/blob/master/crypto/types/multisig/multisignature.go).
+
+#### `merkle` Package
+
+* `SimpleHashFromMap()` and `SimpleProofsFromMap()` were removed.
+* The prefix `Simple` has been removed. (For example, `SimpleProof` is now called `Proof`.)
+* All protobuf messages have been moved to the `/proto` directory.
+* The protobuf message `Proof` that contained multiple ProofOp's has been renamed to `ProofOps`.
+  As noted above, this affects the ABCI type `ResponseQuery`:
+  The field that was named Proof is now named `ProofOps`.
+* `HashFromByteSlices` and `ProofsFromByteSlices` now return a hash for empty inputs, to conform with
+  [RFC-6962](https://tools.ietf.org/html/rfc6962).
+
+### `libs` Package
+
+The `bech32` package has moved to the Cosmos SDK:
+[`cosmos/cosmos-sdk/types/bech32`](https://github.com/cosmos/cosmos-sdk/tree/4173ea5ebad906dd9b45325bed69b9c655504867/types/bech32).
+
+### CLI
+
+The `tendermint lite` command has been renamed to `tendermint light` and has a slightly different API.
+See [the docs](https://docs.tendermint.com/v0.33/tendermint-core/light-client-protocol.html#http-proxy) for details.
+
+### Light Client
+
+We have a new, rewritten light client! You can
+[read more](https://medium.com/tendermint/everything-you-need-to-know-about-the-tendermint-light-client-f80d03856f98)
+about the justifications and details behind this change.
+
+Other user-relevant changes include:
+
+* The old `lite` package was removed; the new light client uses the `light` package.
+* The `Verifier` was broken up into two pieces:
+    * Core verification logic (pure `VerifyX` functions)
+    * `Client` object, which represents the complete light client
+* The new light client stores headers and validator sets as `LightBlock`s
+* The RPC client can be found in the `/rpc` directory.
+* The HTTP(S) proxy is located in the `/proxy` directory.
+
+### `state` Package
+
+* A new field `State.InitialHeight` has been added to record the initial chain height, which must be `1`
+  (not `0`) if starting from height `1`. This can be configured via the genesis field `initial_height`.
+* The `state` package now has a `Store` interface. All functions in
+  [state/store.go](https://github.com/tendermint/tendermint/blob/56911ee35298191c95ef1c7d3d5ec508237aaff4/state/store.go#L42-L42)
+  are now part of the interface. The interface returns errors on all methods and can be used by calling `state.NewStore(dbm.DB)`.
+
+### `privval` Package
+
+All requests are now accompanied by the chain ID from the network.
+This is a optional field and can be ignored by key management systems;
+however, if you are using the same key management system for multiple different
+blockchains, we recommend that you check the chain ID.
+
+
+### RPC
+
+* `/unsafe_start_cpu_profiler`, `/unsafe_stop_cpu_profiler` and
+  `/unsafe_write_heap_profile` were removed.
+   For profiling, please use the pprof server, which can
+  be enabled through `--rpc.pprof_laddr=X` flag or `pprof_laddr=X` config setting
+  in the rpc section.
+* The `Content-Type` header returned on RPC calls is now (correctly) set as `application/json`.
+
+### Version
+
+Version is now set through Go linker flags `ld_flags`. Applications that are using tendermint as a library should set this at compile time.
+
+Example:
+
+```sh
+go install -mod=readonly -ldflags "-X github.com/tendermint/tendermint/version.TMCoreSemVer=$(go list -m github.com/tendermint/tendermint | sed  's/ /\@/g') -s -w " -trimpath ./cmd
+```
+
+Additionally, the exported constant `version.Version` is now `version.TMCoreSemVer`.
+
+## v0.33.4
+
+### Go API
+
+* `rpc/client` HTTP and local clients have been moved into `http` and `local`
+  subpackages, and their constructors have been renamed to `New()`.

 ### Protobuf Changes

-When upgrading to version <version #> you will have to fetch the `third_party` directory along with the updated proto files.
+When upgrading to version 0.33.4 you will have to fetch the `third_party`
+directory along with the updated proto files.
+
+### Block Retention
+
+ResponseCommit added a field for block retention. The application can provide information to Tendermint on how to prune blocks.
+If an application would like to not prune any blocks pass a `0` in this field.
+
+```proto
+message ResponseCommit {
+  // reserve 1
+  bytes  data          = 2; // the Merkle root hash
+  ++ uint64 retain_height = 3; // the oldest block height to retain ++
+}
+```

 ## v0.33.0

-This release is not compatible with previous blockchains due to commit becoming signatures only and fields in the header have been removed.
+This release is not compatible with previous blockchains due to commit becoming
+signatures only and fields in the header have been removed.
+
+### Blockchain Protocol
+
+`TotalTxs` and `NumTxs` were removed from the header. `Commit` now consists
+mostly of just signatures.
+
+```go
+type Commit struct {
+	Height     int64
+	Round      int
+	BlockID    BlockID
+	Signatures []CommitSig
+}
+```
+
+```go
+type BlockIDFlag byte
+
+const (
+	// BlockIDFlagAbsent - no vote was received from a validator.
+	BlockIDFlagAbsent BlockIDFlag = 0x01
+	// BlockIDFlagCommit - voted for the Commit.BlockID.
+	BlockIDFlagCommit = 0x02
+	// BlockIDFlagNil - voted for nil.
+	BlockIDFlagNil = 0x03
+)
+
+type CommitSig struct {
+	BlockIDFlag      BlockIDFlag
+	ValidatorAddress Address
+	Timestamp        time.Time
+	Signature        []byte
+}
+```
+
+See [\#63](https://github.com/tendermint/spec/pull/63) for the complete spec
+change.
+
+### P2P Protocol
+
+The secret connection now includes a transcript hashing. If you want to
+implement a handshake (or otherwise have an existing implementation), you'll
+need to make the same changes that were made
+[here](https://github.com/tendermint/tendermint/pull/3668).

 ### Config Changes

 You will need to generate a new config if you have used a prior version of tendermint.

- Tags have been entirely renamed throughout the codebase to events and there keys are called [compositeKeys](https://github.com/tendermint/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md).
- Evidence Params has been changed to include duration.
-  - `consensus_params.evidence.max_age_duration`.
-  - Renamed `consensus_params.evidence.max_age` to `max_age_num_blocks`.
+Tags have been entirely renamed throughout the codebase to events and there
+keys are called
+[compositeKeys](https://github.com/tendermint/tendermint/blob/6d05c531f7efef6f0619155cf10ae8557dd7832f/docs/app-dev/indexing-transactions.md).
+
+Evidence Params has been changed to include duration.
+
+* `consensus_params.evidence.max_age_duration`.
+* Renamed `consensus_params.evidence.max_age` to `max_age_num_blocks`.

 ### Go API

- `libs/common` has been removed in favor of specific pkgs.
-  - `async`
-  - `service`
-  - `rand`
-  - `net`
-  - `strings`
-  - `cmap`
- removal of `errors` pkg
+* `libs/common` has been removed in favor of specific pkgs.
+    * `async`
+    * `service`
+    * `rand`
+    * `net`
+    * `strings`
+    * `cmap`
+* removal of `errors` pkg

 ### RPC Changes

- `/validators` is now paginated (default: 30 vals per page)
- `/block_results` response format updated [see RPC docs for details](https://docs.tendermint.com/master/rpc/#/Info/block_results)
- Event suffix has been removed from the ID in event responses
- IDs are now integers not `json-client-XYZ`
+* `/validators` is now paginated (default: 30 vals per page)
+* `/block_results` response format updated [see RPC docs for details](https://docs.tendermint.com/v0.33/rpc/#/Info/block_results)
+* Event suffix has been removed from the ID in event responses
+* IDs are now integers not `json-client-XYZ`

 ## v0.32.0

@@ -157,11 +461,11 @@ the compilation tag:

 Use `cleveldb` tag instead of `gcc` to compile Tendermint with CLevelDB or
 use `make build_c` / `make install_c` (full instructions can be found at
-https://tendermint.com/docs/introduction/install.html#compile-with-cleveldb-support)
+<https://docs.tendermint.com/v0.33/introduction/install.html#compile-with-cleveldb-support>)

 ## v0.31.0

-This release contains a breaking change to the behaviour of the pubsub system.
+This release contains a breaking change to the behavior of the pubsub system.
 It also contains some minor breaking changes in the Go API and ABCI.
 There are no changes to the block or p2p protocols, so v0.31.0 should work fine
 with blockchains created from the v0.30 series.
@@ -179,7 +483,7 @@ In this case, the WS client will receive an error with description:
  "error": {
    "code": -32000,
    "msg": "Server error",
-    "data": "subscription was cancelled (reason: client is not pulling messages fast enough)" // or "subscription was cancelled (reason: Tendermint exited)"
+    "data": "subscription was canceled (reason: client is not pulling messages fast enough)" // or "subscription was canceled (reason: Tendermint exited)"
  }
 }

@@ -232,14 +536,14 @@ due to changes in how various data structures are hashed.
 Any implementations of Tendermint blockchain verification, including lite clients,
 will need to be updated. For specific details:

- [Merkle tree](https://github.com/tendermint/spec/blob/master/spec/blockchain/encoding.md#merkle-trees)
- [ConsensusParams](https://github.com/tendermint/spec/blob/master/spec/blockchain/state.md#consensusparams)
+* [Merkle tree](https://github.com/tendermint/tendermint/blob/main/spec/blockchain/encoding.md#merkle-trees)
+* [ConsensusParams](https://github.com/tendermint/tendermint/blob/main/spec/blockchain/state.md#consensusparams)

 There was also a small change to field ordering in the vote struct. Any
 implementations of an out-of-process validator (like a Key-Management Server)
 will need to be updated. For specific details:

- [Vote](https://github.com/tendermint/spec/blob/master/spec/consensus/signing.md#votes)
+* [Vote](https://github.com/tendermint/tendermint/blob/main/spec/consensus/signing.md#votes)

 Finally, the proposer selection algorithm continues to evolve. See the
 [work-in-progress
@@ -275,7 +579,7 @@ To upgrade manually, use the provided `privValUpgrade.go` script, with exact pat
 to use the default paths, of `config/priv_validator_key.json` and
 `data/priv_validator_state.json`, respectively:

-```
+```sh
 go run scripts/privValUpgrade.go <old-path> <new-key-path> <new-state-path>
 ```

@@ -345,8 +649,8 @@ old data to be compatible with the new version.

 To reset the state do:

-```
-$ tendermint unsafe_reset_all
+```sh
+tendermint unsafe_reset_all
 ```

 Here we summarize some other notable changes to be mindful of.
@@ -360,7 +664,7 @@ to `timeout_propose = "3s"`.

 ### RPC Changes

-The default behaviour of `/abci_query` has been changed to not return a proof,
+The default behavior of `/abci_query` has been changed to not return a proof,
 and the name of the parameter that controls this has been changed from `trusted`
 to `prove`. To get proofs with your queries, ensure you set `prove=true`.

@@ -383,7 +687,7 @@ the root of another. If you don't need this functionality, and you used to
 return `<proof bytes>` here, you should instead return a single `ProofOp` with
 just the `Data` field set:

-```
+```go
 []ProofOp{
    ProofOp{
        Data: <proof bytes>,
@@ -393,10 +697,10 @@ just the `Data` field set:

 For more information, see:

- [ADR-026](https://github.com/tendermint/tendermint/blob/30519e8361c19f4bf320ef4d26288ebc621ad725/docs/architecture/adr-026-general-merkle-proof.md)
- [Relevant ABCI
+* [ADR-026](https://github.com/tendermint/tendermint/blob/30519e8361c19f4bf320ef4d26288ebc621ad725/docs/architecture/adr-026-general-merkle-proof.md)
+* [Relevant ABCI
  documentation](https://github.com/tendermint/tendermint/blob/30519e8361c19f4bf320ef4d26288ebc621ad725/docs/spec/abci/apps.md#query-proofs)
- [Description of
+* [Description of
  keys](https://github.com/tendermint/tendermint/blob/30519e8361c19f4bf320ef4d26288ebc621ad725/crypto/merkle/proof_key_path.go#L14)

 ### Go API Changes
@@ -431,8 +735,8 @@ old data to be compatible with the new version.

 To reset the state do:

-```
-$ tendermint unsafe_reset_all
+```sh
+tendermint unsafe_reset_all
 ```

 Here we summarize some other notable changes to be mindful of.
@@ -442,7 +746,7 @@ Here we summarize some other notable changes to be mindful of.
 `p2p.max_num_peers` was removed in favor of `p2p.max_num_inbound_peers` and
 `p2p.max_num_outbound_peers`.

-```
+```toml
 # Maximum number of inbound peers
 max_num_inbound_peers = 40

--- a/16
+++ b/16
@@ -2,7 +2,7 @@
 # vi: set ft=ruby :

 Vagrant.configure("2") do |config|
-  config.vm.box = "ubuntu/xenial64"
+  config.vm.box = "ubuntu/focal64"

  config.vm.provider "virtualbox" do |v|
    v.memory = 4096
@@ -19,20 +19,24 @@ Vagrant.configure("2") do |config|

    # install docker
    apt-get install -y --no-install-recommends apt-transport-https \
-      ca-certificates curl software-properties-common
+      ca-certificates \
+      curl \
+      gnupg-agent \
+      software-properties-common
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
    add-apt-repository \
      "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
      $(lsb_release -cs) \
      stable"
+    apt-get update
    apt-get install -y docker-ce
-    usermod -a -G docker vagrant
+    usermod -aG docker vagrant

    # install go
-    wget -q https://dl.google.com/go/go1.13.linux-amd64.tar.gz
-    tar -xvf go1.13.linux-amd64.tar.gz
+    wget -q https://dl.google.com/go/go1.15.linux-amd64.tar.gz
+    tar -xvf go1.15.linux-amd64.tar.gz
    mv go /usr/local
-    rm -f go1.13.linux-amd64.tar.gz
+    rm -f go1.15.linux-amd64.tar.gz

    # install nodejs (for docs)
    curl -sL https://deb.nodesource.com/setup_11.x | bash -
--- a/abci/README.md
+++ b/abci/README.md
@@ -19,19 +19,18 @@ To get up and running quickly, see the [getting started guide](../docs/app-dev/g

 A detailed description of the ABCI methods and message types is contained in:

- [The main spec](https://github.com/tendermint/spec/blob/master/spec/abci/abci.md)
- [A protobuf file](./types/types.proto)
+- [The main spec](https://github.com/tendermint/tendermint/blob/main/spec/abci/README.md)
+- [A protobuf file](../proto/tendermint/types/types.proto)
 - [A Go interface](./types/application.go)

 ## Protocol Buffers

 To compile the protobuf file, run (from the root of the repo):

-```
+```sh
 make protoc_abci
 ```

 See `protoc --help` and [the Protocol Buffers site](https://developers.google.com/protocol-buffers)
 for details on compiling for other languages. Note we also include a [GRPC](https://www.grpc.io/docs)
 service definition.
-
--- a/abci/client/client.go
+++ b/abci/client/client.go
@@ -6,6 +6,7 @@ import (

 	"github.com/tendermint/tendermint/abci/types"
 	"github.com/tendermint/tendermint/libs/service"
+	tmsync "github.com/tendermint/tendermint/libs/sync"
 )

 const (
@@ -13,6 +14,8 @@ const (
 	echoRetryIntervalSeconds = 1
 )

+//go:generate ../../scripts/mockery_generate.sh Client
+
 // Client defines an interface for an ABCI client.
 // All `Async` methods return a `ReqRes` object.
 // All `Sync` methods return the appropriate protobuf ResponseXxx struct and an error.
@@ -27,26 +30,36 @@ type Client interface {
 	FlushAsync() *ReqRes
 	EchoAsync(msg string) *ReqRes
 	InfoAsync(types.RequestInfo) *ReqRes
-	SetOptionAsync(types.RequestSetOption) *ReqRes
 	DeliverTxAsync(types.RequestDeliverTx) *ReqRes
 	CheckTxAsync(types.RequestCheckTx) *ReqRes
 	QueryAsync(types.RequestQuery) *ReqRes
 	CommitAsync() *ReqRes
 	InitChainAsync(types.RequestInitChain) *ReqRes
+	PrepareProposalAsync(types.RequestPrepareProposal) *ReqRes
 	BeginBlockAsync(types.RequestBeginBlock) *ReqRes
 	EndBlockAsync(types.RequestEndBlock) *ReqRes
+	ListSnapshotsAsync(types.RequestListSnapshots) *ReqRes
+	OfferSnapshotAsync(types.RequestOfferSnapshot) *ReqRes
+	LoadSnapshotChunkAsync(types.RequestLoadSnapshotChunk) *ReqRes
+	ApplySnapshotChunkAsync(types.RequestApplySnapshotChunk) *ReqRes
+	ProcessProposalAsync(types.RequestProcessProposal) *ReqRes

 	FlushSync() error
 	EchoSync(msg string) (*types.ResponseEcho, error)
 	InfoSync(types.RequestInfo) (*types.ResponseInfo, error)
-	SetOptionSync(types.RequestSetOption) (*types.ResponseSetOption, error)
 	DeliverTxSync(types.RequestDeliverTx) (*types.ResponseDeliverTx, error)
 	CheckTxSync(types.RequestCheckTx) (*types.ResponseCheckTx, error)
 	QuerySync(types.RequestQuery) (*types.ResponseQuery, error)
 	CommitSync() (*types.ResponseCommit, error)
 	InitChainSync(types.RequestInitChain) (*types.ResponseInitChain, error)
+	PrepareProposalSync(types.RequestPrepareProposal) (*types.ResponsePrepareProposal, error)
 	BeginBlockSync(types.RequestBeginBlock) (*types.ResponseBeginBlock, error)
 	EndBlockSync(types.RequestEndBlock) (*types.ResponseEndBlock, error)
+	ListSnapshotsSync(types.RequestListSnapshots) (*types.ResponseListSnapshots, error)
+	OfferSnapshotSync(types.RequestOfferSnapshot) (*types.ResponseOfferSnapshot, error)
+	LoadSnapshotChunkSync(types.RequestLoadSnapshotChunk) (*types.ResponseLoadSnapshotChunk, error)
+	ApplySnapshotChunkSync(types.RequestApplySnapshotChunk) (*types.ResponseApplySnapshotChunk, error)
+	ProcessProposalSync(types.RequestProcessProposal) (*types.ResponseProcessProposal, error)
 }

 //----------------------------------------
@@ -65,20 +78,22 @@ func NewClient(addr, transport string, mustConnect bool) (client Client, err err
 	return
 }

-//----------------------------------------
-
 type Callback func(*types.Request, *types.Response)

-//----------------------------------------
-
 type ReqRes struct {
 	*types.Request
 	*sync.WaitGroup
 	*types.Response // Not set atomically, so be sure to use WaitGroup.

