op-node: update to latest libp2p, update deps, Go 1.19 linting [bedrock] (#3194)

* op-node: go 1.19 linting, update libp2p deps * specs/meta: update go linting instructions

op-node: update to latest libp2p, update deps, Go 1.19 linting [bedrock] (#3194)
* op-node: go 1.19 linting, update libp2p deps * specs/meta: update go linting instructions
320155da · Diederik Loerakker · GitHub · 91ac5d26 · 320155da · 320155da
Commit 320155da authored Aug 10, 2022 by Diederik Loerakker Committed by GitHub Aug 10, 2022
14 changed files
--- a/go.work.sum
+++ b/go.work.sum
@@ -18,6 +18,7 @@ cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLq
 github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I=
 github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/btcsuite/btcd/btcec/v2 v2.1.3/go.mod h1:ctjw4H1kknNJmRN4iP1R7bTQ+v3GJkZBd6mui8ZsAZE=
+github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
 github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d h1:t5Wuyh53qYyg9eqn4BbnlIT+vmhyww0TatL+zT3uWgI=
 github.com/docker/docker v1.6.2/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
@@ -25,6 +26,7 @@ github.com/dop251/goja v0.0.0-20220405120441-9037c2b61cbf/go.mod h1:R9ET47fwRVRP
 github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
 github.com/fjl/gencodec v0.0.0-20220412091415-8bb9e558978c/go.mod h1:AzA8Lj6YtixmJWL+wkKoBGsLWy9gFrAzi4g+5bCKwpY=
+github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
 github.com/garslo/gogen v0.0.0-20170306192744-1d203ffc1f61/go.mod h1:Q0X6pkwTILDlzrGEckF6HKjXe48EgsY/l7K7vhY4MW8=
 github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
 github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
@@ -41,17 +43,34 @@ github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0
 github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM=
 github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM=
 github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c=
+github.com/ipfs/go-cid v0.1.0/go.mod h1:rH5/Xv83Rfy8Rw6xG+id3DYAMUVmem1MowoKwdXmN2o=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/klauspost/cpuid v0.0.0-20170728055534-ae7887de9fa5 h1:2U0HzY8BJ8hVwDKIzp7y4voR9CX/nvcfymLmg2UiOio=
 github.com/klauspost/cpuid v1.2.1 h1:vJi+O/nMdFt0vqm8NZBI6wzALWdA2X+egi0ogNyrC/w=
+github.com/klauspost/cpuid/v2 v2.0.14/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
+github.com/libp2p/go-libp2p v0.20.0/go.mod h1:g0C5Fu+aXXbCXkusCzLycuBowEih3ElmDqtbo61Em7k=
+github.com/libp2p/go-libp2p-core v0.16.1/go.mod h1:O3i/7y+LqUb0N+qhzXjBjjpchgptWAVMG1Voegk7b4c=
+github.com/libp2p/go-libp2p-core v0.19.0/go.mod h1:AkA+FUKQfYt1FLNef5fOPlo/naAWjKy/RCjkcPjqzYg=
+github.com/libp2p/go-libp2p-resource-manager v0.5.1/go.mod h1:CggtV6EZb+Y0dGh41q5ezO4udcVKyhcEFpydHD8EMe0=
 github.com/libp2p/go-yamux v1.4.1 h1:P1Fe9vF4th5JOxxgQvfbOHkrGqIZniTLf+ddhZp8YTI=
+github.com/libp2p/go-yamux/v3 v3.1.1/go.mod h1:jeLEQgLXqE2YqX1ilAClIfCMDY+0uXQUKmmb/qp0gT4=
+github.com/lucas-clemente/quic-go v0.27.1/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/multiformats/go-multihash v0.1.0/go.mod h1:RJlXsxt6vHGaia+S8We0ErjhojtKzPP2AH4+kYM7k84=
+github.com/multiformats/go-multistream v0.3.1/go.mod h1:ODRoqamLUsETKS9BNcII4gcRsJBU5VAwRIv7O39cEXg=
+github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/supranational/blst v0.3.8-0.20220526154634-513d2456b344/go.mod h1:jZJtfjgudtNl4en1tzwPIV3KjUnQUvG3/j+w+fVonLw=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220630215102-69896b714898/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
@@ -75,10 +94,15 @@ golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220422013727-9388b58f7150/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4=
 golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
 google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
 google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
 google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
@@ -137,6 +161,7 @@ google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX
 google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
 google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