-	mtx  sync.Mutex
-	done bool                  // Gets set to true once *after* WaitGroup.Done().
-	cb   func(*types.Response) // A single callback that may be set.
+	mtx tmsync.Mutex
+
+	// callbackInvoked as a variable to track if the callback was already
+	// invoked during the regular execution of the request. This variable
+	// allows clients to set the callback simultaneously without potentially
+	// invoking the callback twice by accident, once when 'SetCallback' is
+	// called and once during the normal request.
+	callbackInvoked bool
+	cb              func(*types.Response) // A single callback that may be set.
 }

 func NewReqRes(req *types.Request) *ReqRes {
@@ -87,39 +102,49 @@ func NewReqRes(req *types.Request) *ReqRes {
 		WaitGroup: waitGroup1(),
 		Response:  nil,

-		done: false,
-		cb:   nil,
+		callbackInvoked: false,
+		cb:              nil,
 	}
 }

-// Sets the callback for this ReqRes atomically.
-// If reqRes is already done, calls cb immediately.
-// NOTE: reqRes.cb should not change if reqRes.done.
-// NOTE: only one callback is supported.
-func (reqRes *ReqRes) SetCallback(cb func(res *types.Response)) {
-	reqRes.mtx.Lock()
+// Sets sets the callback. If reqRes is already done, it will call the cb
+// immediately. Note, reqRes.cb should not change if reqRes.done and only one
+// callback is supported.
+func (r *ReqRes) SetCallback(cb func(res *types.Response)) {
+	r.mtx.Lock()

-	if reqRes.done {
-		reqRes.mtx.Unlock()
-		cb(reqRes.Response)
+	if r.callbackInvoked {
+		r.mtx.Unlock()
+		cb(r.Response)
 		return
 	}

-	reqRes.cb = cb
-	reqRes.mtx.Unlock()
+	r.cb = cb
+	r.mtx.Unlock()
 }

-func (reqRes *ReqRes) GetCallback() func(*types.Response) {
-	reqRes.mtx.Lock()
-	defer reqRes.mtx.Unlock()
-	return reqRes.cb
+// InvokeCallback invokes a thread-safe execution of the configured callback
+// if non-nil.
+func (r *ReqRes) InvokeCallback() {
+	r.mtx.Lock()
+	defer r.mtx.Unlock()
+
+	if r.cb != nil {
+		r.cb(r.Response)
+	}
+	r.callbackInvoked = true
 }

-// NOTE: it should be safe to read reqRes.cb without locks after this.
-func (reqRes *ReqRes) SetDone() {
-	reqRes.mtx.Lock()
-	reqRes.done = true
-	reqRes.mtx.Unlock()
+// GetCallback returns the configured callback of the ReqRes object which may be
+// nil. Note, it is not safe to concurrently call this in cases where it is
+// marked done and SetCallback is called before calling GetCallback as that
+// will invoke the callback twice and create a potential race condition.
+//
+// ref: https://github.com/tendermint/tendermint/issues/5439
+func (r *ReqRes) GetCallback() func(*types.Response) {
+	r.mtx.Lock()
+	defer r.mtx.Unlock()
+	return r.cb
 }

 func waitGroup1() (wg *sync.WaitGroup) {
--- a/abci/client/grpc_client.go
+++ b/abci/client/grpc_client.go
@@ -12,6 +12,7 @@ import (
 	"github.com/tendermint/tendermint/abci/types"
 	tmnet "github.com/tendermint/tendermint/libs/net"
 	"github.com/tendermint/tendermint/libs/service"
+	tmsync "github.com/tendermint/tendermint/libs/sync"
 )

 var _ Client = (*grpcClient)(nil)
@@ -22,10 +23,11 @@ type grpcClient struct {
 	service.BaseService
 	mustConnect bool

-	client types.ABCIApplicationClient
-	conn   *grpc.ClientConn
+	client   types.ABCIApplicationClient
+	conn     *grpc.ClientConn
+	chReqRes chan *ReqRes // dispatches "async" responses to callbacks *in order*, needed by mempool

-	mtx   sync.Mutex
+	mtx   tmsync.Mutex
 	addr  string
 	err   error
 	resCb func(*types.Request, *types.Response) // listens to all callbacks
@@ -35,6 +37,13 @@ func NewGRPCClient(addr string, mustConnect bool) Client {
 	cli := &grpcClient{
 		addr:        addr,
 		mustConnect: mustConnect,
+		// Buffering the channel is needed to make calls appear asynchronous,
+		// which is required when the caller makes multiple async calls before
+		// processing callbacks (e.g. due to holding locks). 64 means that a
+		// caller can make up to 64 async calls before a callback must be
+		// processed (otherwise it deadlocks). It also means that we can make 64
+		// gRPC calls while processing a slow callback at the channel head.
+		chReqRes: make(chan *ReqRes, 64),
 	}
 	cli.BaseService = *service.NewBaseService(nil, "grpcClient", cli)
 	return cli
@@ -48,8 +57,37 @@ func (cli *grpcClient) OnStart() error {
 	if err := cli.BaseService.OnStart(); err != nil {
 		return err
 	}
+
+	// This processes asynchronous request/response messages and dispatches
+	// them to callbacks.
+	go func() {
+		// Use a separate function to use defer for mutex unlocks (this handles panics)
+		callCb := func(reqres *ReqRes) {
+			cli.mtx.Lock()
+			defer cli.mtx.Unlock()
+
+			reqres.Done()
+
+			// Notify client listener if set
+			if cli.resCb != nil {
+				cli.resCb(reqres.Request, reqres.Response)
+			}
+
+			// Notify reqRes listener if set
+			reqres.InvokeCallback()
+		}
+		for reqres := range cli.chReqRes {
+			if reqres != nil {
+				callCb(reqres)
+			} else {
+				cli.Logger.Error("Received nil reqres")
+			}
+		}
+	}()
+
 RETRY_LOOP:
 	for {
+		//nolint:staticcheck // SA1019 Existing use of deprecated but supported dial option.
 		conn, err := grpc.Dial(cli.addr, grpc.WithInsecure(), grpc.WithContextDialer(dialerFunc))
 		if err != nil {
 			if cli.mustConnect {
@@ -85,21 +123,24 @@ func (cli *grpcClient) OnStop() {
 	if cli.conn != nil {
 		cli.conn.Close()
 	}
+	close(cli.chReqRes)
 }

 func (cli *grpcClient) StopForError(err error) {
-	cli.mtx.Lock()
 	if !cli.IsRunning() {
 		return
 	}

+	cli.mtx.Lock()
 	if cli.err == nil {
 		cli.err = err
 	}
 	cli.mtx.Unlock()

 	cli.Logger.Error(fmt.Sprintf("Stopping abci.grpcClient for error: %v", err.Error()))
-	cli.Stop()
+	if err := cli.Stop(); err != nil {
+		cli.Logger.Error("Error stopping abci.grpcClient", "err", err)
+	}
 }

 func (cli *grpcClient) Error() error {
@@ -151,15 +192,6 @@ func (cli *grpcClient) InfoAsync(params types.RequestInfo) *ReqRes {
 	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_Info{Info: res}})
 }

-func (cli *grpcClient) SetOptionAsync(params types.RequestSetOption) *ReqRes {
-	req := types.ToRequestSetOption(params)
-	res, err := cli.client.SetOption(context.Background(), req.GetSetOption(), grpc.WaitForReady(true))
-	if err != nil {
-		cli.StopForError(err)
-	}
-	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_SetOption{SetOption: res}})
-}
-
 func (cli *grpcClient) DeliverTxAsync(params types.RequestDeliverTx) *ReqRes {
 	req := types.ToRequestDeliverTx(params)
 	res, err := cli.client.DeliverTx(context.Background(), req.GetDeliverTx(), grpc.WaitForReady(true))
@@ -223,84 +255,181 @@ func (cli *grpcClient) EndBlockAsync(params types.RequestEndBlock) *ReqRes {
 	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_EndBlock{EndBlock: res}})
 }

+func (cli *grpcClient) ListSnapshotsAsync(params types.RequestListSnapshots) *ReqRes {
+	req := types.ToRequestListSnapshots(params)
+	res, err := cli.client.ListSnapshots(context.Background(), req.GetListSnapshots(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_ListSnapshots{ListSnapshots: res}})
+}
+
+func (cli *grpcClient) OfferSnapshotAsync(params types.RequestOfferSnapshot) *ReqRes {
+	req := types.ToRequestOfferSnapshot(params)
+	res, err := cli.client.OfferSnapshot(context.Background(), req.GetOfferSnapshot(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_OfferSnapshot{OfferSnapshot: res}})
+}
+
+func (cli *grpcClient) LoadSnapshotChunkAsync(params types.RequestLoadSnapshotChunk) *ReqRes {
+	req := types.ToRequestLoadSnapshotChunk(params)
+	res, err := cli.client.LoadSnapshotChunk(context.Background(), req.GetLoadSnapshotChunk(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_LoadSnapshotChunk{LoadSnapshotChunk: res}})
+}
+
+func (cli *grpcClient) ApplySnapshotChunkAsync(params types.RequestApplySnapshotChunk) *ReqRes {
+	req := types.ToRequestApplySnapshotChunk(params)
+	res, err := cli.client.ApplySnapshotChunk(context.Background(), req.GetApplySnapshotChunk(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_ApplySnapshotChunk{ApplySnapshotChunk: res}})
+}
+
+func (cli *grpcClient) PrepareProposalAsync(params types.RequestPrepareProposal) *ReqRes {
+	req := types.ToRequestPrepareProposal(params)
+	res, err := cli.client.PrepareProposal(context.Background(), req.GetPrepareProposal(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_PrepareProposal{PrepareProposal: res}})
+}
+
+func (cli *grpcClient) ProcessProposalAsync(params types.RequestProcessProposal) *ReqRes {
+	req := types.ToRequestProcessProposal(params)
+	res, err := cli.client.ProcessProposal(context.Background(), req.GetProcessProposal(), grpc.WaitForReady(true))
+	if err != nil {
+		cli.StopForError(err)
+	}
+
+	return cli.finishAsyncCall(req, &types.Response{Value: &types.Response_ProcessProposal{ProcessProposal: res}})
+}
+
+// finishAsyncCall creates a ReqRes for an async call, and immediately populates it
+// with the response. We don't complete it until it's been ordered via the channel.
 func (cli *grpcClient) finishAsyncCall(req *types.Request, res *types.Response) *ReqRes {
 	reqres := NewReqRes(req)
-	reqres.Response = res // Set response
-	reqres.Done()         // Release waiters
-	reqres.SetDone()      // so reqRes.SetCallback will run the callback
-
-	// goroutine for callbacks
-	go func() {
-		cli.mtx.Lock()
-		defer cli.mtx.Unlock()
-
-		// Notify client listener if set
-		if cli.resCb != nil {
-			cli.resCb(reqres.Request, res)
-		}
-
-		// Notify reqRes listener if set
-		if cb := reqres.GetCallback(); cb != nil {
-			cb(res)
-		}
-	}()
-
+	reqres.Response = res
+	cli.chReqRes <- reqres // use channel for async responses, since they must be ordered
 	return reqres
 }

+// finishSyncCall waits for an async call to complete. It is necessary to call all
+// sync calls asynchronously as well, to maintain call and response ordering via
+// the channel, and this method will wait until the async call completes.
+func (cli *grpcClient) finishSyncCall(reqres *ReqRes) *types.Response {
+	// It's possible that the callback is called twice, since the callback can
+	// be called immediately on SetCallback() in addition to after it has been
+	// set. This is because completing the ReqRes happens in a separate critical
+	// section from the one where the callback is called: there is a race where
+	// SetCallback() is called between completing the ReqRes and dispatching the
+	// callback.
+	//
+	// We also buffer the channel with 1 response, since SetCallback() will be
+	// called synchronously if the reqres is already completed, in which case
+	// it will block on sending to the channel since it hasn't gotten around to
+	// receiving from it yet.
+	//
+	// ReqRes should really handle callback dispatch internally, to guarantee
+	// that it's only called once and avoid the above race conditions.
+	var once sync.Once
+	ch := make(chan *types.Response, 1)
+	reqres.SetCallback(func(res *types.Response) {
+		once.Do(func() {
+			ch <- res
+		})
+	})
+	return <-ch
+}
+
 //----------------------------------------

 func (cli *grpcClient) FlushSync() error {
-	return nil
+	reqres := cli.FlushAsync()
+	cli.finishSyncCall(reqres).GetFlush()
+	return cli.Error()
 }

 func (cli *grpcClient) EchoSync(msg string) (*types.ResponseEcho, error) {
 	reqres := cli.EchoAsync(msg)
 	// StopForError should already have been called if error is set
-	return reqres.Response.GetEcho(), cli.Error()
+	return cli.finishSyncCall(reqres).GetEcho(), cli.Error()
 }

 func (cli *grpcClient) InfoSync(req types.RequestInfo) (*types.ResponseInfo, error) {
 	reqres := cli.InfoAsync(req)
-	return reqres.Response.GetInfo(), cli.Error()
-}
-
-func (cli *grpcClient) SetOptionSync(req types.RequestSetOption) (*types.ResponseSetOption, error) {
-	reqres := cli.SetOptionAsync(req)
-	return reqres.Response.GetSetOption(), cli.Error()
+	return cli.finishSyncCall(reqres).GetInfo(), cli.Error()
 }

 func (cli *grpcClient) DeliverTxSync(params types.RequestDeliverTx) (*types.ResponseDeliverTx, error) {
 	reqres := cli.DeliverTxAsync(params)
-	return reqres.Response.GetDeliverTx(), cli.Error()
+	return cli.finishSyncCall(reqres).GetDeliverTx(), cli.Error()
 }

 func (cli *grpcClient) CheckTxSync(params types.RequestCheckTx) (*types.ResponseCheckTx, error) {
 	reqres := cli.CheckTxAsync(params)
-	return reqres.Response.GetCheckTx(), cli.Error()
+	return cli.finishSyncCall(reqres).GetCheckTx(), cli.Error()
 }

 func (cli *grpcClient) QuerySync(req types.RequestQuery) (*types.ResponseQuery, error) {
 	reqres := cli.QueryAsync(req)
-	return reqres.Response.GetQuery(), cli.Error()
+	return cli.finishSyncCall(reqres).GetQuery(), cli.Error()
 }

 func (cli *grpcClient) CommitSync() (*types.ResponseCommit, error) {
 	reqres := cli.CommitAsync()
-	return reqres.Response.GetCommit(), cli.Error()
+	return cli.finishSyncCall(reqres).GetCommit(), cli.Error()
 }

 func (cli *grpcClient) InitChainSync(params types.RequestInitChain) (*types.ResponseInitChain, error) {
 	reqres := cli.InitChainAsync(params)
-	return reqres.Response.GetInitChain(), cli.Error()
+	return cli.finishSyncCall(reqres).GetInitChain(), cli.Error()
 }

 func (cli *grpcClient) BeginBlockSync(params types.RequestBeginBlock) (*types.ResponseBeginBlock, error) {
 	reqres := cli.BeginBlockAsync(params)
-	return reqres.Response.GetBeginBlock(), cli.Error()
+	return cli.finishSyncCall(reqres).GetBeginBlock(), cli.Error()
 }

 func (cli *grpcClient) EndBlockSync(params types.RequestEndBlock) (*types.ResponseEndBlock, error) {
 	reqres := cli.EndBlockAsync(params)
-	return reqres.Response.GetEndBlock(), cli.Error()
+	return cli.finishSyncCall(reqres).GetEndBlock(), cli.Error()
+}
+
+func (cli *grpcClient) ListSnapshotsSync(params types.RequestListSnapshots) (*types.ResponseListSnapshots, error) {
+	reqres := cli.ListSnapshotsAsync(params)
+	return cli.finishSyncCall(reqres).GetListSnapshots(), cli.Error()
+}
+
+func (cli *grpcClient) OfferSnapshotSync(params types.RequestOfferSnapshot) (*types.ResponseOfferSnapshot, error) {
+	reqres := cli.OfferSnapshotAsync(params)
+	return cli.finishSyncCall(reqres).GetOfferSnapshot(), cli.Error()
+}
+
+func (cli *grpcClient) LoadSnapshotChunkSync(
+	params types.RequestLoadSnapshotChunk) (*types.ResponseLoadSnapshotChunk, error) {
+	reqres := cli.LoadSnapshotChunkAsync(params)
+	return cli.finishSyncCall(reqres).GetLoadSnapshotChunk(), cli.Error()
+}
+
+func (cli *grpcClient) ApplySnapshotChunkSync(
+	params types.RequestApplySnapshotChunk) (*types.ResponseApplySnapshotChunk, error) {
+	reqres := cli.ApplySnapshotChunkAsync(params)
+	return cli.finishSyncCall(reqres).GetApplySnapshotChunk(), cli.Error()
+}
+
+func (cli *grpcClient) PrepareProposalSync(
+	params types.RequestPrepareProposal) (*types.ResponsePrepareProposal, error) {
+	reqres := cli.PrepareProposalAsync(params)
+	return cli.finishSyncCall(reqres).GetPrepareProposal(), cli.Error()
+}
+
+func (cli *grpcClient) ProcessProposalSync(params types.RequestProcessProposal) (*types.ResponseProcessProposal, error) {
+	reqres := cli.ProcessProposalAsync(params)
+	return cli.finishSyncCall(reqres).GetProcessProposal(), cli.Error()
 }
--- a/abci/client/local_client.go
+++ b/abci/client/local_client.go
@@ -1,10 +1,9 @@
 package abcicli

 import (
-	"sync"
-
 	types "github.com/tendermint/tendermint/abci/types"
 	"github.com/tendermint/tendermint/libs/service"
+	tmsync "github.com/tendermint/tendermint/libs/sync"
 )

 var _ Client = (*localClient)(nil)
@@ -16,14 +15,20 @@ var _ Client = (*localClient)(nil)
 type localClient struct {
 	service.BaseService

-	mtx *sync.Mutex
+	mtx *tmsync.Mutex
 	types.Application
 	Callback
 }

-func NewLocalClient(mtx *sync.Mutex, app types.Application) Client {
+var _ Client = (*localClient)(nil)
+
+// NewLocalClient creates a local client, which will be directly calling the
+// methods of the given app.
+//
+// Both Async and Sync methods ignore the given context.Context parameter.
+func NewLocalClient(mtx *tmsync.Mutex, app types.Application) Client {
 	if mtx == nil {
-		mtx = new(sync.Mutex)
+		mtx = new(tmsync.Mutex)
 	}
 	cli := &localClient{
 		mtx:         mtx,
@@ -70,17 +75,6 @@ func (app *localClient) InfoAsync(req types.RequestInfo) *ReqRes {
 	)
 }

-func (app *localClient) SetOptionAsync(req types.RequestSetOption) *ReqRes {
-	app.mtx.Lock()
-	defer app.mtx.Unlock()
-
-	res := app.Application.SetOption(req)
-	return app.callback(
-		types.ToRequestSetOption(req),
-		types.ToResponseSetOption(res),
-	)
-}
-
 func (app *localClient) DeliverTxAsync(params types.RequestDeliverTx) *ReqRes {
 	app.mtx.Lock()
 	defer app.mtx.Unlock()
@@ -158,6 +152,72 @@ func (app *localClient) EndBlockAsync(req types.RequestEndBlock) *ReqRes {
 	)
 }

+func (app *localClient) ListSnapshotsAsync(req types.RequestListSnapshots) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ListSnapshots(req)
+	return app.callback(
+		types.ToRequestListSnapshots(req),
+		types.ToResponseListSnapshots(res),
+	)
+}
+
+func (app *localClient) OfferSnapshotAsync(req types.RequestOfferSnapshot) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.OfferSnapshot(req)
+	return app.callback(
+		types.ToRequestOfferSnapshot(req),
+		types.ToResponseOfferSnapshot(res),
+	)
+}
+
+func (app *localClient) LoadSnapshotChunkAsync(req types.RequestLoadSnapshotChunk) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.LoadSnapshotChunk(req)
+	return app.callback(
+		types.ToRequestLoadSnapshotChunk(req),
+		types.ToResponseLoadSnapshotChunk(res),
+	)
+}
+
+func (app *localClient) ApplySnapshotChunkAsync(req types.RequestApplySnapshotChunk) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ApplySnapshotChunk(req)
+	return app.callback(
+		types.ToRequestApplySnapshotChunk(req),
+		types.ToResponseApplySnapshotChunk(res),
+	)
+}
+
+func (app *localClient) PrepareProposalAsync(req types.RequestPrepareProposal) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.PrepareProposal(req)
+	return app.callback(
+		types.ToRequestPrepareProposal(req),
+		types.ToResponsePrepareProposal(res),
+	)
+}
+
+func (app *localClient) ProcessProposalAsync(req types.RequestProcessProposal) *ReqRes {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ProcessProposal(req)
+	return app.callback(
+		types.ToRequestProcessProposal(req),
+		types.ToResponseProcessProposal(res),
+	)
+}
+
 //-------------------------------------------------------

 func (app *localClient) FlushSync() error {
@@ -176,14 +236,6 @@ func (app *localClient) InfoSync(req types.RequestInfo) (*types.ResponseInfo, er
 	return &res, nil
 }

-func (app *localClient) SetOptionSync(req types.RequestSetOption) (*types.ResponseSetOption, error) {
-	app.mtx.Lock()
-	defer app.mtx.Unlock()
-
-	res := app.Application.SetOption(req)
-	return &res, nil
-}
-
 func (app *localClient) DeliverTxSync(req types.RequestDeliverTx) (*types.ResponseDeliverTx, error) {
 	app.mtx.Lock()
 	defer app.mtx.Unlock()
@@ -240,16 +292,67 @@ func (app *localClient) EndBlockSync(req types.RequestEndBlock) (*types.Response
 	return &res, nil
 }

+func (app *localClient) ListSnapshotsSync(req types.RequestListSnapshots) (*types.ResponseListSnapshots, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ListSnapshots(req)
+	return &res, nil
+}
+
+func (app *localClient) OfferSnapshotSync(req types.RequestOfferSnapshot) (*types.ResponseOfferSnapshot, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.OfferSnapshot(req)
+	return &res, nil
+}
+
+func (app *localClient) LoadSnapshotChunkSync(
+	req types.RequestLoadSnapshotChunk) (*types.ResponseLoadSnapshotChunk, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.LoadSnapshotChunk(req)
+	return &res, nil
+}
+
+func (app *localClient) ApplySnapshotChunkSync(
+	req types.RequestApplySnapshotChunk) (*types.ResponseApplySnapshotChunk, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ApplySnapshotChunk(req)
+	return &res, nil
+}
+
+func (app *localClient) PrepareProposalSync(req types.RequestPrepareProposal) (*types.ResponsePrepareProposal, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.PrepareProposal(req)
+	return &res, nil
+}
+
+func (app *localClient) ProcessProposalSync(req types.RequestProcessProposal) (*types.ResponseProcessProposal, error) {
+	app.mtx.Lock()
+	defer app.mtx.Unlock()
+
+	res := app.Application.ProcessProposal(req)
+	return &res, nil
+}
+
 //-------------------------------------------------------

 func (app *localClient) callback(req *types.Request, res *types.Response) *ReqRes {
 	app.Callback(req, res)
-	return newLocalReqRes(req, res)
+	rr := newLocalReqRes(req, res)
+	rr.callbackInvoked = true
+	return rr
 }

 func newLocalReqRes(req *types.Request, res *types.Response) *ReqRes {
 	reqRes := NewReqRes(req)
 	reqRes.Response = res
-	reqRes.SetDone()
 	return reqRes
 }
--- a/abci/client/mocks/client.go
+++ b/abci/client/mocks/client.go
@@ -0,0 +1,790 @@
+// Code generated by mockery. DO NOT EDIT.
+
+package mocks
+
+import (
+	abcicli "github.com/tendermint/tendermint/abci/client"
+	log "github.com/tendermint/tendermint/libs/log"
+
+	mock "github.com/stretchr/testify/mock"
+
+	types "github.com/tendermint/tendermint/abci/types"
+)
+
+// Client is an autogenerated mock type for the Client type
+type Client struct {
+	mock.Mock
+}
+
+// ApplySnapshotChunkAsync provides a mock function with given fields: _a0
+func (_m *Client) ApplySnapshotChunkAsync(_a0 types.RequestApplySnapshotChunk) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestApplySnapshotChunk) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// ApplySnapshotChunkSync provides a mock function with given fields: _a0
+func (_m *Client) ApplySnapshotChunkSync(_a0 types.RequestApplySnapshotChunk) (*types.ResponseApplySnapshotChunk, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseApplySnapshotChunk
+	if rf, ok := ret.Get(0).(func(types.RequestApplySnapshotChunk) *types.ResponseApplySnapshotChunk); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseApplySnapshotChunk)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestApplySnapshotChunk) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// BeginBlockAsync provides a mock function with given fields: _a0
+func (_m *Client) BeginBlockAsync(_a0 types.RequestBeginBlock) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestBeginBlock) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// BeginBlockSync provides a mock function with given fields: _a0
+func (_m *Client) BeginBlockSync(_a0 types.RequestBeginBlock) (*types.ResponseBeginBlock, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseBeginBlock
+	if rf, ok := ret.Get(0).(func(types.RequestBeginBlock) *types.ResponseBeginBlock); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseBeginBlock)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestBeginBlock) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// CheckTxAsync provides a mock function with given fields: _a0
+func (_m *Client) CheckTxAsync(_a0 types.RequestCheckTx) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestCheckTx) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// CheckTxSync provides a mock function with given fields: _a0
+func (_m *Client) CheckTxSync(_a0 types.RequestCheckTx) (*types.ResponseCheckTx, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseCheckTx
+	if rf, ok := ret.Get(0).(func(types.RequestCheckTx) *types.ResponseCheckTx); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseCheckTx)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestCheckTx) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// CommitAsync provides a mock function with given fields:
+func (_m *Client) CommitAsync() *abcicli.ReqRes {
+	ret := _m.Called()
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func() *abcicli.ReqRes); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// CommitSync provides a mock function with given fields:
+func (_m *Client) CommitSync() (*types.ResponseCommit, error) {
+	ret := _m.Called()
+
+	var r0 *types.ResponseCommit
+	if rf, ok := ret.Get(0).(func() *types.ResponseCommit); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseCommit)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func() error); ok {
+		r1 = rf()
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// DeliverTxAsync provides a mock function with given fields: _a0
+func (_m *Client) DeliverTxAsync(_a0 types.RequestDeliverTx) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestDeliverTx) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// DeliverTxSync provides a mock function with given fields: _a0
+func (_m *Client) DeliverTxSync(_a0 types.RequestDeliverTx) (*types.ResponseDeliverTx, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseDeliverTx
+	if rf, ok := ret.Get(0).(func(types.RequestDeliverTx) *types.ResponseDeliverTx); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseDeliverTx)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestDeliverTx) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// EchoAsync provides a mock function with given fields: msg
+func (_m *Client) EchoAsync(msg string) *abcicli.ReqRes {
+	ret := _m.Called(msg)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(string) *abcicli.ReqRes); ok {
+		r0 = rf(msg)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// EchoSync provides a mock function with given fields: msg
+func (_m *Client) EchoSync(msg string) (*types.ResponseEcho, error) {
+	ret := _m.Called(msg)
+
+	var r0 *types.ResponseEcho
+	if rf, ok := ret.Get(0).(func(string) *types.ResponseEcho); ok {
+		r0 = rf(msg)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseEcho)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(string) error); ok {
+		r1 = rf(msg)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// EndBlockAsync provides a mock function with given fields: _a0
+func (_m *Client) EndBlockAsync(_a0 types.RequestEndBlock) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestEndBlock) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// EndBlockSync provides a mock function with given fields: _a0
+func (_m *Client) EndBlockSync(_a0 types.RequestEndBlock) (*types.ResponseEndBlock, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseEndBlock
+	if rf, ok := ret.Get(0).(func(types.RequestEndBlock) *types.ResponseEndBlock); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseEndBlock)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestEndBlock) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Error provides a mock function with given fields:
+func (_m *Client) Error() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// FlushAsync provides a mock function with given fields:
+func (_m *Client) FlushAsync() *abcicli.ReqRes {
+	ret := _m.Called()
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func() *abcicli.ReqRes); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// FlushSync provides a mock function with given fields:
+func (_m *Client) FlushSync() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// InfoAsync provides a mock function with given fields: _a0
+func (_m *Client) InfoAsync(_a0 types.RequestInfo) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestInfo) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// InfoSync provides a mock function with given fields: _a0
+func (_m *Client) InfoSync(_a0 types.RequestInfo) (*types.ResponseInfo, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseInfo
+	if rf, ok := ret.Get(0).(func(types.RequestInfo) *types.ResponseInfo); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseInfo)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestInfo) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// InitChainAsync provides a mock function with given fields: _a0
+func (_m *Client) InitChainAsync(_a0 types.RequestInitChain) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestInitChain) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// InitChainSync provides a mock function with given fields: _a0
+func (_m *Client) InitChainSync(_a0 types.RequestInitChain) (*types.ResponseInitChain, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseInitChain
+	if rf, ok := ret.Get(0).(func(types.RequestInitChain) *types.ResponseInitChain); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseInitChain)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestInitChain) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// IsRunning provides a mock function with given fields:
+func (_m *Client) IsRunning() bool {
+	ret := _m.Called()
+
+	var r0 bool
+	if rf, ok := ret.Get(0).(func() bool); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(bool)
+	}
+
+	return r0
+}
+
+// ListSnapshotsAsync provides a mock function with given fields: _a0
+func (_m *Client) ListSnapshotsAsync(_a0 types.RequestListSnapshots) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestListSnapshots) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// ListSnapshotsSync provides a mock function with given fields: _a0
+func (_m *Client) ListSnapshotsSync(_a0 types.RequestListSnapshots) (*types.ResponseListSnapshots, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseListSnapshots
+	if rf, ok := ret.Get(0).(func(types.RequestListSnapshots) *types.ResponseListSnapshots); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseListSnapshots)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestListSnapshots) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// LoadSnapshotChunkAsync provides a mock function with given fields: _a0
+func (_m *Client) LoadSnapshotChunkAsync(_a0 types.RequestLoadSnapshotChunk) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestLoadSnapshotChunk) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// LoadSnapshotChunkSync provides a mock function with given fields: _a0
+func (_m *Client) LoadSnapshotChunkSync(_a0 types.RequestLoadSnapshotChunk) (*types.ResponseLoadSnapshotChunk, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseLoadSnapshotChunk
+	if rf, ok := ret.Get(0).(func(types.RequestLoadSnapshotChunk) *types.ResponseLoadSnapshotChunk); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseLoadSnapshotChunk)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestLoadSnapshotChunk) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// OfferSnapshotAsync provides a mock function with given fields: _a0
+func (_m *Client) OfferSnapshotAsync(_a0 types.RequestOfferSnapshot) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestOfferSnapshot) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// OfferSnapshotSync provides a mock function with given fields: _a0
+func (_m *Client) OfferSnapshotSync(_a0 types.RequestOfferSnapshot) (*types.ResponseOfferSnapshot, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseOfferSnapshot
+	if rf, ok := ret.Get(0).(func(types.RequestOfferSnapshot) *types.ResponseOfferSnapshot); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseOfferSnapshot)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestOfferSnapshot) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// OnReset provides a mock function with given fields:
+func (_m *Client) OnReset() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// OnStart provides a mock function with given fields:
+func (_m *Client) OnStart() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// OnStop provides a mock function with given fields:
+func (_m *Client) OnStop() {
+	_m.Called()
+}
+
+// PrepareProposalAsync provides a mock function with given fields: _a0
+func (_m *Client) PrepareProposalAsync(_a0 types.RequestPrepareProposal) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestPrepareProposal) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// PrepareProposalSync provides a mock function with given fields: _a0
+func (_m *Client) PrepareProposalSync(_a0 types.RequestPrepareProposal) (*types.ResponsePrepareProposal, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponsePrepareProposal
+	if rf, ok := ret.Get(0).(func(types.RequestPrepareProposal) *types.ResponsePrepareProposal); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponsePrepareProposal)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestPrepareProposal) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// ProcessProposalAsync provides a mock function with given fields: _a0
+func (_m *Client) ProcessProposalAsync(_a0 types.RequestProcessProposal) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestProcessProposal) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// ProcessProposalSync provides a mock function with given fields: _a0
+func (_m *Client) ProcessProposalSync(_a0 types.RequestProcessProposal) (*types.ResponseProcessProposal, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseProcessProposal
+	if rf, ok := ret.Get(0).(func(types.RequestProcessProposal) *types.ResponseProcessProposal); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseProcessProposal)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestProcessProposal) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// QueryAsync provides a mock function with given fields: _a0
+func (_m *Client) QueryAsync(_a0 types.RequestQuery) *abcicli.ReqRes {
+	ret := _m.Called(_a0)
+
+	var r0 *abcicli.ReqRes
+	if rf, ok := ret.Get(0).(func(types.RequestQuery) *abcicli.ReqRes); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*abcicli.ReqRes)
+		}
+	}
+
+	return r0
+}
+
+// QuerySync provides a mock function with given fields: _a0
+func (_m *Client) QuerySync(_a0 types.RequestQuery) (*types.ResponseQuery, error) {
+	ret := _m.Called(_a0)
+
+	var r0 *types.ResponseQuery
+	if rf, ok := ret.Get(0).(func(types.RequestQuery) *types.ResponseQuery); ok {
+		r0 = rf(_a0)
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(*types.ResponseQuery)
+		}
+	}
+
+	var r1 error
+	if rf, ok := ret.Get(1).(func(types.RequestQuery) error); ok {
+		r1 = rf(_a0)
+	} else {
+		r1 = ret.Error(1)
+	}
+
+	return r0, r1
+}
+
+// Quit provides a mock function with given fields:
+func (_m *Client) Quit() <-chan struct{} {
+	ret := _m.Called()
+
+	var r0 <-chan struct{}
+	if rf, ok := ret.Get(0).(func() <-chan struct{}); ok {
+		r0 = rf()
+	} else {
+		if ret.Get(0) != nil {
+			r0 = ret.Get(0).(<-chan struct{})
+		}
+	}
+
+	return r0
+}
+
+// Reset provides a mock function with given fields:
+func (_m *Client) Reset() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// SetLogger provides a mock function with given fields: _a0
+func (_m *Client) SetLogger(_a0 log.Logger) {
+	_m.Called(_a0)
+}
+
+// SetResponseCallback provides a mock function with given fields: _a0
+func (_m *Client) SetResponseCallback(_a0 abcicli.Callback) {
+	_m.Called(_a0)
+}
+
+// Start provides a mock function with given fields:
+func (_m *Client) Start() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// Stop provides a mock function with given fields:
+func (_m *Client) Stop() error {
+	ret := _m.Called()
+
+	var r0 error
+	if rf, ok := ret.Get(0).(func() error); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Error(0)
+	}
+
+	return r0
+}
+
+// String provides a mock function with given fields:
+func (_m *Client) String() string {
+	ret := _m.Called()
+
+	var r0 string
+	if rf, ok := ret.Get(0).(func() string); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(string)
+	}
+
+	return r0
+}
+
+type mockConstructorTestingTNewClient interface {
+	mock.TestingT
+	Cleanup(func())
+}
+
+// NewClient creates a new instance of Client. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
+func NewClient(t mockConstructorTestingTNewClient) *Client {
+	mock := &Client{}
+	mock.Mock.Test(t)
+
+	t.Cleanup(func() { mock.AssertExpectations(t) })
+
+	return mock
+}
--- a/abci/client/socket_client.go
+++ b/abci/client/socket_client.go
@@ -8,24 +8,22 @@ import (
 	"io"
 	"net"
 	"reflect"
-	"sync"
 	"time"

 	"github.com/tendermint/tendermint/abci/types"
 	tmnet "github.com/tendermint/tendermint/libs/net"
 	"github.com/tendermint/tendermint/libs/service"
+	tmsync "github.com/tendermint/tendermint/libs/sync"
 	"github.com/tendermint/tendermint/libs/timer"
 )

-const reqQueueSize = 256 // TODO make configurable
-// const maxResponseSize = 1048576 // 1MB TODO make configurable
-const flushThrottleMS = 20 // Don't wait longer than...
+const (
+	reqQueueSize    = 256 // TODO make configurable
+	flushThrottleMS = 20  // Don't wait longer than...
+)

-var _ Client = (*socketClient)(nil)
-
-// This is goroutine-safe, but users should beware that
-// the application in general is not meant to be interfaced
-// with concurrent callers.
+// This is goroutine-safe, but users should beware that the application in
+// general is not meant to be interfaced with concurrent callers.
 type socketClient struct {
 	service.BaseService

@@ -36,13 +34,17 @@ type socketClient struct {
 	reqQueue   chan *ReqRes
 	flushTimer *timer.ThrottleTimer

-	mtx     sync.Mutex
+	mtx     tmsync.Mutex
 	err     error
 	reqSent *list.List                            // list of requests sent, waiting for response
 	resCb   func(*types.Request, *types.Response) // called on all requests, if set.
-
 }

+var _ Client = (*socketClient)(nil)
+
+// NewSocketClient creates a new socket client, which connects to a given
+// address. If mustConnect is true, the client will return an error upon start
+// if it fails to connect.
 func NewSocketClient(addr string, mustConnect bool) Client {
 	cli := &socketClient{
 		reqQueue:    make(chan *ReqRes, reqQueueSize),
@@ -57,19 +59,24 @@ func NewSocketClient(addr string, mustConnect bool) Client {
 	return cli
 }

+// OnStart implements Service by connecting to the server and spawning reading
+// and writing goroutines.
 func (cli *socketClient) OnStart() error {
-	var err error
-	var conn net.Conn
-RETRY_LOOP:
+	var (
+		err  error
+		conn net.Conn
+	)
+
 	for {
 		conn, err = tmnet.Connect(cli.addr)
 		if err != nil {
 			if cli.mustConnect {
 				return err
 			}
-			cli.Logger.Error(fmt.Sprintf("abci.socketClient failed to connect to %v.  Retrying...", cli.addr), "err", err)
+			cli.Logger.Error(fmt.Sprintf("abci.socketClient failed to connect to %v.  Retrying after %vs...",
+				cli.addr, dialRetryIntervalSeconds), "err", err)
 			time.Sleep(time.Second * dialRetryIntervalSeconds)
-			continue RETRY_LOOP
+			continue
 		}
 		cli.conn = conn

@@ -80,39 +87,26 @@ RETRY_LOOP:
 	}
 }

+// OnStop implements Service by closing connection and flushing all queues.
 func (cli *socketClient) OnStop() {
 	if cli.conn != nil {
 		cli.conn.Close()
 	}

-	cli.mtx.Lock()
-	defer cli.mtx.Unlock()
 	cli.flushQueue()
+	cli.flushTimer.Stop()
 }

-// Stop the client and set the error
-func (cli *socketClient) StopForError(err error) {
-	if !cli.IsRunning() {
-		return
-	}
-
-	cli.mtx.Lock()
-	if cli.err == nil {
-		cli.err = err
-	}
-	cli.mtx.Unlock()
-
-	cli.Logger.Error(fmt.Sprintf("Stopping abci.socketClient for error: %v", err.Error()))
-	cli.Stop()
-}
-
+// Error returns an error if the client was stopped abruptly.
 func (cli *socketClient) Error() error {
 	cli.mtx.Lock()
 	defer cli.mtx.Unlock()
 	return cli.err
 }

-// Set listener for all responses
+// SetResponseCallback sets a callback, which will be executed for each
+// non-error & non-empty response from the server.
+//
 // NOTE: callback may get internally generated flush responses.
 func (cli *socketClient) SetResponseCallback(resCb Callback) {
 	cli.mtx.Lock()
@@ -123,11 +117,28 @@ func (cli *socketClient) SetResponseCallback(resCb Callback) {
 //----------------------------------------

 func (cli *socketClient) sendRequestsRoutine(conn io.Writer) {
-
 	w := bufio.NewWriter(conn)
 	for {
 		select {
-		case <-cli.flushTimer.Ch:
+		case reqres := <-cli.reqQueue:
+			// cli.Logger.Debug("Sent request", "requestType", reflect.TypeOf(reqres.Request), "request", reqres.Request)
+
+			cli.willSendReq(reqres)
+			err := types.WriteMessage(reqres.Request, w)
+			if err != nil {
+				cli.stopForError(fmt.Errorf("write to buffer: %w", err))
+				return
+			}
+
+			// If it's a flush request, flush the current buffer.
+			if _, ok := reqres.Request.Value.(*types.Request_Flush); ok {
+				err = w.Flush()
+				if err != nil {
+					cli.stopForError(fmt.Errorf("flush buffer: %w", err))
+					return
+				}
+			}
+		case <-cli.flushTimer.Ch: // flush queue
 			select {
 			case cli.reqQueue <- NewReqRes(types.ToRequestFlush()):
 			default:
@@ -135,45 +146,31 @@ func (cli *socketClient) sendRequestsRoutine(conn io.Writer) {
 			}
 		case <-cli.Quit():
 			return
-		case reqres := <-cli.reqQueue:
-			cli.willSendReq(reqres)
-			err := types.WriteMessage(reqres.Request, w)
-			if err != nil {
-				cli.StopForError(fmt.Errorf("error writing msg: %v", err))
-				return
-			}
-			// cli.Logger.Debug("Sent request", "requestType", reflect.TypeOf(reqres.Request), "request", reqres.Request)
-			if _, ok := reqres.Request.Value.(*types.Request_Flush); ok {
-				err = w.Flush()
-				if err != nil {
-					cli.StopForError(fmt.Errorf("error flushing writer: %v", err))
-					return
-				}
-			}
 		}
 	}
 }

 func (cli *socketClient) recvResponseRoutine(conn io.Reader) {
-
-	r := bufio.NewReader(conn) // Buffer reads
+	r := bufio.NewReader(conn)
 	for {
 		var res = &types.Response{}
 		err := types.ReadMessage(r, res)
 		if err != nil {
-			cli.StopForError(err)
+			cli.stopForError(fmt.Errorf("read message: %w", err))
 			return
 		}
+
+		// cli.Logger.Debug("Received response", "responseType", reflect.TypeOf(res), "response", res)
+
 		switch r := res.Value.(type) {
-		case *types.Response_Exception:
+		case *types.Response_Exception: // app responded with error
 			// XXX After setting cli.err, release waiters (e.g. reqres.Done())
-			cli.StopForError(errors.New(r.Exception.Error))
+			cli.stopForError(errors.New(r.Exception.Error))
 			return
 		default:
-			// cli.Logger.Debug("Received response", "responseType", reflect.TypeOf(res), "response", res)
 			err := cli.didRecvResponse(res)
 			if err != nil {
-				cli.StopForError(err)
+				cli.stopForError(err)
 				return
 			}
 		}
@@ -190,20 +187,21 @@ func (cli *socketClient) didRecvResponse(res *types.Response) error {
 	cli.mtx.Lock()
 	defer cli.mtx.Unlock()

-	// Get the first ReqRes
+	// Get the first ReqRes.
 	next := cli.reqSent.Front()
 	if next == nil {
-		return fmt.Errorf("unexpected result type %v when nothing expected", reflect.TypeOf(res.Value))
+		return fmt.Errorf("unexpected %v when nothing expected", reflect.TypeOf(res.Value))
 	}
+
 	reqres := next.Value.(*ReqRes)
 	if !resMatchesReq(reqres.Request, res) {
-		return fmt.Errorf("unexpected result type %v when response to %v expected",
+		return fmt.Errorf("unexpected %v when response to %v expected",
 			reflect.TypeOf(res.Value), reflect.TypeOf(reqres.Request.Value))
 	}

-	reqres.Response = res    // Set response
-	reqres.Done()            // Release waiters
-	cli.reqSent.Remove(next) // Pop first item from linked list
+	reqres.Response = res
+	reqres.Done()            // release waiters
+	cli.reqSent.Remove(next) // pop first item from linked list

 	// Notify client listener if set (global callback).
 	if cli.resCb != nil {
@@ -211,11 +209,10 @@ func (cli *socketClient) didRecvResponse(res *types.Response) error {
 	}

 	// Notify reqRes listener if set (request specific callback).
-	// NOTE: it is possible this callback isn't set on the reqres object.
-	// at this point, in which case it will be called after, when it is set.
-	if cb := reqres.GetCallback(); cb != nil {
-		cb(res)
-	}
+	//
+	// NOTE: It is possible this callback isn't set on the reqres object. At this
+	// point, in which case it will be called after, when it is set.
+	reqres.InvokeCallback()

 	return nil
 }
@@ -234,10 +231,6 @@ func (cli *socketClient) InfoAsync(req types.RequestInfo) *ReqRes {
 	return cli.queueRequest(types.ToRequestInfo(req))
 }

-func (cli *socketClient) SetOptionAsync(req types.RequestSetOption) *ReqRes {
-	return cli.queueRequest(types.ToRequestSetOption(req))
-}
-
 func (cli *socketClient) DeliverTxAsync(req types.RequestDeliverTx) *ReqRes {
 	return cli.queueRequest(types.ToRequestDeliverTx(req))
 }
@@ -266,6 +259,30 @@ func (cli *socketClient) EndBlockAsync(req types.RequestEndBlock) *ReqRes {
 	return cli.queueRequest(types.ToRequestEndBlock(req))
 }