 google.golang.org/genproto v0.0.0-20220519153652-3a47de7e79bd/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
+google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
 google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
 google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
 google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
@@ -148,3 +173,4 @@ google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ5
 google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
 google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
+lukechampine.com/blake3 v1.1.6/go.mod h1:tkKEOtDkNtklkXtLNEOGNq5tcV90tJiA1vAA12R78LA=
--- a/op-node/cmd/p2p/cmd.go
+++ b/op-node/cmd/p2p/cmd.go
@@ -5,7 +5,6 @@ import (
 	"encoding/hex"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"strings"
@@ -52,7 +51,7 @@ func Pub2PeerID(r io.Reader) (string, error) {
 }
 func readHexData(r io.Reader) ([]byte, error) {
-	data, err := ioutil.ReadAll(r)
+	data, err := io.ReadAll(r)
 	if err != nil {
 		return nil, err
 	}

--- a/op-node/go.mod
+++ b/op-node/go.mod
--- a/op-node/go.sum
+++ b/op-node/go.sum
--- a/op-node/p2p/config.go
+++ b/op-node/p2p/config.go
 package p2p
 import (
-	"crypto/ecdsa"
 	"crypto/rand"
 	"encoding/hex"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net"
 	"os"
 	"strings"
 	"time"
+	"github.com/ethereum-optimism/optimism/op-node/flags"
 	"github.com/ethereum-optimism/optimism/op-node/rollup"
-	"github.com/libp2p/go-libp2p-core/peer"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/ethereum/go-ethereum/p2p/discover"
-	"github.com/libp2p/go-libp2p-core/host"
-	"github.com/ethereum-optimism/optimism/op-node/flags"
 	"github.com/ethereum/go-ethereum/p2p/enode"
 	ds "github.com/ipfs/go-datastore"
 	"github.com/ipfs/go-datastore/sync"
@@ -28,14 +22,16 @@ import (
 	core "github.com/libp2p/go-libp2p-core"
 	"github.com/libp2p/go-libp2p-core/connmgr"
 	"github.com/libp2p/go-libp2p-core/crypto"
+	"github.com/libp2p/go-libp2p-core/host"
 	"github.com/libp2p/go-libp2p-core/metrics"
-	mplex "github.com/libp2p/go-libp2p-mplex"
+	"github.com/libp2p/go-libp2p-core/peer"
-	noise "github.com/libp2p/go-libp2p-noise"
-	tls "github.com/libp2p/go-libp2p-tls"
-	yamux "github.com/libp2p/go-libp2p-yamux"
 	lconf "github.com/libp2p/go-libp2p/config"
+	"github.com/libp2p/go-libp2p/p2p/muxer/mplex"
+	"github.com/libp2p/go-libp2p/p2p/muxer/yamux"
 	"github.com/libp2p/go-libp2p/p2p/net/conngater"
 	cmgr "github.com/libp2p/go-libp2p/p2p/net/connmgr"
+	"github.com/libp2p/go-libp2p/p2p/security/noise"
+	tls "github.com/libp2p/go-libp2p/p2p/security/tls"
 	"github.com/multiformats/go-multiaddr"
 	"github.com/urfave/cli"
 )
@@ -53,7 +49,7 @@ type SetupP2P interface {
 // Config sets up a p2p host and discv5 service from configuration.
 // This implements SetupP2P.
 type Config struct {
-	Priv *ecdsa.PrivateKey
+	Priv *crypto.Secp256k1PrivateKey
 	DisableP2P  bool
 	NoDiscovery bool
@@ -380,7 +376,7 @@ func (conf *Config) loadLibp2pOpts(ctx *cli.Context) error {
 	return nil
 }
-func loadNetworkPrivKey(ctx *cli.Context) (*ecdsa.PrivateKey, error) {
+func loadNetworkPrivKey(ctx *cli.Context) (*crypto.Secp256k1PrivateKey, error) {
 	raw := ctx.GlobalString(flags.P2PPrivRaw.Name)
 	if raw != "" {
 		return parsePriv(raw)
@@ -404,10 +400,10 @@ func loadNetworkPrivKey(ctx *cli.Context) (*ecdsa.PrivateKey, error) {
 		if _, err := f.WriteString(hex.EncodeToString(b)); err != nil {
 			return nil, fmt.Errorf("failed to write new p2p priv key: %v", err)
 		}
-		return (*ecdsa.PrivateKey)((p).(*crypto.Secp256k1PrivateKey)), nil
+		return (p).(*crypto.Secp256k1PrivateKey), nil
 	} else {
 		defer f.Close()
-		data, err := ioutil.ReadAll(f)
+		data, err := io.ReadAll(f)
 		if err != nil {
 			return nil, fmt.Errorf("failed to read priv key file: %v", err)
 		}
@@ -415,7 +411,7 @@ func loadNetworkPrivKey(ctx *cli.Context) (*ecdsa.PrivateKey, error) {
 	}
 }
-func parsePriv(data string) (*ecdsa.PrivateKey, error) {
+func parsePriv(data string) (*crypto.Secp256k1PrivateKey, error) {
 	if len(data) > 2 && data[:2] == "0x" {
 		data = data[2:]
 	}
@@ -428,7 +424,7 @@ func parsePriv(data string) (*ecdsa.PrivateKey, error) {
 		// avoid logging the priv key in the error, but hint at likely input length problem
 		return nil, fmt.Errorf("failed to parse priv key from %d bytes", len(b))
 	}
-	return (*ecdsa.PrivateKey)((p).(*crypto.Secp256k1PrivateKey)), nil
+	return (p).(*crypto.Secp256k1PrivateKey), nil
 }
 func (conf *Config) Check() error {

--- a/op-node/p2p/discovery.go
+++ b/op-node/p2p/discovery.go
@@ -11,6 +11,8 @@ import (
 	"net"
 	"time"
+	"github.com/btcsuite/btcd/btcec/v2"
+	decredSecp "github.com/decred/dcrd/dcrec/secp256k1/v4"
 	"github.com/ethereum-optimism/optimism/op-node/rollup"
 	gcrypto "github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/log"
@@ -41,10 +43,10 @@ func (conf *Config) Discovery(log log.Logger, rollupCfg *rollup.Config, tcpPort
 	if conf.NoDiscovery {
 		return nil, nil, nil
 	}
-	priv := *conf.Priv
+	priv := (*decredSecp.PrivateKey)(conf.Priv).ToECDSA()
 	// use the geth curve definition. Same crypto, but geth needs to detect it as *their* definition of the curve.
 	priv.Curve = gcrypto.S256()
-	localNode := enode.NewLocalNode(conf.DiscoveryDB, &priv)
+	localNode := enode.NewLocalNode(conf.DiscoveryDB, priv)
 	if conf.AdvertiseIP != nil {
 		localNode.SetStaticIP(conf.AdvertiseIP)
 	}
@@ -81,7 +83,7 @@ func (conf *Config) Discovery(log log.Logger, rollupCfg *rollup.Config, tcpPort
 	}
 	cfg := discover.Config{
-		PrivateKey:   &priv,
+		PrivateKey:   priv,
 		NetRestrict:  nil,
 		Bootnodes:    conf.Bootnodes,
 		Unhandled:    nil, // Not used in dv5
@@ -101,7 +103,31 @@ func (conf *Config) Discovery(log log.Logger, rollupCfg *rollup.Config, tcpPort
 	return localNode, udpV5, nil
 }
-func enrToAddrInfo(r *enode.Node) (*peer.AddrInfo, error) {
+// Secp256k1 is like the geth Secp256k1 enr entry type, but using the libp2p pubkey representation instead
+type Secp256k1 crypto.Secp256k1PublicKey
+func (v Secp256k1) ENRKey() string { return "secp256k1" }
+// EncodeRLP implements rlp.Encoder.
+func (v Secp256k1) EncodeRLP(w io.Writer) error {
+	return rlp.Encode(w, (*btcec.PublicKey)(&v).SerializeCompressed())
+}
+// DecodeRLP implements rlp.Decoder.
+func (v *Secp256k1) DecodeRLP(s *rlp.Stream) error {
+	buf, err := s.Bytes()
+	if err != nil {
+		return err
+	}
+	pk, err := btcec.ParsePubKey(buf)
+	if err != nil {
+		return err
+	}
+	*v = (Secp256k1)(*pk)
+	return nil
+}
+func enrToAddrInfo(r *enode.Node) (*peer.AddrInfo, *crypto.Secp256k1PublicKey, error) {
 	ip := r.IP()
 	ipScheme := "ip4"
 	if ip4 := ip.To4(); ip4 == nil {
@@ -111,17 +137,21 @@ func enrToAddrInfo(r *enode.Node) (*peer.AddrInfo, error) {
 	}
 	mAddr, err := multiaddr.NewMultiaddr(fmt.Sprintf("/%s/%s/tcp/%d", ipScheme, ip.String(), r.TCP()))
 	if err != nil {
-		return nil, fmt.Errorf("could not construct multi addr: %v", err)
+		return nil, nil, fmt.Errorf("could not construct multi addr: %v", err)
+	}
+	var enrPub Secp256k1
+	if err := r.Load(&enrPub); err != nil {
+		return nil, nil, fmt.Errorf("failed to load pubkey as libp2p pubkey type from ENR")
 	}
-	pub := r.Pubkey()
+	pub := (*crypto.Secp256k1PublicKey)(&enrPub)
-	peerID, err := peer.IDFromPublicKey((*crypto.Secp256k1PublicKey)(pub))
+	peerID, err := peer.IDFromPublicKey(pub)
 	if err != nil {
-		return nil, fmt.Errorf("could not compute peer ID from pubkey for multi-addr: %v", err)
+		return nil, pub, fmt.Errorf("could not compute peer ID from pubkey for multi-addr: %v", err)
 	}
 	return &peer.AddrInfo{
 		ID:    peerID,
 		Addrs: []multiaddr.Multiaddr{mAddr},
-	}, nil
+	}, pub, nil
 }
 // The discovery ENRs are just key-value lists, and we filter them by records tagged with the "optimism" key,
@@ -308,14 +338,14 @@ func (n *NodeP2P) DiscoveryProcess(ctx context.Context, log log.Logger, cfg *rol
 			if err := found.Load(&dat); err != nil { // we already filtered on chain ID and version
 				continue
 			}
-			info, err := enrToAddrInfo(found)
+			info, pub, err := enrToAddrInfo(found)
 			if err != nil {
 				continue
 			}
 			// We add the addresses to the peerstore, and update the address TTL.