+func (cli *socketClient) ListSnapshotsAsync(req types.RequestListSnapshots) *ReqRes {
+	return cli.queueRequest(types.ToRequestListSnapshots(req))
+}
+
+func (cli *socketClient) OfferSnapshotAsync(req types.RequestOfferSnapshot) *ReqRes {
+	return cli.queueRequest(types.ToRequestOfferSnapshot(req))
+}
+
+func (cli *socketClient) LoadSnapshotChunkAsync(req types.RequestLoadSnapshotChunk) *ReqRes {
+	return cli.queueRequest(types.ToRequestLoadSnapshotChunk(req))
+}
+
+func (cli *socketClient) ApplySnapshotChunkAsync(req types.RequestApplySnapshotChunk) *ReqRes {
+	return cli.queueRequest(types.ToRequestApplySnapshotChunk(req))
+}
+
+func (cli *socketClient) PrepareProposalAsync(req types.RequestPrepareProposal) *ReqRes {
+	return cli.queueRequest(types.ToRequestPrepareProposal(req))
+}
+
+func (cli *socketClient) ProcessProposalAsync(req types.RequestProcessProposal) *ReqRes {
+	return cli.queueRequest(types.ToRequestProcessProposal(req))
+}
+
 //----------------------------------------

 func (cli *socketClient) FlushSync() error {
@@ -279,64 +296,140 @@ func (cli *socketClient) FlushSync() error {

 func (cli *socketClient) EchoSync(msg string) (*types.ResponseEcho, error) {
 	reqres := cli.queueRequest(types.ToRequestEcho(msg))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetEcho(), cli.Error()
 }

 func (cli *socketClient) InfoSync(req types.RequestInfo) (*types.ResponseInfo, error) {
 	reqres := cli.queueRequest(types.ToRequestInfo(req))
-	cli.FlushSync()
-	return reqres.Response.GetInfo(), cli.Error()
-}
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}

-func (cli *socketClient) SetOptionSync(req types.RequestSetOption) (*types.ResponseSetOption, error) {
-	reqres := cli.queueRequest(types.ToRequestSetOption(req))
-	cli.FlushSync()
-	return reqres.Response.GetSetOption(), cli.Error()
+	return reqres.Response.GetInfo(), cli.Error()
 }

 func (cli *socketClient) DeliverTxSync(req types.RequestDeliverTx) (*types.ResponseDeliverTx, error) {
 	reqres := cli.queueRequest(types.ToRequestDeliverTx(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetDeliverTx(), cli.Error()
 }

 func (cli *socketClient) CheckTxSync(req types.RequestCheckTx) (*types.ResponseCheckTx, error) {
 	reqres := cli.queueRequest(types.ToRequestCheckTx(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetCheckTx(), cli.Error()
 }

 func (cli *socketClient) QuerySync(req types.RequestQuery) (*types.ResponseQuery, error) {
 	reqres := cli.queueRequest(types.ToRequestQuery(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetQuery(), cli.Error()
 }

 func (cli *socketClient) CommitSync() (*types.ResponseCommit, error) {
 	reqres := cli.queueRequest(types.ToRequestCommit())
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetCommit(), cli.Error()
 }

 func (cli *socketClient) InitChainSync(req types.RequestInitChain) (*types.ResponseInitChain, error) {
 	reqres := cli.queueRequest(types.ToRequestInitChain(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetInitChain(), cli.Error()
 }

 func (cli *socketClient) BeginBlockSync(req types.RequestBeginBlock) (*types.ResponseBeginBlock, error) {
 	reqres := cli.queueRequest(types.ToRequestBeginBlock(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetBeginBlock(), cli.Error()
 }

 func (cli *socketClient) EndBlockSync(req types.RequestEndBlock) (*types.ResponseEndBlock, error) {
 	reqres := cli.queueRequest(types.ToRequestEndBlock(req))
-	cli.FlushSync()
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
 	return reqres.Response.GetEndBlock(), cli.Error()
 }

+func (cli *socketClient) ListSnapshotsSync(req types.RequestListSnapshots) (*types.ResponseListSnapshots, error) {
+	reqres := cli.queueRequest(types.ToRequestListSnapshots(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
+	return reqres.Response.GetListSnapshots(), cli.Error()
+}
+
+func (cli *socketClient) OfferSnapshotSync(req types.RequestOfferSnapshot) (*types.ResponseOfferSnapshot, error) {
+	reqres := cli.queueRequest(types.ToRequestOfferSnapshot(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
+	return reqres.Response.GetOfferSnapshot(), cli.Error()
+}
+
+func (cli *socketClient) LoadSnapshotChunkSync(
+	req types.RequestLoadSnapshotChunk) (*types.ResponseLoadSnapshotChunk, error) {
+	reqres := cli.queueRequest(types.ToRequestLoadSnapshotChunk(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
+	return reqres.Response.GetLoadSnapshotChunk(), cli.Error()
+}
+
+func (cli *socketClient) ApplySnapshotChunkSync(
+	req types.RequestApplySnapshotChunk) (*types.ResponseApplySnapshotChunk, error) {
+	reqres := cli.queueRequest(types.ToRequestApplySnapshotChunk(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+	return reqres.Response.GetApplySnapshotChunk(), cli.Error()
+}
+
+func (cli *socketClient) PrepareProposalSync(req types.RequestPrepareProposal) (*types.ResponsePrepareProposal, error) {
+	reqres := cli.queueRequest(types.ToRequestPrepareProposal(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
+	return reqres.Response.GetPrepareProposal(), cli.Error()
+}
+
+func (cli *socketClient) ProcessProposalSync(req types.RequestProcessProposal) (*types.ResponseProcessProposal, error) {
+	reqres := cli.queueRequest(types.ToRequestProcessProposal(req))
+	if err := cli.FlushSync(); err != nil {
+		return nil, err
+	}
+
+	return reqres.Response.GetProcessProposal(), cli.Error()
+}
+
 //----------------------------------------

 func (cli *socketClient) queueRequest(req *types.Request) *ReqRes {
@@ -357,6 +450,9 @@ func (cli *socketClient) queueRequest(req *types.Request) *ReqRes {
 }

 func (cli *socketClient) flushQueue() {
+	cli.mtx.Lock()
+	defer cli.mtx.Unlock()
+
 	// mark all in-flight messages as resolved (they will get cli.Error())
 	for req := cli.reqSent.Front(); req != nil; req = req.Next() {
 		reqres := req.Value.(*ReqRes)
@@ -385,8 +481,6 @@ func resMatchesReq(req *types.Request, res *types.Response) (ok bool) {
 		_, ok = res.Value.(*types.Response_Flush)
 	case *types.Request_Info:
 		_, ok = res.Value.(*types.Response_Info)
-	case *types.Request_SetOption:
-		_, ok = res.Value.(*types.Response_SetOption)
 	case *types.Request_DeliverTx:
 		_, ok = res.Value.(*types.Response_DeliverTx)
 	case *types.Request_CheckTx:
@@ -401,6 +495,35 @@ func resMatchesReq(req *types.Request, res *types.Response) (ok bool) {
 		_, ok = res.Value.(*types.Response_BeginBlock)
 	case *types.Request_EndBlock:
 		_, ok = res.Value.(*types.Response_EndBlock)
+	case *types.Request_ApplySnapshotChunk:
+		_, ok = res.Value.(*types.Response_ApplySnapshotChunk)
+	case *types.Request_LoadSnapshotChunk:
+		_, ok = res.Value.(*types.Response_LoadSnapshotChunk)
+	case *types.Request_ListSnapshots:
+		_, ok = res.Value.(*types.Response_ListSnapshots)
+	case *types.Request_OfferSnapshot:
+		_, ok = res.Value.(*types.Response_OfferSnapshot)
+	case *types.Request_PrepareProposal:
+		_, ok = res.Value.(*types.Response_PrepareProposal)
+	case *types.Request_ProcessProposal:
+		_, ok = res.Value.(*types.Response_ProcessProposal)
 	}
 	return ok
 }
+
+func (cli *socketClient) stopForError(err error) {
+	if !cli.IsRunning() {
+		return
+	}
+
+	cli.mtx.Lock()
+	if cli.err == nil {
+		cli.err = err
+	}
+	cli.mtx.Unlock()
+
+	cli.Logger.Error(fmt.Sprintf("Stopping abci.socketClient for error: %v", err.Error()))
+	if err := cli.Stop(); err != nil {
+		cli.Logger.Error("Error stopping abci.socketClient", "err", err)
+	}
+}
--- a/abci/client/socket_client_test.go
+++ b/abci/client/socket_client_test.go
@@ -1,8 +1,8 @@
 package abcicli_test

 import (
-	"errors"
 	"fmt"
+	"sync"
 	"testing"
 	"time"

@@ -16,41 +16,27 @@ import (
 	"github.com/tendermint/tendermint/libs/service"
 )

-type errorStopper interface {
-	StopForError(error)
-}
-
-func TestSocketClientStopForErrorDeadlock(t *testing.T) {
-	c := abcicli.NewSocketClient(":80", false).(errorStopper)
-	err := errors.New("foo-tendermint")
-
-	// See Issue https://github.com/tendermint/abci/issues/114
-	doneChan := make(chan bool)
-	go func() {
-		defer close(doneChan)
-		c.StopForError(err)
-		c.StopForError(err)
-	}()
-
-	select {
-	case <-doneChan:
-	case <-time.After(time.Second * 4):
-		t.Fatalf("Test took too long, potential deadlock still exists")
-	}
-}
-
 func TestProperSyncCalls(t *testing.T) {
 	app := slowApp{}

 	s, c := setupClientServer(t, app)
-	defer s.Stop()
-	defer c.Stop()
+	t.Cleanup(func() {
+		if err := s.Stop(); err != nil {
+			t.Error(err)
+		}
+	})
+	t.Cleanup(func() {
+		if err := c.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	resp := make(chan error, 1)
 	go func() {
 		// This is BeginBlockSync unrolled....
 		reqres := c.BeginBlockAsync(types.RequestBeginBlock{})
-		c.FlushSync()
+		err := c.FlushSync()
+		require.NoError(t, err)
 		res := reqres.Response.GetBeginBlock()
 		require.NotNil(t, res)
 		resp <- c.Error()
@@ -69,8 +55,16 @@ func TestHangingSyncCalls(t *testing.T) {
 	app := slowApp{}

 	s, c := setupClientServer(t, app)
-	defer s.Stop()
-	defer c.Stop()
+	t.Cleanup(func() {
+		if err := s.Stop(); err != nil {
+			t.Log(err)
+		}
+	})
+	t.Cleanup(func() {
+		if err := c.Stop(); err != nil {
+			t.Log(err)
+		}
+	})

 	resp := make(chan error, 1)
 	go func() {
@@ -81,7 +75,8 @@ func TestHangingSyncCalls(t *testing.T) {
 		// no response yet from server
 		time.Sleep(20 * time.Millisecond)
 		// kill the server, so the connections break
-		s.Stop()
+		err := s.Stop()
+		require.NoError(t, err)

 		// wait for the response from BeginBlock
 		reqres.Wait()
@@ -124,3 +119,71 @@ func (slowApp) BeginBlock(req types.RequestBeginBlock) types.ResponseBeginBlock
 	time.Sleep(200 * time.Millisecond)
 	return types.ResponseBeginBlock{}
 }
+
+// TestCallbackInvokedWhenSetLaet ensures that the callback is invoked when
+// set after the client completes the call into the app. Currently this
+// test relies on the callback being allowed to be invoked twice if set multiple
+// times, once when set early and once when set late.
+func TestCallbackInvokedWhenSetLate(t *testing.T) {
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	app := blockedABCIApplication{
+		wg: wg,
+	}
+	_, c := setupClientServer(t, app)
+	reqRes := c.CheckTxAsync(types.RequestCheckTx{})
+
+	done := make(chan struct{})
+	cb := func(_ *types.Response) {
+		close(done)
+	}
+	reqRes.SetCallback(cb)
+	app.wg.Done()
+	<-done
+
+	var called bool
+	cb = func(_ *types.Response) {
+		called = true
+	}
+	reqRes.SetCallback(cb)
+	require.True(t, called)
+}
+
+type blockedABCIApplication struct {
+	wg *sync.WaitGroup
+	types.BaseApplication
+}
+
+func (b blockedABCIApplication) CheckTx(r types.RequestCheckTx) types.ResponseCheckTx {
+	b.wg.Wait()
+	return b.BaseApplication.CheckTx(r)
+}
+
+// TestCallbackInvokedWhenSetEarly ensures that the callback is invoked when
+// set before the client completes the call into the app.
+func TestCallbackInvokedWhenSetEarly(t *testing.T) {
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	app := blockedABCIApplication{
+		wg: wg,
+	}
+	_, c := setupClientServer(t, app)
+	reqRes := c.CheckTxAsync(types.RequestCheckTx{})
+
+	done := make(chan struct{})
+	cb := func(_ *types.Response) {
+		close(done)
+	}
+	reqRes.SetCallback(cb)
+	app.wg.Done()
+
+	called := func() bool {
+		select {
+		case <-done:
+			return true
+		default:
+			return false
+		}
+	}
+	require.Eventually(t, called, time.Second, time.Millisecond*25)
+}
--- a/abci/cmd/abci-cli/abci-cli.go
+++ b/abci/cmd/abci-cli/abci-cli.go
@@ -16,13 +16,12 @@ import (

 	abcicli "github.com/tendermint/tendermint/abci/client"
 	"github.com/tendermint/tendermint/abci/example/code"
-	"github.com/tendermint/tendermint/abci/example/counter"
 	"github.com/tendermint/tendermint/abci/example/kvstore"
 	"github.com/tendermint/tendermint/abci/server"
 	servertest "github.com/tendermint/tendermint/abci/tests/server"
 	"github.com/tendermint/tendermint/abci/types"
 	"github.com/tendermint/tendermint/abci/version"
-	"github.com/tendermint/tendermint/crypto/merkle"
+	"github.com/tendermint/tendermint/proto/tendermint/crypto"
 )

 // client is a global variable so it can be reused by the console
@@ -44,9 +43,6 @@ var (
 	flagHeight int
 	flagProve  bool

-	// counter
-	flagSerial bool
-
 	// kvstore
 	flagPersist string
 )
@@ -58,9 +54,7 @@ var RootCmd = &cobra.Command{
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {

 		switch cmd.Use {
-		case "counter", "kvstore": // for the examples apps, don't pre-run
-			return nil
-		case "version": // skip running for version command
+		case "kvstore", "version":
 			return nil
 		}

@@ -89,19 +83,20 @@ var RootCmd = &cobra.Command{
 // Structure for data passed to print response.
 type response struct {
 	// generic abci response
-	Data []byte
-	Code uint32
-	Info string
-	Log  string
+	Data   []byte
+	Code   uint32
+	Info   string
+	Log    string
+	Status int32

 	Query *queryResponse
 }

 type queryResponse struct {
-	Key    []byte
-	Value  []byte
-	Height int64
-	Proof  *merkle.Proof
+	Key      []byte
+	Value    []byte
+	Height   int64
+	ProofOps *crypto.ProofOps
 }

 func Execute() error {
@@ -135,10 +130,6 @@ func addQueryFlags() {
 		"whether or not to return a merkle proof of the query result")
 }

-func addCounterFlags() {
-	counterCmd.PersistentFlags().BoolVarP(&flagSerial, "serial", "", false, "enforce incrementing (serial) transactions")
-}
-
 func addKVStoreFlags() {
 	kvstoreCmd.PersistentFlags().StringVarP(&flagPersist, "persist", "", "", "directory to use for a database")
 }
@@ -148,18 +139,17 @@ func addCommands() {
 	RootCmd.AddCommand(consoleCmd)
 	RootCmd.AddCommand(echoCmd)
 	RootCmd.AddCommand(infoCmd)
-	RootCmd.AddCommand(setOptionCmd)
 	RootCmd.AddCommand(deliverTxCmd)
 	RootCmd.AddCommand(checkTxCmd)
 	RootCmd.AddCommand(commitCmd)
 	RootCmd.AddCommand(versionCmd)
 	RootCmd.AddCommand(testCmd)
+	RootCmd.AddCommand(prepareProposalCmd)
+	RootCmd.AddCommand(processProposalCmd)
 	addQueryFlags()
 	RootCmd.AddCommand(queryCmd)

 	// examples
-	addCounterFlags()
-	RootCmd.AddCommand(counterCmd)
 	addKVStoreFlags()
 	RootCmd.AddCommand(kvstoreCmd)
 }
@@ -176,7 +166,6 @@ you'd like to run:

 where example.file looks something like:

-    set_option serial on
    check_tx 0x00
    check_tx 0xff
    deliver_tx 0x00
@@ -198,7 +187,7 @@ This command opens an interactive console for running any of the other commands
 without opening a new connection each time
 `,
 	Args:      cobra.ExactArgs(0),
-	ValidArgs: []string{"echo", "info", "set_option", "deliver_tx", "check_tx", "commit", "query"},
+	ValidArgs: []string{"echo", "info", "deliver_tx", "check_tx", "prepare_proposal", "process_proposal", "commit", "query"},
 	RunE:      cmdConsole,
 }

@@ -216,13 +205,6 @@ var infoCmd = &cobra.Command{
 	Args:  cobra.ExactArgs(0),
 	RunE:  cmdInfo,
 }
-var setOptionCmd = &cobra.Command{
-	Use:   "set_option",
-	Short: "set an option on the application",
-	Long:  "set an option on the application",
-	Args:  cobra.ExactArgs(2),
-	RunE:  cmdSetOption,
-}

 var deliverTxCmd = &cobra.Command{
 	Use:   "deliver_tx",
@@ -259,6 +241,22 @@ var versionCmd = &cobra.Command{
 	},
 }

+var prepareProposalCmd = &cobra.Command{
+	Use:   "prepare_proposal",
+	Short: "prepare proposal",
+	Long:  "prepare proposal",
+	Args:  cobra.MinimumNArgs(0),
+	RunE:  cmdPrepareProposal,
+}
+
+var processProposalCmd = &cobra.Command{
+	Use:   "process_proposal",
+	Short: "process proposal",
+	Long:  "process proposal",
+	Args:  cobra.MinimumNArgs(0),
+	RunE:  cmdProcessProposal,
+}
+
 var queryCmd = &cobra.Command{
 	Use:   "query",
 	Short: "query the application state",
@@ -267,14 +265,6 @@ var queryCmd = &cobra.Command{
 	RunE:  cmdQuery,
 }

-var counterCmd = &cobra.Command{
-	Use:   "counter",
-	Short: "ABCI demo example",
-	Long:  "ABCI demo example",
-	Args:  cobra.ExactArgs(0),
-	RunE:  cmdCounter,
-}
-
 var kvstoreCmd = &cobra.Command{
 	Use:   "kvstore",
 	Short: "ABCI demo example",
@@ -324,7 +314,6 @@ func cmdTest(cmd *cobra.Command, args []string) error {
 	return compose(
 		[]func() error{
 			func() error { return servertest.InitChain(client) },
-			func() error { return servertest.SetOption(client, "serial", "on") },
 			func() error { return servertest.Commit(client, nil) },
 			func() error { return servertest.DeliverTx(client, []byte("abc"), code.CodeTypeBadNonce, nil) },
 			func() error { return servertest.Commit(client, nil) },
@@ -339,6 +328,16 @@ func cmdTest(cmd *cobra.Command, args []string) error {
 				return servertest.DeliverTx(client, []byte{0x00, 0x00, 0x06}, code.CodeTypeBadNonce, nil)
 			},
 			func() error { return servertest.Commit(client, []byte{0, 0, 0, 0, 0, 0, 0, 5}) },
+			func() error {
+				return servertest.PrepareProposal(client, [][]byte{
+					{0x01},
+				}, [][]byte{{0x01}}, nil)
+			},
+			func() error {
+				return servertest.ProcessProposal(client, [][]byte{
+					{0x01},
+				}, types.ResponseProcessProposal_ACCEPT)
+			},
 		})
 }

@@ -439,8 +438,10 @@ func muxOnCommands(cmd *cobra.Command, pArgs []string) error {
 		return cmdInfo(cmd, actualArgs)
 	case "query":
 		return cmdQuery(cmd, actualArgs)
-	case "set_option":
-		return cmdSetOption(cmd, actualArgs)
+	case "prepare_proposal":
+		return cmdPrepareProposal(cmd, actualArgs)
+	case "process_proposal":
+		return cmdProcessProposal(cmd, actualArgs)
 	default:
 		return cmdUnimplemented(cmd, pArgs)
 	}
@@ -464,7 +465,6 @@ func cmdUnimplemented(cmd *cobra.Command, args []string) error {
 	fmt.Printf("%s: %s\n", deliverTxCmd.Use, deliverTxCmd.Short)
 	fmt.Printf("%s: %s\n", queryCmd.Use, queryCmd.Short)
 	fmt.Printf("%s: %s\n", commitCmd.Use, commitCmd.Short)
-	fmt.Printf("%s: %s\n", setOptionCmd.Use, setOptionCmd.Short)
 	fmt.Println("Use \"[command] --help\" for more information about a command.")

 	return nil
@@ -504,25 +504,6 @@ func cmdInfo(cmd *cobra.Command, args []string) error {

 const codeBad uint32 = 10

-// Set an option on the application
-func cmdSetOption(cmd *cobra.Command, args []string) error {
-	if len(args) < 2 {
-		printResponse(cmd, args, response{
-			Code: codeBad,
-			Log:  "want at least arguments of the form: <key> <value>",
-		})
-		return nil
-	}
-
-	key, val := args[0], args[1]
-	_, err := client.SetOptionSync(types.RequestSetOption{Key: key, Value: val})
-	if err != nil {
-		return err
-	}
-	printResponse(cmd, args, response{Log: "OK (SetOption doesn't return anything.)"}) // NOTE: Nothing to show...
-	return nil
-}
-
 // Append a new tx to application
 func cmdDeliverTx(cmd *cobra.Command, args []string) error {
 	if len(args) == 0 {
@@ -616,37 +597,68 @@ func cmdQuery(cmd *cobra.Command, args []string) error {
 		Info: resQuery.Info,
 		Log:  resQuery.Log,
 		Query: &queryResponse{
-			Key:    resQuery.Key,
-			Value:  resQuery.Value,
-			Height: resQuery.Height,
-			Proof:  resQuery.Proof,
+			Key:      resQuery.Key,
+			Value:    resQuery.Value,
+			Height:   resQuery.Height,
+			ProofOps: resQuery.ProofOps,
 		},
 	})
 	return nil
 }

-func cmdCounter(cmd *cobra.Command, args []string) error {
-	app := counter.NewApplication(flagSerial)
-	logger := log.NewTMLogger(log.NewSyncWriter(os.Stdout))
+func cmdPrepareProposal(cmd *cobra.Command, args []string) error {
+	txsBytesArray := make([][]byte, len(args))

-	// Start the listener
-	srv, err := server.NewServer(flagAddress, flagAbci, app)
+	for i, arg := range args {
+		txBytes, err := stringOrHexToBytes(arg)
+		if err != nil {
+			return err
+		}
+		txsBytesArray[i] = txBytes
+	}
+
+	res, err := client.PrepareProposalSync(types.RequestPrepareProposal{
+		Txs: txsBytesArray,
+		// kvstore has to have this parameter in order not to reject a tx as the default value is 0
+		MaxTxBytes: 65536,
+	})
 	if err != nil {
 		return err
 	}
-	srv.SetLogger(logger.With("module", "abci-server"))
-	if err := srv.Start(); err != nil {
+	resps := make([]response, 0, len(res.Txs))
+	for _, tx := range res.Txs {
+		resps = append(resps, response{
+			Code: code.CodeTypeOK,
+			Log:  "Succeeded. Tx: " + string(tx),
+		})
+	}
+
+	printResponse(cmd, args, resps...)
+	return nil
+}
+
+func cmdProcessProposal(cmd *cobra.Command, args []string) error {
+	txsBytesArray := make([][]byte, len(args))
+
+	for i, arg := range args {
+		txBytes, err := stringOrHexToBytes(arg)
+		if err != nil {
+			return err
+		}
+		txsBytesArray[i] = txBytes
+	}
+
+	res, err := client.ProcessProposalSync(types.RequestProcessProposal{
+		Txs: txsBytesArray,
+	})
+	if err != nil {
 		return err
 	}

-	// Stop upon receiving SIGTERM or CTRL-C.
-	tmos.TrapSignal(logger, func() {
-		// Cleanup
-		srv.Stop()
+	printResponse(cmd, args, response{
+		Status: int32(res.Status),
 	})
-
-	// Run forever.
-	select {}
+	return nil
 }

 func cmdKVStore(cmd *cobra.Command, args []string) error {
@@ -655,11 +667,14 @@ func cmdKVStore(cmd *cobra.Command, args []string) error {
 	// Create the application - in memory or persisted to disk
 	var app types.Application
 	if flagPersist == "" {
-		app = kvstore.NewApplication()
-	} else {
-		app = kvstore.NewPersistentKVStoreApplication(flagPersist)
-		app.(*kvstore.PersistentKVStoreApplication).SetLogger(logger.With("module", "kvstore"))
+		var err error
+		flagPersist, err = os.MkdirTemp("", "persistent_kvstore_tmp")
+		if err != nil {
+			return err
+		}
 	}
+	app = kvstore.NewPersistentKVStoreApplication(flagPersist)
+	app.(*kvstore.PersistentKVStoreApplication).SetLogger(logger.With("module", "kvstore"))

 	// Start the listener
 	srv, err := server.NewServer(flagAddress, flagAbci, app)
@@ -674,7 +689,9 @@ func cmdKVStore(cmd *cobra.Command, args []string) error {
 	// Stop upon receiving SIGTERM or CTRL-C.
 	tmos.TrapSignal(logger, func() {
 		// Cleanup
-		srv.Stop()
+		if err := srv.Stop(); err != nil {
+			logger.Error("Error while stopping server", "err", err)
+		}
 	})

 	// Run forever.
@@ -683,44 +700,49 @@ func cmdKVStore(cmd *cobra.Command, args []string) error {

 //--------------------------------------------------------------------------------

-func printResponse(cmd *cobra.Command, args []string, rsp response) {
+func printResponse(cmd *cobra.Command, args []string, rsps ...response) {

 	if flagVerbose {
 		fmt.Println(">", cmd.Use, strings.Join(args, " "))
 	}

-	// Always print the status code.
-	if rsp.Code == types.CodeTypeOK {
-		fmt.Printf("-> code: OK\n")
-	} else {
-		fmt.Printf("-> code: %d\n", rsp.Code)
+	for _, rsp := range rsps {
+		// Always print the status code.
+		if rsp.Code == types.CodeTypeOK {
+			fmt.Printf("-> code: OK\n")
+		} else {
+			fmt.Printf("-> code: %d\n", rsp.Code)

-	}
+		}

-	if len(rsp.Data) != 0 {
-		// Do no print this line when using the commit command
-		// because the string comes out as gibberish
-		if cmd.Use != "commit" {
-			fmt.Printf("-> data: %s\n", rsp.Data)
+		if len(rsp.Data) != 0 {
+			// Do no print this line when using the commit command
+			// because the string comes out as gibberish
+			if cmd.Use != "commit" {
+				fmt.Printf("-> data: %s\n", rsp.Data)
+			}
+			fmt.Printf("-> data.hex: 0x%X\n", rsp.Data)
+		}
+		if rsp.Log != "" {
+			fmt.Printf("-> log: %s\n", rsp.Log)
+		}
+		if cmd.Use == "process_proposal" {
+			fmt.Printf("-> status: %s\n", types.ResponseProcessProposal_ProposalStatus_name[rsp.Status])
 		}
-		fmt.Printf("-> data.hex: 0x%X\n", rsp.Data)
-	}
-	if rsp.Log != "" {
-		fmt.Printf("-> log: %s\n", rsp.Log)
-	}

-	if rsp.Query != nil {
-		fmt.Printf("-> height: %d\n", rsp.Query.Height)
-		if rsp.Query.Key != nil {
-			fmt.Printf("-> key: %s\n", rsp.Query.Key)
-			fmt.Printf("-> key.hex: %X\n", rsp.Query.Key)
-		}
-		if rsp.Query.Value != nil {
-			fmt.Printf("-> value: %s\n", rsp.Query.Value)
-			fmt.Printf("-> value.hex: %X\n", rsp.Query.Value)
-		}
-		if rsp.Query.Proof != nil {
-			fmt.Printf("-> proof: %#v\n", rsp.Query.Proof)
+		if rsp.Query != nil {
+			fmt.Printf("-> height: %d\n", rsp.Query.Height)
+			if rsp.Query.Key != nil {
+				fmt.Printf("-> key: %s\n", rsp.Query.Key)
+				fmt.Printf("-> key.hex: %X\n", rsp.Query.Key)
+			}
+			if rsp.Query.Value != nil {
+				fmt.Printf("-> value: %s\n", rsp.Query.Value)
+				fmt.Printf("-> value.hex: %X\n", rsp.Query.Value)
+			}
+			if rsp.Query.ProofOps != nil {
+				fmt.Printf("-> proof: %#v\n", rsp.Query.ProofOps)
+			}
 		}
 	}
 }
--- a/abci/example/code/code.go
+++ b/abci/example/code/code.go
@@ -7,4 +7,5 @@ const (
 	CodeTypeBadNonce      uint32 = 2
 	CodeTypeUnauthorized  uint32 = 3
 	CodeTypeUnknownError  uint32 = 4
+	CodeTypeExecuted      uint32 = 5
 )
--- a/abci/example/counter/counter.go
+++ b/abci/example/counter/counter.go
@@ -1,103 +0,0 @@
-package counter
-
-import (
-	"encoding/binary"
-	"fmt"
-
-	"github.com/tendermint/tendermint/abci/example/code"
-	"github.com/tendermint/tendermint/abci/types"
-)
-
-type Application struct {
-	types.BaseApplication
-
-	hashCount int
-	txCount   int
-	serial    bool
-}
-
-func NewApplication(serial bool) *Application {
-	return &Application{serial: serial}
-}
-
-func (app *Application) Info(req types.RequestInfo) types.ResponseInfo {
-	return types.ResponseInfo{Data: fmt.Sprintf("{\"hashes\":%v,\"txs\":%v}", app.hashCount, app.txCount)}
-}
-
-func (app *Application) SetOption(req types.RequestSetOption) types.ResponseSetOption {
-	key, value := req.Key, req.Value
-	if key == "serial" && value == "on" {
-		app.serial = true
-	} else {
-		/*
-			TODO Panic and have the ABCI server pass an exception.
-			The client can call SetOptionSync() and get an `error`.
-			return types.ResponseSetOption{
-				Error: fmt.Sprintf("Unknown key (%s) or value (%s)", key, value),
-			}
-		*/
-		return types.ResponseSetOption{}
-	}
-
-	return types.ResponseSetOption{}
-}
-
-func (app *Application) DeliverTx(req types.RequestDeliverTx) types.ResponseDeliverTx {
-	if app.serial {
-		if len(req.Tx) > 8 {
-			return types.ResponseDeliverTx{
-				Code: code.CodeTypeEncodingError,
-				Log:  fmt.Sprintf("Max tx size is 8 bytes, got %d", len(req.Tx))}
-		}
-		tx8 := make([]byte, 8)
-		copy(tx8[len(tx8)-len(req.Tx):], req.Tx)
-		txValue := binary.BigEndian.Uint64(tx8)
-		if txValue != uint64(app.txCount) {
-			return types.ResponseDeliverTx{
-				Code: code.CodeTypeBadNonce,
-				Log:  fmt.Sprintf("Invalid nonce. Expected %v, got %v", app.txCount, txValue)}
-		}
-	}
-	app.txCount++
-	return types.ResponseDeliverTx{Code: code.CodeTypeOK}
-}
-
-func (app *Application) CheckTx(req types.RequestCheckTx) types.ResponseCheckTx {
-	if app.serial {
-		if len(req.Tx) > 8 {
-			return types.ResponseCheckTx{
-				Code: code.CodeTypeEncodingError,
-				Log:  fmt.Sprintf("Max tx size is 8 bytes, got %d", len(req.Tx))}
-		}
-		tx8 := make([]byte, 8)
-		copy(tx8[len(tx8)-len(req.Tx):], req.Tx)
-		txValue := binary.BigEndian.Uint64(tx8)
-		if txValue < uint64(app.txCount) {
-			return types.ResponseCheckTx{
-				Code: code.CodeTypeBadNonce,
-				Log:  fmt.Sprintf("Invalid nonce. Expected >= %v, got %v", app.txCount, txValue)}
-		}
-	}
-	return types.ResponseCheckTx{Code: code.CodeTypeOK}
-}
-
-func (app *Application) Commit() (resp types.ResponseCommit) {
-	app.hashCount++
-	if app.txCount == 0 {
-		return types.ResponseCommit{}
-	}
-	hash := make([]byte, 8)
-	binary.BigEndian.PutUint64(hash, uint64(app.txCount))
-	return types.ResponseCommit{Data: hash}
-}
-
-func (app *Application) Query(reqQuery types.RequestQuery) types.ResponseQuery {
-	switch reqQuery.Path {
-	case "hash":
-		return types.ResponseQuery{Value: []byte(fmt.Sprintf("%v", app.hashCount))}
-	case "tx":
-		return types.ResponseQuery{Value: []byte(fmt.Sprintf("%v", app.txCount))}
-	default:
-		return types.ResponseQuery{Log: fmt.Sprintf("Invalid query path. Expected hash or tx, got %v", reqQuery.Path)}
-	}
-}
--- a/abci/example/example_test.go
+++ b/abci/example/example_test.go
@@ -2,7 +2,9 @@ package example

 import (
 	"fmt"
+	"math/rand"
 	"net"
+	"os"
 	"reflect"
 	"testing"
 	"time"
@@ -23,6 +25,10 @@ import (
 	"github.com/tendermint/tendermint/abci/types"
 )

+func init() {
+	rand.Seed(time.Now().UnixNano())
+}
+
 func TestKVStore(t *testing.T) {
 	fmt.Println("### Testing KVStore")
 	testStream(t, kvstore.NewApplication())
@@ -40,22 +46,33 @@ func TestGRPC(t *testing.T) {

 func testStream(t *testing.T, app types.Application) {
 	numDeliverTxs := 20000
+	socketFile := fmt.Sprintf("test-%08x.sock", rand.Int31n(1<<30))
+	defer os.Remove(socketFile)
+	socket := fmt.Sprintf("unix://%v", socketFile)

 	// Start the listener
-	server := abciserver.NewSocketServer("unix://test.sock", app)
+	server := abciserver.NewSocketServer(socket, app)
 	server.SetLogger(log.TestingLogger().With("module", "abci-server"))
 	if err := server.Start(); err != nil {
 		require.NoError(t, err, "Error starting socket server")
 	}
-	defer server.Stop()
+	t.Cleanup(func() {
+		if err := server.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	// Connect to the socket
-	client := abcicli.NewSocketClient("unix://test.sock", false)
+	client := abcicli.NewSocketClient(socket, false)
 	client.SetLogger(log.TestingLogger().With("module", "abci-client"))
 	if err := client.Start(); err != nil {
 		t.Fatalf("Error starting socket client: %v", err.Error())
 	}
-	defer client.Stop()
+	t.Cleanup(func() {
+		if err := client.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	done := make(chan struct{})
 	counter := 0
@@ -113,21 +130,35 @@ func dialerFunc(ctx context.Context, addr string) (net.Conn, error) {

 func testGRPCSync(t *testing.T, app types.ABCIApplicationServer) {
 	numDeliverTxs := 2000
+	socketFile := fmt.Sprintf("/tmp/test-%08x.sock", rand.Int31n(1<<30))
+	defer os.Remove(socketFile)
+	socket := fmt.Sprintf("unix://%v", socketFile)

 	// Start the listener
-	server := abciserver.NewGRPCServer("unix://test.sock", app)
+	server := abciserver.NewGRPCServer(socket, app)
 	server.SetLogger(log.TestingLogger().With("module", "abci-server"))
 	if err := server.Start(); err != nil {
 		t.Fatalf("Error starting GRPC server: %v", err.Error())
 	}
-	defer server.Stop()
+
+	t.Cleanup(func() {
+		if err := server.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	// Connect to the socket
-	conn, err := grpc.Dial("unix://test.sock", grpc.WithInsecure(), grpc.WithContextDialer(dialerFunc))
+	//nolint:staticcheck // SA1019 Existing use of deprecated but supported dial option.
+	conn, err := grpc.Dial(socket, grpc.WithInsecure(), grpc.WithContextDialer(dialerFunc))
 	if err != nil {
 		t.Fatalf("Error dialing GRPC server: %v", err.Error())
 	}
-	defer conn.Close()
+
+	t.Cleanup(func() {
+		if err := conn.Close(); err != nil {
+			t.Error(err)
+		}
+	})

 	client := types.NewABCIApplicationClient(conn)

--- a/abci/example/js/.gitignore
+++ b/abci/example/js/.gitignore
@@ -1 +0,0 @@
-node_modules
--- a/abci/example/js/README.md
+++ b/abci/example/js/README.md
@@ -1 +0,0 @@
-This example has been moved here: https://github.com/tendermint/js-abci/tree/master/example
--- a/abci/example/kvstore/README.md
+++ b/abci/example/kvstore/README.md
@@ -21,11 +21,10 @@ The state is persisted in leveldb along with the last block committed,
 and the Handshake allows any necessary blocks to be replayed.
 Validator set changes are effected using the following transaction format:

-```
+```md
 "val:pubkey1!power1,pubkey2!power2,pubkey3!power3"
 ```

 where `pubkeyN` is a base64-encoded 32-byte ed25519 key and `powerN` is a new voting power for the validator with `pubkeyN` (possibly a new one).
 To remove a validator from the validator set, set power to `0`.
 There is no sybil protection against new validators joining. 
-
--- a/abci/example/kvstore/helpers.go
+++ b/abci/example/kvstore/helpers.go
@@ -10,7 +10,7 @@ import (
 func RandVal(i int) types.ValidatorUpdate {
 	pubkey := tmrand.Bytes(32)
 	power := tmrand.Uint16() + 1
-	v := types.Ed25519ValidatorUpdate(pubkey, int64(power))
+	v := types.UpdateValidator(pubkey, int64(power), "")
 	return v
 }

--- a/abci/example/kvstore/kvstore.go
+++ b/abci/example/kvstore/kvstore.go
@@ -6,18 +6,18 @@ import (
 	"encoding/json"
 	"fmt"

+	dbm "github.com/tendermint/tm-db"
+
 	"github.com/tendermint/tendermint/abci/example/code"
 	"github.com/tendermint/tendermint/abci/types"
-	"github.com/tendermint/tendermint/libs/kv"
 	"github.com/tendermint/tendermint/version"
-	dbm "github.com/tendermint/tm-db"
 )

 var (
 	stateKey        = []byte("stateKey")
 	kvPairPrefixKey = []byte("kvPairKey:")

-	ProtocolVersion version.Protocol = 0x1
+	ProtocolVersion uint64 = 0x1
 )

 type State struct {
@@ -49,7 +49,10 @@ func saveState(state State) {
 	if err != nil {
 		panic(err)
 	}
-	state.db.Set(stateKey, stateBytes)
+	err = state.db.Set(stateKey, stateBytes)
+	if err != nil {
+		panic(err)
+	}
 }

 func prefixKey(key []byte) []byte {
@@ -63,7 +66,9 @@ var _ types.Application = (*Application)(nil)
 type Application struct {
 	types.BaseApplication

-	state State
+	state        State
+	RetainBlocks int64 // blocks to retain after commit (via ResponseCommit.RetainHeight)
+	txToRemove   map[string]struct{}
 }

 func NewApplication() *Application {
@@ -74,8 +79,8 @@ func NewApplication() *Application {
 func (app *Application) Info(req types.RequestInfo) (resInfo types.ResponseInfo) {
 	return types.ResponseInfo{
 		Data:             fmt.Sprintf("{\"size\":%v}", app.state.Size),
-		Version:          version.ABCIVersion,
-		AppVersion:       ProtocolVersion.Uint64(),
+		Version:          version.ABCISemVer,
+		AppVersion:       ProtocolVersion,
 		LastBlockHeight:  app.state.Height,
 		LastBlockAppHash: app.state.AppHash,
 	}
@@ -83,23 +88,32 @@ func (app *Application) Info(req types.RequestInfo) (resInfo types.ResponseInfo)

 // tx is either "key=value" or just arbitrary bytes
 func (app *Application) DeliverTx(req types.RequestDeliverTx) types.ResponseDeliverTx {
-	var key, value []byte
+	if isReplacedTx(req.Tx) {
+		app.txToRemove[string(req.Tx)] = struct{}{}
+	}
+	var key, value string
+
 	parts := bytes.Split(req.Tx, []byte("="))
 	if len(parts) == 2 {
-		key, value = parts[0], parts[1]
+		key, value = string(parts[0]), string(parts[1])
 	} else {
-		key, value = req.Tx, req.Tx
+		key, value = string(req.Tx), string(req.Tx)
 	}

-	app.state.db.Set(prefixKey(key), value)
+	err := app.state.db.Set(prefixKey([]byte(key)), []byte(value))
+	if err != nil {
+		panic(err)
+	}
 	app.state.Size++

 	events := []types.Event{
 		{
 			Type: "app",
-			Attributes: []kv.Pair{
-				{Key: []byte("creator"), Value: []byte("Cosmoshi Netowoko")},
-				{Key: []byte("key"), Value: key},
+			Attributes: []types.EventAttribute{
+				{Key: "creator", Value: "Cosmoshi Netowoko", Index: true},
+				{Key: "key", Value: key, Index: true},
+				{Key: "index_key", Value: "index is working", Index: true},
+				{Key: "noindex_key", Value: "index is working", Index: false},
 			},
 		},
 	}
@@ -108,6 +122,11 @@ func (app *Application) DeliverTx(req types.RequestDeliverTx) types.ResponseDeli
 }

 func (app *Application) CheckTx(req types.RequestCheckTx) types.ResponseCheckTx {
+	if req.Type == types.CheckTxType_Recheck {
+		if _, ok := app.txToRemove[string(req.Tx)]; ok {
+			return types.ResponseCheckTx{Code: code.CodeTypeExecuted, GasWanted: 1}
+		}
+	}
 	return types.ResponseCheckTx{Code: code.CodeTypeOK, GasWanted: 1}
 }

@@ -117,8 +136,15 @@ func (app *Application) Commit() types.ResponseCommit {
 	binary.PutVarint(appHash, app.state.Size)
 	app.state.AppHash = appHash
 	app.state.Height++
+
+	// empty out the set of transactions to remove via rechecktx
 	saveState(app.state)
-	return types.ResponseCommit{Data: appHash}
+
+	resp := types.ResponseCommit{Data: appHash}
+	if app.RetainBlocks > 0 && app.state.Height >= app.RetainBlocks {
+		resp.RetainHeight = app.state.Height - app.RetainBlocks + 1
+	}
+	return resp
 }

 // Returns an associated value or nil if missing.
@@ -156,3 +182,18 @@ func (app *Application) Query(reqQuery types.RequestQuery) (resQuery types.Respo

 	return resQuery
 }
+
+func (app *Application) BeginBlock(req types.RequestBeginBlock) types.ResponseBeginBlock {
+	app.txToRemove = map[string]struct{}{}
+	return types.ResponseBeginBlock{}
+}
+
+func (app *Application) ProcessProposal(
+	req types.RequestProcessProposal) types.ResponseProcessProposal {
+	for _, tx := range req.Txs {
+		if len(tx) == 0 {
+			return types.ResponseProcessProposal{Status: types.ResponseProcessProposal_REJECT}
+		}
+	}
+	return types.ResponseProcessProposal{Status: types.ResponseProcessProposal_ACCEPT}
+}
--- a/abci/example/kvstore/kvstore_test.go
+++ b/abci/example/kvstore/kvstore_test.go
@@ -1,9 +1,8 @@
 package kvstore

 import (
-	"bytes"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"sort"
 	"testing"

@@ -16,6 +15,7 @@ import (
 	"github.com/tendermint/tendermint/abci/example/code"
 	abciserver "github.com/tendermint/tendermint/abci/server"
 	"github.com/tendermint/tendermint/abci/types"
+	tmproto "github.com/tendermint/tendermint/proto/tendermint/types"
 )

 const (
@@ -71,7 +71,7 @@ func TestKVStoreKV(t *testing.T) {
 }

 func TestPersistentKVStoreKV(t *testing.T) {
-	dir, err := ioutil.TempDir("/tmp", "abci-kvstore-test") // TODO
+	dir, err := os.MkdirTemp("/tmp", "abci-kvstore-test") // TODO
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -87,7 +87,7 @@ func TestPersistentKVStoreKV(t *testing.T) {
 }

 func TestPersistentKVStoreInfo(t *testing.T) {
-	dir, err := ioutil.TempDir("/tmp", "abci-kvstore-test") // TODO
+	dir, err := os.MkdirTemp("/tmp", "abci-kvstore-test") // TODO
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -103,7 +103,7 @@ func TestPersistentKVStoreInfo(t *testing.T) {
 	// make and apply block
 	height = int64(1)
 	hash := []byte("foo")
-	header := types.Header{
+	header := tmproto.Header{
 		Height: height,
 	}
 	kvstore.BeginBlock(types.RequestBeginBlock{Hash: hash, Header: header})
@@ -119,7 +119,7 @@ func TestPersistentKVStoreInfo(t *testing.T) {

 // add a validator, remove a validator, update a validator
 func TestValUpdates(t *testing.T) {
-	dir, err := ioutil.TempDir("/tmp", "abci-kvstore-test") // TODO
+	dir, err := os.MkdirTemp("/tmp", "abci-kvstore-test") // TODO
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -129,7 +129,7 @@ func TestValUpdates(t *testing.T) {
 	total := 10
 	nInit := 5
 	vals := RandVals(total)
-	// iniitalize with the first nInit
+	// initialize with the first nInit
 	kvstore.InitChain(types.RequestInitChain{
 		Validators: vals[:nInit],
 	})
@@ -162,7 +162,7 @@ func TestValUpdates(t *testing.T) {

 	makeApplyBlock(t, kvstore, 2, diff, tx1, tx2, tx3)

-	vals1 = append(vals[:nInit-2], vals[nInit+1]) // nolint: gocritic
+	vals1 = append(vals[:nInit-2], vals[nInit+1]) //nolint: gocritic
 	vals2 = kvstore.Validators()
 	valsEqual(t, vals1, vals2)

@@ -193,7 +193,7 @@ func makeApplyBlock(
 	// make and apply block
 	height := int64(heightInt)
 	hash := []byte("foo")
-	header := types.Header{
+	header := tmproto.Header{
 		Height: height,
 	}

@@ -219,7 +219,7 @@ func valsEqual(t *testing.T, vals1, vals2 []types.ValidatorUpdate) {
 	sort.Sort(types.ValidatorUpdates(vals2))
 	for i, v1 := range vals1 {
 		v2 := vals2[i]
-		if !bytes.Equal(v1.PubKey.Data, v2.PubKey.Data) ||
+		if !v1.PubKey.Equal(v2.PubKey) ||
 			v1.Power != v2.Power {
 			t.Fatalf("vals dont match at index %d. got %X/%d , expected %X/%d", i, v2.PubKey, v2.Power, v1.PubKey, v1.Power)
 		}
@@ -241,7 +241,9 @@ func makeSocketClientServer(app types.Application, name string) (abcicli.Client,
 	client := abcicli.NewSocketClient(socket, false)
 	client.SetLogger(logger.With("module", "abci-client"))
 	if err := client.Start(); err != nil {
-		server.Stop()
+		if err = server.Stop(); err != nil {
+			return nil, nil, err
+		}
 		return nil, nil, err
 	}

@@ -263,7 +265,9 @@ func makeGRPCClientServer(app types.Application, name string) (abcicli.Client, s
 	client := abcicli.NewGRPCClient(socket, true)
 	client.SetLogger(logger.With("module", "abci-client"))
 	if err := client.Start(); err != nil {
-		server.Stop()
+		if err := server.Stop(); err != nil {
+			return nil, nil, err
+		}
 		return nil, nil, err
 	}
 	return client, server, nil
@@ -273,18 +277,35 @@ func TestClientServer(t *testing.T) {
 	// set up socket app
 	kvstore := NewApplication()
 	client, server, err := makeSocketClientServer(kvstore, "kvstore-socket")
-	require.Nil(t, err)
-	defer server.Stop()
-	defer client.Stop()
+	require.NoError(t, err)
+	t.Cleanup(func() {
+		if err := server.Stop(); err != nil {
+			t.Error(err)
+		}
+	})
+	t.Cleanup(func() {
+		if err := client.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	runClientTests(t, client)

 	// set up grpc app
 	kvstore = NewApplication()
-	gclient, gserver, err := makeGRPCClientServer(kvstore, "kvstore-grpc")
-	require.Nil(t, err)
-	defer gserver.Stop()
-	defer gclient.Stop()
+	gclient, gserver, err := makeGRPCClientServer(kvstore, "/tmp/kvstore-grpc")
+	require.NoError(t, err)
+
+	t.Cleanup(func() {
+		if err := gserver.Stop(); err != nil {
+			t.Error(err)
+		}
+	})
+	t.Cleanup(func() {
+		if err := gclient.Stop(); err != nil {
+			t.Error(err)
+		}
+	})

 	runClientTests(t, gclient)
 }
--- a/abci/example/kvstore/persistent_kvstore.go
+++ b/abci/example/kvstore/persistent_kvstore.go
@@ -7,12 +7,13 @@ import (
 	"strconv"
 	"strings"

+	dbm "github.com/tendermint/tm-db"
+
 	"github.com/tendermint/tendermint/abci/example/code"
 	"github.com/tendermint/tendermint/abci/types"
-	"github.com/tendermint/tendermint/crypto/ed25519"
+	cryptoenc "github.com/tendermint/tendermint/crypto/encoding"
 	"github.com/tendermint/tendermint/libs/log"
-	tmtypes "github.com/tendermint/tendermint/types"
-	dbm "github.com/tendermint/tm-db"
+	pc "github.com/tendermint/tendermint/proto/tendermint/crypto"
 )

 const (
@@ -29,7 +30,7 @@ type PersistentKVStoreApplication struct {
 	// validator set
 	ValUpdates []types.ValidatorUpdate

-	valAddrToPubKeyMap map[string]types.PubKey
+	valAddrToPubKeyMap map[string]pc.PublicKey

 	logger log.Logger
 }
@@ -44,8 +45,11 @@ func NewPersistentKVStoreApplication(dbDir string) *PersistentKVStoreApplication
 	state := loadState(db)

 	return &PersistentKVStoreApplication{
-		app:                &Application{state: state},
-		valAddrToPubKeyMap: make(map[string]types.PubKey),
+		app: &Application{
+			state:      state,
+			txToRemove: map[string]struct{}{},
+		},
+		valAddrToPubKeyMap: make(map[string]pc.PublicKey),
 		logger:             log.NewNopLogger(),
 	}
 }
@@ -61,10 +65,6 @@ func (app *PersistentKVStoreApplication) Info(req types.RequestInfo) types.Respo
 	return res
 }

-func (app *PersistentKVStoreApplication) SetOption(req types.RequestSetOption) types.ResponseSetOption {
-	return app.app.SetOption(req)
-}
-
 // tx is either "val:pubkey!power" or "key=value" or just arbitrary bytes
 func (app *PersistentKVStoreApplication) DeliverTx(req types.RequestDeliverTx) types.ResponseDeliverTx {
 	// if it starts with "val:", update the validator set
@@ -75,6 +75,10 @@ func (app *PersistentKVStoreApplication) DeliverTx(req types.RequestDeliverTx) t
 		return app.execValidatorTx(req.Tx)
 	}

+	if isPrepareTx(req.Tx) {
+		return app.execPrepareTx(req.Tx)
+	}
+
 	// otherwise, update the key-value store
 	return app.app.DeliverTx(req)
 }
@@ -123,19 +127,25 @@ func (app *PersistentKVStoreApplication) BeginBlock(req types.RequestBeginBlock)
 	// reset valset changes
 	app.ValUpdates = make([]types.ValidatorUpdate, 0)

+	// Punish validators who committed equivocation.
 	for _, ev := range req.ByzantineValidators {
-		if ev.Type == tmtypes.ABCIEvidenceTypeDuplicateVote {
-			// decrease voting power by 1
-			if ev.TotalVotingPower == 0 {
-				continue
+		if ev.Type == types.MisbehaviorType_DUPLICATE_VOTE {
+			addr := string(ev.Validator.Address)
+			if pubKey, ok := app.valAddrToPubKeyMap[addr]; ok {
+				app.updateValidator(types.ValidatorUpdate{
+					PubKey: pubKey,
+					Power:  ev.Validator.Power - 1,
+				})
+				app.logger.Info("Decreased val power by 1 because of the equivocation",
+					"val", addr)
+			} else {
+				app.logger.Error("Wanted to punish val, but can't find it",
+					"val", addr)
 			}
-			app.updateValidator(types.ValidatorUpdate{
-				PubKey: app.valAddrToPubKeyMap[string(ev.Validator.Address)],
-				Power:  ev.TotalVotingPower - 1,
-			})
 		}
 	}
-	return types.ResponseBeginBlock{}
+
+	return app.app.BeginBlock(req)
 }

 // Update the validator set
@@ -143,6 +153,41 @@ func (app *PersistentKVStoreApplication) EndBlock(req types.RequestEndBlock) typ
 	return types.ResponseEndBlock{ValidatorUpdates: app.ValUpdates}
 }

+func (app *PersistentKVStoreApplication) ListSnapshots(
+	req types.RequestListSnapshots) types.ResponseListSnapshots {
+	return types.ResponseListSnapshots{}
+}
+
+func (app *PersistentKVStoreApplication) LoadSnapshotChunk(
+	req types.RequestLoadSnapshotChunk) types.ResponseLoadSnapshotChunk {
+	return types.ResponseLoadSnapshotChunk{}
+}
+
+func (app *PersistentKVStoreApplication) OfferSnapshot(
+	req types.RequestOfferSnapshot) types.ResponseOfferSnapshot {
+	return types.ResponseOfferSnapshot{Result: types.ResponseOfferSnapshot_ABORT}
+}
+
+func (app *PersistentKVStoreApplication) ApplySnapshotChunk(
+	req types.RequestApplySnapshotChunk) types.ResponseApplySnapshotChunk {
+	return types.ResponseApplySnapshotChunk{Result: types.ResponseApplySnapshotChunk_ABORT}
+}
+
+func (app *PersistentKVStoreApplication) PrepareProposal(
+	req types.RequestPrepareProposal) types.ResponsePrepareProposal {
+	return types.ResponsePrepareProposal{Txs: app.substPrepareTx(req.Txs, req.MaxTxBytes)}
+}
+
+func (app *PersistentKVStoreApplication) ProcessProposal(
+	req types.RequestProcessProposal) types.ResponseProcessProposal {
+	for _, tx := range req.Txs {
+		if len(tx) == 0 || isPrepareTx(tx) {
+			return types.ResponseProcessProposal{Status: types.ResponseProcessProposal_REJECT}
+		}
+	}
+	return types.ResponseProcessProposal{Status: types.ResponseProcessProposal_ACCEPT}
+}
+
 //---------------------------------------------
 // update validators

@@ -161,11 +206,18 @@ func (app *PersistentKVStoreApplication) Validators() (validators []types.Valida
 			validators = append(validators, *validator)
 		}
 	}
+	if err = itr.Error(); err != nil {
+		panic(err)
+	}
 	return
 }

-func MakeValSetChangeTx(pubkey types.PubKey, power int64) []byte {
-	pubStr := base64.StdEncoding.EncodeToString(pubkey.Data)
+func MakeValSetChangeTx(pubkey pc.PublicKey, power int64) []byte {
+	pk, err := cryptoenc.PubKeyFromProto(pubkey)
+	if err != nil {
+		panic(err)
+	}
+	pubStr := base64.StdEncoding.EncodeToString(pk.Bytes())
 	return []byte(fmt.Sprintf("val:%s!%d", pubStr, power))
 }

@@ -178,7 +230,7 @@ func isValidatorTx(tx []byte) bool {
 func (app *PersistentKVStoreApplication) execValidatorTx(tx []byte) types.ResponseDeliverTx {
 	tx = tx[len(ValidatorSetChangePrefix):]

-	//get the pubkey and power
+	//  get the pubkey and power
 	pubKeyAndPower := strings.Split(string(tx), "!")
 	if len(pubKeyAndPower) != 2 {
 		return types.ResponseDeliverTx{
@@ -204,15 +256,16 @@ func (app *PersistentKVStoreApplication) execValidatorTx(tx []byte) types.Respon
 	}

 	// update
-	return app.updateValidator(types.Ed25519ValidatorUpdate(pubkey, power))
+	return app.updateValidator(types.UpdateValidator(pubkey, power, ""))
 }

 // add, update, or remove a validator
 func (app *PersistentKVStoreApplication) updateValidator(v types.ValidatorUpdate) types.ResponseDeliverTx {
-	key := []byte("val:" + string(v.PubKey.Data))
-
-	pubkey := ed25519.PubKeyEd25519{}
-	copy(pubkey[:], v.PubKey.Data)
+	pubkey, err := cryptoenc.PubKeyFromProto(v.PubKey)
+	if err != nil {
+		panic(fmt.Errorf("can't decode public key: %w", err))
+	}
+	key := []byte("val:" + string(pubkey.Bytes()))

 	if v.Power == 0 {
 		// remove validator
@@ -221,12 +274,14 @@ func (app *PersistentKVStoreApplication) updateValidator(v types.ValidatorUpdate
 			panic(err)
 		}
 		if !hasKey {
-			pubStr := base64.StdEncoding.EncodeToString(v.PubKey.Data)
+			pubStr := base64.StdEncoding.EncodeToString(pubkey.Bytes())
 			return types.ResponseDeliverTx{
 				Code: code.CodeTypeUnauthorized,
 				Log:  fmt.Sprintf("Cannot remove non-existent validator %s", pubStr)}
 		}
-		app.app.state.db.Delete(key)
+		if err = app.app.state.db.Delete(key); err != nil {
+			panic(err)
+		}
 		delete(app.valAddrToPubKeyMap, string(pubkey.Address()))
 	} else {
 		// add or update validator
@@ -236,7 +291,9 @@ func (app *PersistentKVStoreApplication) updateValidator(v types.ValidatorUpdate
 				Code: code.CodeTypeEncodingError,
 				Log:  fmt.Sprintf("Error encoding validator: %v", err)}
 		}
-		app.app.state.db.Set(key, value.Bytes())
+		if err = app.app.state.db.Set(key, value.Bytes()); err != nil {
+			panic(err)
+		}
 		app.valAddrToPubKeyMap[string(pubkey.Address())] = v.PubKey
 	}

@@ -245,3 +302,42 @@ func (app *PersistentKVStoreApplication) updateValidator(v types.ValidatorUpdate

 	return types.ResponseDeliverTx{Code: code.CodeTypeOK}
 }
+
+// -----------------------------
+
+const (
+	PreparePrefix = "prepare"
+	ReplacePrefix = "replace"
+)
+
+func isPrepareTx(tx []byte) bool { return bytes.HasPrefix(tx, []byte(PreparePrefix)) }
+
+func isReplacedTx(tx []byte) bool {
+	return bytes.HasPrefix(tx, []byte(ReplacePrefix))
+}
+
+// execPrepareTx is noop. tx data is considered as placeholder
+// and is substitute at the PrepareProposal.
+func (app *PersistentKVStoreApplication) execPrepareTx(tx []byte) types.ResponseDeliverTx {
+	// noop
+	return types.ResponseDeliverTx{}
+}
+
+// substPrepareTx substitutes all the transactions prefixed with 'prepare' in the
+// proposal for transactions with the prefix stripped.
+func (app *PersistentKVStoreApplication) substPrepareTx(blockData [][]byte, maxTxBytes int64) [][]byte {
+	txs := make([][]byte, 0, len(blockData))
+	var totalBytes int64
+	for _, tx := range blockData {
+		txMod := tx
+		if isPrepareTx(tx) {
+			txMod = bytes.Replace(tx, []byte(PreparePrefix), []byte(ReplacePrefix), 1)
+		}
+		totalBytes += int64(len(txMod))
+		if totalBytes > maxTxBytes {
+			break
+		}
+		txs = append(txs, txMod)
+	}
+	return txs
+}
--- a/abci/example/python/abci/msg.py
+++ b/abci/example/python/abci/msg.py
@@ -1,50 +0,0 @@
-from wire import decode_string
-
-# map type_byte to message name
-message_types = {
-    0x01: "echo",
-    0x02: "flush",
-    0x03: "info",
-    0x04: "set_option",
-    0x21: "deliver_tx",
-    0x22: "check_tx",
-    0x23: "commit",
-    0x24: "add_listener",
-    0x25: "rm_listener",
-}
-
-# return the decoded arguments of abci messages
-
-class RequestDecoder():
-
-    def __init__(self, reader):
-        self.reader = reader
-
-    def echo(self):
-        return decode_string(self.reader)
-
-    def flush(self):
-        return
-
-    def info(self):
-        return
-
-    def set_option(self):
-        return decode_string(self.reader), decode_string(self.reader)
-
-    def deliver_tx(self):
-        return decode_string(self.reader)
-
-    def check_tx(self):
-        return decode_string(self.reader)
-
-    def commit(self):
-        return
-
-    def add_listener(self):
-        # TODO
-        return
-
-    def rm_listener(self):
-        # TODO
-        return
--- a/abci/example/python/abci/reader.py
+++ b/abci/example/python/abci/reader.py
@@ -1,56 +0,0 @@
-
-# Simple read() method around a bytearray
-
-
-class BytesBuffer():
-
-    def __init__(self, b):
-        self.buf = b
-        self.readCount = 0
-
-    def count(self):
-        return self.readCount
-
-    def reset_count(self):
-        self.readCount = 0
-
-    def size(self):
-        return len(self.buf)
-
-    def peek(self):
-        return self.buf[0]
-
-    def write(self, b):
-        # b should be castable to byte array
-        self.buf += bytearray(b)
-
-    def read(self, n):
-        if len(self.buf) < n:
-            print "reader err: buf less than n"
-            # TODO: exception
-            return
-        self.readCount += n
-        r = self.buf[:n]
-        self.buf = self.buf[n:]
-        return r
-
-# Buffer bytes off a tcp connection and read them off in chunks
-
-
-class ConnReader():
-
-    def __init__(self, conn):
-        self.conn = conn
-        self.buf = bytearray()
-
-    # blocking
-    def read(self, n):
-        while n > len(self.buf):
-            moreBuf = self.conn.recv(1024)
-            if not moreBuf:
-                raise IOError("dead connection")
-            self.buf = self.buf + bytearray(moreBuf)
-
-        r = self.buf[:n]
-        self.buf = self.buf[n:]
-        return r
--- a/abci/example/python/abci/server.py
+++ b/abci/example/python/abci/server.py
@@ -1,202 +0,0 @@
-import socket
-import select
-import sys
-
-from wire import decode_varint, encode
-from reader import BytesBuffer
-from msg import RequestDecoder, message_types
-
-# hold the asyncronous state of a connection
-# ie. we may not get enough bytes on one read to decode the message
-
-class Connection():
-
-    def __init__(self, fd, app):
-        self.fd = fd
-        self.app = app
-        self.recBuf = BytesBuffer(bytearray())
-        self.resBuf = BytesBuffer(bytearray())
-        self.msgLength = 0
-        self.decoder = RequestDecoder(self.recBuf)
-        self.inProgress = False  # are we in the middle of a message
-
-    def recv(this):
-        data = this.fd.recv(1024)
-        if not data:  # what about len(data) == 0
-            raise IOError("dead connection")
-        this.recBuf.write(data)
-
-# ABCI server responds to messges by calling methods on the app
-
-class ABCIServer():
-
-    def __init__(self, app, port=5410):
-        self.app = app
-        # map conn file descriptors to (app, reqBuf, resBuf, msgDecoder)
-        self.appMap = {}
-
-        self.port = port
-        self.listen_backlog = 10
-
-        self.listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        self.listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-        self.listener.setblocking(0)
-        self.listener.bind(('', port))
-
-        self.listener.listen(self.listen_backlog)
-
-        self.shutdown = False
-
-        self.read_list = [self.listener]
-        self.write_list = []
-
-    def handle_new_connection(self, r):
-        new_fd, new_addr = r.accept()
-        new_fd.setblocking(0)  # non-blocking
-        self.read_list.append(new_fd)
-        self.write_list.append(new_fd)
-        print 'new connection to', new_addr
-
-        self.appMap[new_fd] = Connection(new_fd, self.app)
-
-    def handle_conn_closed(self, r):
-        self.read_list.remove(r)
-        self.write_list.remove(r)
-        r.close()
-        print "connection closed"
-
-    def handle_recv(self, r):
-        #  app, recBuf, resBuf, conn
-        conn = self.appMap[r]
-        while True:
-            try:
-                print "recv loop"
-                # check if we need more data first
-                if conn.inProgress:
-                    if (conn.msgLength == 0 or conn.recBuf.size() < conn.msgLength):
-                        conn.recv()
-                else:
-                    if conn.recBuf.size() == 0:
-                        conn.recv()
-
-                conn.inProgress = True
-
-                # see if we have enough to get the message length
-                if conn.msgLength == 0:
-                    ll = conn.recBuf.peek()
-                    if conn.recBuf.size() < 1 + ll:
-                        # we don't have enough bytes to read the length yet
-                        return
-                    print "decoding msg length"
-                    conn.msgLength = decode_varint(conn.recBuf)
-
-                # see if we have enough to decode the message
-                if conn.recBuf.size() < conn.msgLength:
-                    return
-
-                # now we can decode the message
-
-                # first read the request type and get the particular msg
-                # decoder
-                typeByte = conn.recBuf.read(1)
-                typeByte = int(typeByte[0])
-                resTypeByte = typeByte + 0x10
-                req_type = message_types[typeByte]
-
-                if req_type == "flush":
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.fd.send(str(conn.resBuf.buf))
-                    conn.msgLength = 0
-                    conn.inProgress = False
-                    conn.resBuf = BytesBuffer(bytearray())
-                    return
-
-                decoder = getattr(conn.decoder, req_type)
-
-                print "decoding args"
-                req_args = decoder()
-                print "got args", req_args
-
-                # done decoding message
-                conn.msgLength = 0
-                conn.inProgress = False
-
-                req_f = getattr(conn.app, req_type)
-                if req_args is None:
-                    res = req_f()
-                elif isinstance(req_args, tuple):
-                    res = req_f(*req_args)
-                else:
-                    res = req_f(req_args)
-
-                if isinstance(res, tuple):
-                    res, ret_code = res
-                else:
-                    ret_code = res
-                    res = None
-
-                print "called", req_type, "ret code:", ret_code
-                if ret_code != 0:
-                    print "non-zero retcode:", ret_code
-
-                if req_type in ("echo", "info"):  # these dont return a ret code
-                    enc = encode(res)
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(len(enc) + 1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.resBuf.write(enc)
-                else:
-                    enc, encRet = encode(res), encode(ret_code)
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(len(enc) + len(encRet) + 1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.resBuf.write(encRet)
-                    conn.resBuf.write(enc)
-            except TypeError as e:
-                print "TypeError on reading from connection:", e
-                self.handle_conn_closed(r)
-                return
-            except ValueError as e:
-                print "ValueError on reading from connection:", e
-                self.handle_conn_closed(r)
-                return
-            except IOError as e:
-                print "IOError on reading from connection:", e
-                self.handle_conn_closed(r)
-                return
-            except Exception as e:
-                # sys.exc_info()[0] # TODO better
-                print "error reading from connection", str(e)
-                self.handle_conn_closed(r)
-                return
-
-    def main_loop(self):
-        while not self.shutdown:
-            r_list, w_list, _ = select.select(
-                self.read_list, self.write_list, [], 2.5)
-
-            for r in r_list:
-                if (r == self.listener):
-                    try:
-                        self.handle_new_connection(r)
-                        # undo adding to read list ...
-                    except NameError as e:
-                        print "Could not connect due to NameError:", e
-                    except TypeError as e:
-                        print "Could not connect due to TypeError:", e
-                    except:
-                        print "Could not connect due to unexpected error:", sys.exc_info()[0]
-                else:
-                    self.handle_recv(r)
-
-    def handle_shutdown(self):
-        for r in self.read_list:
-            r.close()
-        for w in self.write_list:
-            try:
-                w.close()
-            except Exception as e:
-                print(e)  # TODO: add logging
-        self.shutdown = True
--- a/abci/example/python/abci/wire.py
+++ b/abci/example/python/abci/wire.py
@@ -1,115 +0,0 @@
-
-# the decoder works off a reader
-# the encoder returns bytearray
-
-
-def hex2bytes(h):
-    return bytearray(h.decode('hex'))
-
-
-def bytes2hex(b):
-    if type(b) in (str, unicode):
-        return "".join([hex(ord(c))[2:].zfill(2) for c in b])
-    else:
-        return bytes2hex(b.decode())
-
-
-# expects uvarint64 (no crazy big nums!)
-def uvarint_size(i):
-    if i == 0:
-        return 0
-    for j in xrange(1, 8):
-        if i < 1 << j * 8:
-            return j
-    return 8
-
-# expects i < 2**size
-
-
-def encode_big_endian(i, size):
-    if size == 0:
-        return bytearray()
-    return encode_big_endian(i / 256, size - 1) + bytearray([i % 256])
-
-
-def decode_big_endian(reader, size):
-    if size == 0:
-        return 0
-    firstByte = reader.read(1)[0]
-    return firstByte * (256 ** (size - 1)) + decode_big_endian(reader, size - 1)
-
-# ints are max 16 bytes long
-
-
-def encode_varint(i):
-    negate = False
-    if i < 0:
-        negate = True
-        i = -i
-    size = uvarint_size(i)
-    if size == 0:
-        return bytearray([0])
-    big_end = encode_big_endian(i, size)
-    if negate:
-        size += 0xF0
-    return bytearray([size]) + big_end
-
-# returns the int and whats left of the byte array
-
-
-def decode_varint(reader):
-    size = reader.read(1)[0]
-    if size == 0:
-        return 0
-
-    negate = True if size > int(0xF0) else False
-    if negate:
-        size = size - 0xF0
-    i = decode_big_endian(reader, size)
-    if negate:
-        i = i * (-1)
-    return i
-
-
-def encode_string(s):
-    size = encode_varint(len(s))
-    return size + bytearray(s)
-
-
-def decode_string(reader):
-    length = decode_varint(reader)
-    return str(reader.read(length))
-
-
-def encode_list(s):
-    b = bytearray()
-    map(b.extend, map(encode, s))
-    return encode_varint(len(s)) + b
-
-
-def encode(s):
-    if s is None:
-        return bytearray()
-    if isinstance(s, int):
-        return encode_varint(s)
-    elif isinstance(s, str):
-        return encode_string(s)
-    elif isinstance(s, list):
-        return encode_list(s)
-    else:
-        print "UNSUPPORTED TYPE!", type(s), s
-
-
-if __name__ == '__main__':
-    ns = [100, 100, 1000, 256]
-    ss = [2, 5, 5, 2]
-    bs = map(encode_big_endian, ns, ss)
-    ds = map(decode_big_endian, bs, ss)
-    print ns
-    print [i[0] for i in ds]
-
-    ss = ["abc", "hi there jim", "ok now what"]
-    e = map(encode_string, ss)
-    d = map(decode_string, e)
-    print ss
-    print [i[0] for i in d]
--- a/abci/example/python/app.py
+++ b/abci/example/python/app.py
@@ -1,82 +0,0 @@
-import sys
-
-from abci.wire import hex2bytes, decode_big_endian, encode_big_endian
-from abci.server import ABCIServer
-from abci.reader import BytesBuffer
-
-
-class CounterApplication():
-
-    def __init__(self):
-        sys.exit("The python example is out of date.  Upgrading the Python examples is currently left as an exercise to you.")
-        self.hashCount = 0
-        self.txCount = 0
-        self.serial = False
-
-    def echo(self, msg):
-        return msg, 0
-
-    def info(self):
-        return ["hashes:%d, txs:%d" % (self.hashCount, self.txCount)], 0
-
-    def set_option(self, key, value):
-        if key == "serial" and value == "on":
-            self.serial = True
-        return 0
-
-    def deliver_tx(self, txBytes):
-        if self.serial:
-            txByteArray = bytearray(txBytes)
-            if len(txBytes) >= 2 and txBytes[:2] == "0x":
-                txByteArray = hex2bytes(txBytes[2:])
-            txValue = decode_big_endian(
-                BytesBuffer(txByteArray), len(txBytes))
-            if txValue != self.txCount:
-                return None, 6
-        self.txCount += 1
-        return None, 0
-
-    def check_tx(self, txBytes):
-        if self.serial:
-            txByteArray = bytearray(txBytes)
-            if len(txBytes) >= 2 and txBytes[:2] == "0x":
-                txByteArray = hex2bytes(txBytes[2:])
-            txValue = decode_big_endian(
-                BytesBuffer(txByteArray), len(txBytes))
-            if txValue < self.txCount:
-                return 6
-        return 0
-
-    def commit(self):
-        self.hashCount += 1
-        if self.txCount == 0:
-            return "", 0
-        h = encode_big_endian(self.txCount, 8)
-        h.reverse()
-        return str(h), 0
-
-    def add_listener(self):
-        return 0
-
-    def rm_listener(self):
-        return 0
-
-    def event(self):
-        return
-
-
-if __name__ == '__main__':
-    l = len(sys.argv)
-    if l == 1:
-        port = 26658
-    elif l == 2:
-        port = int(sys.argv[1])
-    else:
-        print "too many arguments"
-        quit()
-
-    print 'ABCI Demo APP (Python)'
-
-    app = CounterApplication()
-    server = ABCIServer(app, port)
-    server.main_loop()
--- a/abci/example/python3/abci/msg.py
+++ b/abci/example/python3/abci/msg.py
@@ -1,50 +0,0 @@
-from .wire import decode_string
-
-# map type_byte to message name
-message_types = {
-    0x01: "echo",
-    0x02: "flush",
-    0x03: "info",
-    0x04: "set_option",
-    0x21: "deliver_tx",
-    0x22: "check_tx",
-    0x23: "commit",
-    0x24: "add_listener",
-    0x25: "rm_listener",
-}
-
-# return the decoded arguments of abci messages
-
-class RequestDecoder():
-
-    def __init__(self, reader):
-        self.reader = reader
-
-    def echo(self):
-        return decode_string(self.reader)
-
-    def flush(self):
-        return
-
-    def info(self):
-        return
-
-    def set_option(self):
-        return decode_string(self.reader), decode_string(self.reader)
-
-    def deliver_tx(self):
-        return decode_string(self.reader)
-
-    def check_tx(self):
-        return decode_string(self.reader)
-
-    def commit(self):
-        return
-
-    def add_listener(self):
-        # TODO
-        return
-
-    def rm_listener(self):
-        # TODO
-        return
--- a/abci/example/python3/abci/reader.py
+++ b/abci/example/python3/abci/reader.py
@@ -1,56 +0,0 @@
-
-# Simple read() method around a bytearray
-
-
-class BytesBuffer():
-
-    def __init__(self, b):
-        self.buf = b
-        self.readCount = 0
-
-    def count(self):
-        return self.readCount
-
-    def reset_count(self):
-        self.readCount = 0
-
-    def size(self):
-        return len(self.buf)
-
-    def peek(self):
-        return self.buf[0]
-
-    def write(self, b):
-        # b should be castable to byte array
-        self.buf += bytearray(b)
-
-    def read(self, n):
-        if len(self.buf) < n:
-            print("reader err: buf less than n")
-            # TODO: exception
-            return
-        self.readCount += n
-        r = self.buf[:n]
-        self.buf = self.buf[n:]
-        return r
-
-# Buffer bytes off a tcp connection and read them off in chunks
-
-
-class ConnReader():
-
-    def __init__(self, conn):
-        self.conn = conn
-        self.buf = bytearray()
-
-    # blocking
-    def read(self, n):
-        while n > len(self.buf):
-            moreBuf = self.conn.recv(1024)
-            if not moreBuf:
-                raise IOError("dead connection")
-            self.buf = self.buf + bytearray(moreBuf)
-
-        r = self.buf[:n]
-        self.buf = self.buf[n:]
-        return r
--- a/abci/example/python3/abci/server.py
+++ b/abci/example/python3/abci/server.py
@@ -1,196 +0,0 @@
-import socket
-import select
-import sys
-import logging
-
-from .wire import decode_varint, encode
-from .reader import BytesBuffer
-from .msg import RequestDecoder, message_types
-
-# hold the asyncronous state of a connection
-# ie. we may not get enough bytes on one read to decode the message
-
-logger = logging.getLogger(__name__)
-
-class Connection():
-
-    def __init__(self, fd, app):
-        self.fd = fd
-        self.app = app
-        self.recBuf = BytesBuffer(bytearray())
-        self.resBuf = BytesBuffer(bytearray())
-        self.msgLength = 0
-        self.decoder = RequestDecoder(self.recBuf)
-        self.inProgress = False  # are we in the middle of a message
-
-    def recv(this):
-        data = this.fd.recv(1024)
-        if not data:  # what about len(data) == 0
-            raise IOError("dead connection")
-        this.recBuf.write(data)
-
-# ABCI server responds to messges by calling methods on the app
-
-class ABCIServer():
-
-    def __init__(self, app, port=5410):
-        self.app = app
-        # map conn file descriptors to (app, reqBuf, resBuf, msgDecoder)
-        self.appMap = {}
-
-        self.port = port
-        self.listen_backlog = 10
-
-        self.listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        self.listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-        self.listener.setblocking(0)
-        self.listener.bind(('', port))
-
-        self.listener.listen(self.listen_backlog)
-
-        self.shutdown = False
-
-        self.read_list = [self.listener]
-        self.write_list = []
-
-    def handle_new_connection(self, r):
-        new_fd, new_addr = r.accept()
-        new_fd.setblocking(0)  # non-blocking
-        self.read_list.append(new_fd)
-        self.write_list.append(new_fd)
-        print('new connection to', new_addr)
-
-        self.appMap[new_fd] = Connection(new_fd, self.app)
-
-    def handle_conn_closed(self, r):
-        self.read_list.remove(r)
-        self.write_list.remove(r)
-        r.close()
-        print("connection closed")
-
-    def handle_recv(self, r):
-        #  app, recBuf, resBuf, conn
-        conn = self.appMap[r]
-        while True:
-            try:
-                print("recv loop")
-                # check if we need more data first
-                if conn.inProgress:
-                    if (conn.msgLength == 0 or conn.recBuf.size() < conn.msgLength):
-                        conn.recv()
-                else:
-                    if conn.recBuf.size() == 0:
-                        conn.recv()
-
-                conn.inProgress = True
-
-                # see if we have enough to get the message length
-                if conn.msgLength == 0:
-                    ll = conn.recBuf.peek()
-                    if conn.recBuf.size() < 1 + ll:
-                        # we don't have enough bytes to read the length yet
-                        return
-                    print("decoding msg length")
-                    conn.msgLength = decode_varint(conn.recBuf)
-
-                # see if we have enough to decode the message
-                if conn.recBuf.size() < conn.msgLength:
-                    return
-
-                # now we can decode the message
-
-                # first read the request type and get the particular msg
-                # decoder
-                typeByte = conn.recBuf.read(1)
-                typeByte = int(typeByte[0])
-                resTypeByte = typeByte + 0x10
-                req_type = message_types[typeByte]
-
-                if req_type == "flush":
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.fd.send(conn.resBuf.buf)
-                    conn.msgLength = 0
-                    conn.inProgress = False
-                    conn.resBuf = BytesBuffer(bytearray())
-                    return
-
-                decoder = getattr(conn.decoder, req_type)
-
-                print("decoding args")
-                req_args = decoder()
-                print("got args", req_args)
-
-                # done decoding message
-                conn.msgLength = 0
-                conn.inProgress = False
-
-                req_f = getattr(conn.app, req_type)
-                if req_args is None:
-                    res = req_f()
-                elif isinstance(req_args, tuple):
-                    res = req_f(*req_args)
-                else:
-                    res = req_f(req_args)
-
-                if isinstance(res, tuple):
-                    res, ret_code = res
-                else:
-                    ret_code = res
-                    res = None
-
-                print("called", req_type, "ret code:", ret_code, 'res:', res)
-                if ret_code != 0:
-                    print("non-zero retcode:", ret_code)
-
-                if req_type in ("echo", "info"):  # these dont return a ret code
-                    enc = encode(res)
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(len(enc) + 1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.resBuf.write(enc)
-                else:
-                    enc, encRet = encode(res), encode(ret_code)
-                    # messages are length prefixed
-                    conn.resBuf.write(encode(len(enc) + len(encRet) + 1))
-                    conn.resBuf.write([resTypeByte])
-                    conn.resBuf.write(encRet)
-                    conn.resBuf.write(enc)
-            except IOError as e:
-                print("IOError on reading from connection:", e)
-                self.handle_conn_closed(r)
-                return
-            except Exception as e:
-                logger.exception("error reading from connection")
-                self.handle_conn_closed(r)
-                return
-
-    def main_loop(self):
-        while not self.shutdown:
-            r_list, w_list, _ = select.select(
-                self.read_list, self.write_list, [], 2.5)
-
-            for r in r_list:
-                if (r == self.listener):
-                    try:
-                        self.handle_new_connection(r)
-                        # undo adding to read list ...
-                    except NameError as e:
-                        print("Could not connect due to NameError:", e)
-                    except TypeError as e:
-                        print("Could not connect due to TypeError:", e)
-                    except:
-                        print("Could not connect due to unexpected error:", sys.exc_info()[0])
-                else:
-                    self.handle_recv(r)
-
-    def handle_shutdown(self):
-        for r in self.read_list:
-            r.close()
-        for w in self.write_list:
-            try:
-                w.close()
-            except Exception as e:
-                print(e)  # TODO: add logging
-        self.shutdown = True
--- a/abci/example/python3/abci/wire.py
+++ b/abci/example/python3/abci/wire.py
@@ -1,119 +0,0 @@
-
-# the decoder works off a reader
-# the encoder returns bytearray
-
-
-def hex2bytes(h):
-    return bytearray(h.decode('hex'))
-
-
-def bytes2hex(b):
-    if type(b) in (str, str):
-        return "".join([hex(ord(c))[2:].zfill(2) for c in b])
-    else:
-        return bytes2hex(b.decode())
-
-
-# expects uvarint64 (no crazy big nums!)
-def uvarint_size(i):
-    if i == 0:
-        return 0
-    for j in range(1, 8):
-        if i < 1 << j * 8:
-            return j
-    return 8
-
-# expects i < 2**size
-
-
-def encode_big_endian(i, size):
-    if size == 0:
-        return bytearray()
-    return encode_big_endian(i // 256, size - 1) + bytearray([i % 256])
-
-
-def decode_big_endian(reader, size):
-    if size == 0:
-        return 0
-    firstByte = reader.read(1)[0]
-    return firstByte * (256 ** (size - 1)) + decode_big_endian(reader, size - 1)
-
-# ints are max 16 bytes long
-
-
-def encode_varint(i):
-    negate = False
-    if i < 0:
-        negate = True
-        i = -i
-    size = uvarint_size(i)
-    if size == 0:
-        return bytearray([0])
-    big_end = encode_big_endian(i, size)
-    if negate:
-        size += 0xF0
-    return bytearray([size]) + big_end
-
-# returns the int and whats left of the byte array
-
-
-def decode_varint(reader):
-    size = reader.read(1)[0]
-    if size == 0:
-        return 0
-
-    negate = True if size > int(0xF0) else False
-    if negate:
-        size = size - 0xF0
-    i = decode_big_endian(reader, size)
-    if negate:
-        i = i * (-1)
-    return i
-
-
-def encode_string(s):
-    size = encode_varint(len(s))
-    return size + bytearray(s, 'utf8')
-
-
-def decode_string(reader):
-    length = decode_varint(reader)
-    raw_data = reader.read(length)
-    return raw_data.decode()
-
-
-def encode_list(s):
-    b = bytearray()
-    list(map(b.extend, list(map(encode, s))))
-    return encode_varint(len(s)) + b
-
-
-def encode(s):
-    print('encoding', repr(s))
-    if s is None:
-        return bytearray()
-    if isinstance(s, int):
-        return encode_varint(s)
-    elif isinstance(s, str):
-        return encode_string(s)
-    elif isinstance(s, list):
-        return encode_list(s)
-    elif isinstance(s, bytearray):
-        return encode_string(s)
-    else:
-        print("UNSUPPORTED TYPE!", type(s), s)
-
-
-if __name__ == '__main__':
-    ns = [100, 100, 1000, 256]
-    ss = [2, 5, 5, 2]
-    bs = list(map(encode_big_endian, ns, ss))
-    ds = list(map(decode_big_endian, bs, ss))
-    print(ns)
-    print([i[0] for i in ds])
-
-    ss = ["abc", "hi there jim", "ok now what"]
-    e = list(map(encode_string, ss))
-    d = list(map(decode_string, e))
-    print(ss)
-    print([i[0] for i in d])
--- a/abci/example/python3/app.py
+++ b/abci/example/python3/app.py
@@ -1,82 +0,0 @@
-import sys
-
-from abci.wire import hex2bytes, decode_big_endian, encode_big_endian
-from abci.server import ABCIServer
-from abci.reader import BytesBuffer
-
-
-class CounterApplication():
-
-    def __init__(self):
-        sys.exit("The python example is out of date.  Upgrading the Python examples is currently left as an exercise to you.")
-        self.hashCount = 0
-        self.txCount = 0
-        self.serial = False
-
-    def echo(self, msg):
-        return msg, 0
-
-    def info(self):
-        return ["hashes:%d, txs:%d" % (self.hashCount, self.txCount)], 0
-
-    def set_option(self, key, value):
-        if key == "serial" and value == "on":
-            self.serial = True
-        return 0
-
-    def deliver_tx(self, txBytes):
-        if self.serial:
-            txByteArray = bytearray(txBytes)
-            if len(txBytes) >= 2 and txBytes[:2] == "0x":
-                txByteArray = hex2bytes(txBytes[2:])
-            txValue = decode_big_endian(
-                BytesBuffer(txByteArray), len(txBytes))
-            if txValue != self.txCount:
-                return None, 6
-        self.txCount += 1
-        return None, 0
-
-    def check_tx(self, txBytes):
-        if self.serial:
-            txByteArray = bytearray(txBytes)
-            if len(txBytes) >= 2 and txBytes[:2] == "0x":
-                txByteArray = hex2bytes(txBytes[2:])
-            txValue = decode_big_endian(
-                BytesBuffer(txByteArray), len(txBytes))
-            if txValue < self.txCount:
-                return 6
-        return 0
-
-    def commit(self):
-        self.hashCount += 1
-        if self.txCount == 0:
-            return "", 0
-        h = encode_big_endian(self.txCount, 8)
-        h.reverse()
-        return h.decode(), 0
-
-    def add_listener(self):
-        return 0
-
-    def rm_listener(self):
-        return 0
-
-    def event(self):
-        return
-
-
-if __name__ == '__main__':
-    l = len(sys.argv)
-    if l == 1:
-        port = 26658
-    elif l == 2:
-        port = int(sys.argv[1])
-    else:
-        print("too many arguments")
-        quit()
-
-    print('ABCI Demo APP (Python)')
-
-    app = CounterApplication()
-    server = ABCIServer(app, port)
-    server.main_loop()
--- a/abci/server/grpc_server.go
+++ b/abci/server/grpc_server.go
@@ -34,25 +34,28 @@ func NewGRPCServer(protoAddr string, app types.ABCIApplicationServer) service.Se
 	return s
 }

-// OnStart starts the gRPC service
+// OnStart starts the gRPC service.
 func (s *GRPCServer) OnStart() error {
-	if err := s.BaseService.OnStart(); err != nil {
-		return err
-	}
+
 	ln, err := net.Listen(s.proto, s.addr)
 	if err != nil {
 		return err
 	}
-	s.Logger.Info("Listening", "proto", s.proto, "addr", s.addr)
+
 	s.listener = ln
 	s.server = grpc.NewServer()
 	types.RegisterABCIApplicationServer(s.server, s.app)
-	go s.server.Serve(s.listener)
+
+	s.Logger.Info("Listening", "proto", s.proto, "addr", s.addr)
+	go func() {
+		if err := s.server.Serve(s.listener); err != nil {
+			s.Logger.Error("Error serving gRPC server", "err", err)
+		}
+	}()
 	return nil
 }

-// OnStop stops the gRPC server
+// OnStop stops the gRPC server.
 func (s *GRPCServer) OnStop() {
-	s.BaseService.OnStop()
 	s.server.Stop()
 }
--- a/abci/server/server.go
+++ b/abci/server/server.go
@@ -2,9 +2,8 @@
 Package server is used to start a new ABCI server.

 It contains two server implementation:
- * gRPC server
- * socket server
-
+  - gRPC server
+  - socket server
 */
 package server

--- a/abci/server/socket_server.go
+++ b/abci/server/socket_server.go
@@ -5,27 +5,31 @@ import (
 	"fmt"
 	"io"
 	"net"
-	"sync"
+	"os"
+	"runtime"

 	"github.com/tendermint/tendermint/abci/types"
+	tmlog "github.com/tendermint/tendermint/libs/log"
 	tmnet "github.com/tendermint/tendermint/libs/net"
 	"github.com/tendermint/tendermint/libs/service"
+	tmsync "github.com/tendermint/tendermint/libs/sync"
 )

 // var maxNumberConnections = 2

 type SocketServer struct {
 	service.BaseService
+	isLoggerSet bool

 	proto    string
 	addr     string
 	listener net.Listener

-	connsMtx   sync.Mutex
+	connsMtx   tmsync.Mutex
 	conns      map[int]net.Conn
 	nextConnID int

-	appMtx sync.Mutex
+	appMtx tmsync.Mutex
 	app    types.Application
 }

@@ -42,21 +46,24 @@ func NewSocketServer(protoAddr string, app types.Application) service.Service {
 	return s
 }

+func (s *SocketServer) SetLogger(l tmlog.Logger) {
+	s.BaseService.SetLogger(l)
+	s.isLoggerSet = true
+}
+
 func (s *SocketServer) OnStart() error {
-	if err := s.BaseService.OnStart(); err != nil {
-		return err
-	}
 	ln, err := net.Listen(s.proto, s.addr)
 	if err != nil {
 		return err
 	}
+
 	s.listener = ln
 	go s.acceptConnectionsRoutine()
+
 	return nil
 }

 func (s *SocketServer) OnStop() {
-	s.BaseService.OnStop()
 	if err := s.listener.Close(); err != nil {
 		s.Logger.Error("Error closing listener", "err", err)
 	}
@@ -105,7 +112,7 @@ func (s *SocketServer) acceptConnectionsRoutine() {
 			if !s.IsRunning() {
 				return // Ignore error from listener closing.
 			}
-			s.Logger.Error("Failed to accept connection: " + err.Error())
+			s.Logger.Error("Failed to accept connection", "err", err)
 			continue
 		}

@@ -132,15 +139,15 @@ func (s *SocketServer) waitForClose(closeConn chan error, connID int) {
 	case err == io.EOF:
 		s.Logger.Error("Connection was closed by client")
 	case err != nil:
-		s.Logger.Error("Connection error", "error", err)
+		s.Logger.Error("Connection error", "err", err)
 	default:
 		// never happens
-		s.Logger.Error("Connection was closed.")
+		s.Logger.Error("Connection was closed")
 	}

 	// Close the connection
 	if err := s.rmConn(connID); err != nil {
-		s.Logger.Error("Error in closing connection", "error", err)
+		s.Logger.Error("Error closing connection", "err", err)
 	}
 }

@@ -153,7 +160,14 @@ func (s *SocketServer) handleRequests(closeConn chan error, conn io.Reader, resp
 		// make sure to recover from any app-related panics to allow proper socket cleanup
 		r := recover()
 		if r != nil {
-			closeConn <- fmt.Errorf("recovered from panic: %v", r)
+			const size = 64 << 10
+			buf := make([]byte, size)
+			buf = buf[:runtime.Stack(buf, false)]
+			err := fmt.Errorf("recovered from panic: %v\n%s", r, buf)
+			if !s.isLoggerSet {
+				fmt.Fprintln(os.Stderr, err)
+			}
+			closeConn <- err
 			s.appMtx.Unlock()
 		}
 	}()
@@ -166,7 +180,7 @@ func (s *SocketServer) handleRequests(closeConn chan error, conn io.Reader, resp
 			if err == io.EOF {
 				closeConn <- err
 			} else {
-				closeConn <- fmt.Errorf("error reading message: %v", err)
+				closeConn <- fmt.Errorf("error reading message: %w", err)
 			}
 			return
 		}
@@ -186,9 +200,6 @@ func (s *SocketServer) handleRequest(req *types.Request, responses chan<- *types
 	case *types.Request_Info:
 		res := s.app.Info(*r.Info)
 		responses <- types.ToResponseInfo(res)
-	case *types.Request_SetOption:
-		res := s.app.SetOption(*r.SetOption)
-		responses <- types.ToResponseSetOption(res)
 	case *types.Request_DeliverTx:
 		res := s.app.DeliverTx(*r.DeliverTx)
 		responses <- types.ToResponseDeliverTx(res)
@@ -210,6 +221,24 @@ func (s *SocketServer) handleRequest(req *types.Request, responses chan<- *types
 	case *types.Request_EndBlock:
 		res := s.app.EndBlock(*r.EndBlock)
 		responses <- types.ToResponseEndBlock(res)
+	case *types.Request_ListSnapshots:
+		res := s.app.ListSnapshots(*r.ListSnapshots)
+		responses <- types.ToResponseListSnapshots(res)
+	case *types.Request_OfferSnapshot:
+		res := s.app.OfferSnapshot(*r.OfferSnapshot)
+		responses <- types.ToResponseOfferSnapshot(res)
+	case *types.Request_PrepareProposal:
+		res := s.app.PrepareProposal(*r.PrepareProposal)
+		responses <- types.ToResponsePrepareProposal(res)
+	case *types.Request_ProcessProposal:
+		res := s.app.ProcessProposal(*r.ProcessProposal)
+		responses <- types.ToResponseProcessProposal(res)
+	case *types.Request_LoadSnapshotChunk:
+		res := s.app.LoadSnapshotChunk(*r.LoadSnapshotChunk)
+		responses <- types.ToResponseLoadSnapshotChunk(res)
+	case *types.Request_ApplySnapshotChunk:
+		res := s.app.ApplySnapshotChunk(*r.ApplySnapshotChunk)
+		responses <- types.ToResponseApplySnapshotChunk(res)
 	default:
 		responses <- types.ToResponseException("Unknown request")
 	}
@@ -223,13 +252,13 @@ func (s *SocketServer) handleResponses(closeConn chan error, conn io.Writer, res
 		var res = <-responses
 		err := types.WriteMessage(res, bufWriter)
 		if err != nil {
-			closeConn <- fmt.Errorf("error writing message: %v", err.Error())
+			closeConn <- fmt.Errorf("error writing message: %w", err)
 			return
 		}
 		if _, ok := res.Value.(*types.Response_Flush); ok {
 			err = bufWriter.Flush()
 			if err != nil {
-				closeConn <- fmt.Errorf("error flushing write buffer: %v", err.Error())
+				closeConn <- fmt.Errorf("error flushing write buffer: %w", err)
 				return
 			}
 		}
--- a/abci/tests/client_server_test.go
+++ b/abci/tests/client_server_test.go
@@ -19,9 +19,12 @@ func TestClientServerNoAddrPrefix(t *testing.T) {
 	assert.NoError(t, err, "expected no error on NewServer")
 	err = server.Start()
 	assert.NoError(t, err, "expected no error on server.Start")
+	defer func() { _ = server.Stop() }()

 	client, err := abciclient.NewClient(addr, transport, true)
 	assert.NoError(t, err, "expected no error on NewClient")
 	err = client.Start()
 	assert.NoError(t, err, "expected no error on client.Start")
+
+	_ = client.Stop()
 }
--- a/abci/tests/server/client.go
+++ b/abci/tests/server/client.go
@@ -16,7 +16,7 @@ func InitChain(client abcicli.Client) error {
 	for i := 0; i < total; i++ {
 		pubkey := tmrand.Bytes(33)
 		power := tmrand.Int()
-		vals[i] = types.Ed25519ValidatorUpdate(pubkey, int64(power))
+		vals[i] = types.UpdateValidator(pubkey, int64(power), "")
 	}
 	_, err := client.InitChainSync(types.RequestInitChain{
 		Validators: vals,
@@ -29,17 +29,6 @@ func InitChain(client abcicli.Client) error {
 	return nil
 }

-func SetOption(client abcicli.Client, key, value string) error {
-	_, err := client.SetOptionSync(types.RequestSetOption{Key: key, Value: value})
-	if err != nil {
-		fmt.Println("Failed test: SetOption")
-		fmt.Printf("error while setting %v=%v: \nerror: %v\n", key, value, err)
-		return err
-	}
-	fmt.Println("Passed test: SetOption")
-	return nil
-}
-
 func Commit(client abcicli.Client, hashExp []byte) error {
 	res, err := client.CommitSync()
 	data := res.Data
@@ -76,6 +65,32 @@ func DeliverTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []
 	return nil
 }

+func PrepareProposal(client abcicli.Client, txBytes [][]byte, txExpected [][]byte, dataExp []byte) error {
+	res, _ := client.PrepareProposalSync(types.RequestPrepareProposal{Txs: txBytes})
+	for i, tx := range res.Txs {
+		if !bytes.Equal(tx, txExpected[i]) {
+			fmt.Println("Failed test: PrepareProposal")
+			fmt.Printf("PrepareProposal transaction was unexpected. Got %x expected %x.",
+				tx, txExpected[i])
+			return errors.New("PrepareProposal error")
+		}
+	}
+	fmt.Println("Passed test: PrepareProposal")
+	return nil
+}
+
+func ProcessProposal(client abcicli.Client, txBytes [][]byte, statusExp types.ResponseProcessProposal_ProposalStatus) error {
+	res, _ := client.ProcessProposalSync(types.RequestProcessProposal{Txs: txBytes})
+	if res.Status != statusExp {
+		fmt.Println("Failed test: ProcessProposal")
+		fmt.Printf("ProcessProposal response status was unexpected. Got %v expected %v.",
+			res.Status, statusExp)
+		return errors.New("ProcessProposal error")
+	}
+	fmt.Println("Passed test: ProcessProposal")
+	return nil
+}
+
 func CheckTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []byte) error {
 	res, _ := client.CheckTxSync(types.RequestCheckTx{Tx: txBytes})
 	code, data, log := res.Code, res.Data, res.Log
--- a/abci/tests/test_app/app.go
+++ b/abci/tests/test_app/app.go
@@ -1,78 +0,0 @@
-package main
-
-import (
-	"bytes"
-	"fmt"
-	"os"
-
-	abcicli "github.com/tendermint/tendermint/abci/client"
-	"github.com/tendermint/tendermint/abci/types"
-	"github.com/tendermint/tendermint/libs/log"
-)
-
-func startClient(abciType string) abcicli.Client {
-	// Start client
-	client, err := abcicli.NewClient("tcp://127.0.0.1:26658", abciType, true)
-	if err != nil {
-		panic(err.Error())
-	}
-	logger := log.NewTMLogger(log.NewSyncWriter(os.Stdout))
-	client.SetLogger(logger.With("module", "abcicli"))
-	if err := client.Start(); err != nil {
-		panicf("connecting to abci_app: %v", err.Error())
-	}
-
-	return client
-}
-
-func setOption(client abcicli.Client, key, value string) {
-	_, err := client.SetOptionSync(types.RequestSetOption{Key: key, Value: value})
-	if err != nil {
-		panicf("setting %v=%v: \nerr: %v", key, value, err)
-	}
-}
-
-func commit(client abcicli.Client, hashExp []byte) {
-	res, err := client.CommitSync()
-	if err != nil {
-		panicf("client error: %v", err)
-	}
-	if !bytes.Equal(res.Data, hashExp) {
-		panicf("Commit hash was unexpected. Got %X expected %X", res.Data, hashExp)
-	}
-}
-
-func deliverTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []byte) {
-	res, err := client.DeliverTxSync(types.RequestDeliverTx{Tx: txBytes})
-	if err != nil {
-		panicf("client error: %v", err)
-	}
-	if res.Code != codeExp {
-		panicf("DeliverTx response code was unexpected. Got %v expected %v. Log: %v", res.Code, codeExp, res.Log)
-	}
-	if !bytes.Equal(res.Data, dataExp) {
-		panicf("DeliverTx response data was unexpected. Got %X expected %X", res.Data, dataExp)
-	}
-}
-
-/*func checkTx(client abcicli.Client, txBytes []byte, codeExp uint32, dataExp []byte) {
-	res, err := client.CheckTxSync(txBytes)
-	if err != nil {
-		panicf("client error: %v", err)
-	}
-	if res.IsErr() {
-		panicf("checking tx %X: %v\nlog: %v", txBytes, res.Log)
-	}
-	if res.Code != codeExp {
-		panicf("CheckTx response code was unexpected. Got %v expected %v. Log: %v",
-			res.Code, codeExp, res.Log)
-	}
-	if !bytes.Equal(res.Data, dataExp) {
-		panicf("CheckTx response data was unexpected. Got %X expected %X",
-			res.Data, dataExp)
-	}
-}*/
-
-func panicf(format string, a ...interface{}) {
-	panic(fmt.Sprintf(format, a...))
-}
--- a/abci/tests/test_app/main.go
+++ b/abci/tests/test_app/main.go
@@ -1,85 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"log"
-	"os"
-	"os/exec"
-	"time"
-
-	"github.com/tendermint/tendermint/abci/example/code"
-	"github.com/tendermint/tendermint/abci/types"
-)
-
-var abciType string
-
-func init() {
-	abciType = os.Getenv("ABCI")
-	if abciType == "" {
-		abciType = "socket"
-	}
-}
-
-func main() {
-	testCounter()
-}
-
-const (
-	maxABCIConnectTries = 10
-)
-
-func ensureABCIIsUp(typ string, n int) error {
-	var err error
-	cmdString := "abci-cli echo hello"
-	if typ == "grpc" {
-		cmdString = "abci-cli --abci grpc echo hello"
-	}
-
-	for i := 0; i < n; i++ {
-		cmd := exec.Command("bash", "-c", cmdString)
-		_, err = cmd.CombinedOutput()
-		if err == nil {
-			break
-		}
-		<-time.After(500 * time.Millisecond)
-	}
-	return err
-}
-
-func testCounter() {
-	abciApp := os.Getenv("ABCI_APP")
-	if abciApp == "" {
-		panic("No ABCI_APP specified")
-	}
-
-	fmt.Printf("Running %s test with abci=%s\n", abciApp, abciType)
-	subCommand := fmt.Sprintf("abci-cli %s", abciApp)
-	cmd := exec.Command("bash", "-c", subCommand)
-	cmd.Stdout = os.Stdout
-	if err := cmd.Start(); err != nil {
-		log.Fatalf("starting %q err: %v", abciApp, err)
-	}
-	defer cmd.Wait()
-	defer cmd.Process.Kill()
-
-	if err := ensureABCIIsUp(abciType, maxABCIConnectTries); err != nil {
-		log.Fatalf("echo failed: %v", err)
-	}
-
-	client := startClient(abciType)
-	defer client.Stop()
-
-	setOption(client, "serial", "on")
-	commit(client, nil)
-	deliverTx(client, []byte("abc"), code.CodeTypeBadNonce, nil)
-	commit(client, nil)
-	deliverTx(client, []byte{0x00}, types.CodeTypeOK, nil)
-	commit(client, []byte{0, 0, 0, 0, 0, 0, 0, 1})
-	deliverTx(client, []byte{0x00}, code.CodeTypeBadNonce, nil)
-	deliverTx(client, []byte{0x01}, types.CodeTypeOK, nil)
-	deliverTx(client, []byte{0x00, 0x02}, types.CodeTypeOK, nil)
-	deliverTx(client, []byte{0x00, 0x03}, types.CodeTypeOK, nil)
-	deliverTx(client, []byte{0x00, 0x00, 0x04}, types.CodeTypeOK, nil)
-	deliverTx(client, []byte{0x00, 0x00, 0x06}, code.CodeTypeBadNonce, nil)
-	commit(client, []byte{0, 0, 0, 0, 0, 0, 0, 5})
-}
--- a/abci/tests/test_app/test.sh
+++ b/abci/tests/test_app/test.sh
@@ -1,28 +0,0 @@
-#! /bin/bash
-set -e
-
-# These tests spawn the counter app and server by execing the ABCI_APP command and run some simple client tests against it
-
-# Get the directory of where this script is.
-export PATH="$GOBIN:$PATH"
-SOURCE="${BASH_SOURCE[0]}"
-while [ -h "$SOURCE" ] ; do SOURCE="$(readlink "$SOURCE")"; done
-DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
-
-# Change into that dir because we expect that.
-cd "$DIR"
-
-echo "RUN COUNTER OVER SOCKET"
-# test golang counter
-ABCI_APP="counter" go run -mod=readonly ./*.go
-echo "----------------------"
-
-
-echo "RUN COUNTER OVER GRPC"
-# test golang counter via grpc
-ABCI_APP="counter --abci=grpc" ABCI="grpc" go run -mod=readonly ./*.go
-echo "----------------------"
-
-# test nodejs counter
-# TODO: fix node app
-#ABCI_APP="node $GOPATH/src/github.com/tendermint/js-abci/example/app.js" go test -test.run TestCounter
--- a/abci/tests/test_cli/ex1.abci
+++ b/abci/tests/test_cli/ex1.abci
@@ -1,5 +1,7 @@
 echo hello
 info
+prepare_proposal "abc"
+process_proposal "abc"
 commit
 deliver_tx "abc"
 info
@@ -8,3 +10,9 @@ query "abc"
 deliver_tx "def=xyz"
 commit
 query "def"
+prepare_proposal "preparedef"
+process_proposal "replacedef"
+process_proposal "preparedef"
+prepare_proposal
+process_proposal
+commit
--- a/abci/tests/test_cli/ex1.abci.out
+++ b/abci/tests/test_cli/ex1.abci.out
@@ -8,6 +8,14 @@
 -> data: {"size":0}
 -> data.hex: 0x7B2273697A65223A307D

+> prepare_proposal "abc"
+-> code: OK
+-> log: Succeeded. Tx: abc
+
+> process_proposal "abc"
+-> code: OK
+-> status: ACCEPT
+
 > commit 
 -> code: OK
 -> data.hex: 0x0000000000000000
@@ -49,3 +57,25 @@
 -> value: xyz
 -> value.hex: 78797A

+> prepare_proposal "preparedef"
+-> code: OK
+-> log: Succeeded. Tx: replacedef
+
+> process_proposal "replacedef"
+-> code: OK
+-> status: ACCEPT
+
+> process_proposal "preparedef"
+-> code: OK
+-> status: REJECT
+
+> prepare_proposal 
+
+> process_proposal 
+-> code: OK
+-> status: ACCEPT
+
+> commit 
+-> code: OK
+-> data.hex: 0x0400000000000000
+
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`This example has been moved here: https://github.com/tendermint/js-abci/tree/master/example`