 			//After that we stop using the address, assuming it may not be valid anymore (until we rediscover the node)
 			pstore.AddAddrs(info.ID, info.Addrs, discoveredAddrTTL)
-			_ = pstore.AddPubKey(info.ID, (*crypto.Secp256k1PublicKey)(found.Pubkey()))
+			_ = pstore.AddPubKey(info.ID, pub)
 			// Tag the peer, we'd rather have the connection manager prune away old peers,
 			// or peers on different chains, or anyone we have not seen via discovery.
 			// There is no tag score decay yet, so just set it to 42.

--- a/op-node/p2p/host.go
+++ b/op-node/p2p/host.go
@@ -9,13 +9,12 @@ import (
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/libp2p/go-libp2p-core/connmgr"
-	"github.com/libp2p/go-libp2p-core/crypto"
 	"github.com/libp2p/go-libp2p-core/host"
 	"github.com/libp2p/go-libp2p-core/peer"
 	"github.com/libp2p/go-libp2p-peerstore/pstoreds"
 	lconf "github.com/libp2p/go-libp2p/config"
 	basichost "github.com/libp2p/go-libp2p/p2p/host/basic"
-	tcp "github.com/libp2p/go-tcp-transport"
+	"github.com/libp2p/go-libp2p/p2p/transport/tcp"
 	ma "github.com/multiformats/go-multiaddr"
 	madns "github.com/multiformats/go-multiaddr-dns"
 )
@@ -46,9 +45,7 @@ func (conf *Config) Host(log log.Logger) (host.Host, error) {
 	if conf.DisableP2P {
 		return nil, nil
 	}
-	// we cast the ecdsa key type to the libp2p wrapper, to then use the libp2p pubkey and ID interfaces.
+	pub := conf.Priv.GetPublic()
-	var priv crypto.PrivKey = (*crypto.Secp256k1PrivateKey)(conf.Priv)
-	pub := priv.GetPublic()
 	pid, err := peer.IDFromPublicKey(pub)
 	if err != nil {
 		return nil, fmt.Errorf("failed to derive pubkey from network priv key: %v", err)
@@ -59,7 +56,7 @@ func (conf *Config) Host(log log.Logger) (host.Host, error) {
 		return nil, fmt.Errorf("failed to open peerstore: %v", err)
 	}
-	if err := ps.AddPrivKey(pid, priv); err != nil {
+	if err := ps.AddPrivKey(pid, conf.Priv); err != nil {
 		return nil, fmt.Errorf("failed to set up peerstore with priv key: %v", err)
 	}
 	if err := ps.AddPubKey(pid, pub); err != nil {
@@ -97,7 +94,7 @@ func (conf *Config) Host(log log.Logger) (host.Host, error) {
 		// Explicitly set the user-agent, so we can differentiate from other Go libp2p users.
 		UserAgent: conf.UserAgent,
-		PeerKey:            priv,
+		PeerKey:            conf.Priv,
 		Transports:         []lconf.TptC{tcpTransport},
 		Muxers:             conf.HostMux,
 		SecurityTransports: conf.HostSecurity,
@@ -132,9 +129,6 @@ func (conf *Config) Host(log log.Logger) (host.Host, error) {
 			ThrottlePeerLimit:   5,
 			ThrottleInterval:    time.Second * 60,
 		},
-		// no static-relays, a "sentry" type infra with static peers and redundancy seems better
-		StaticRelayOpt: nil,
 		// TODO: hole punching is new, need to review differences with NAT manager options
 		EnableHolePunching:  false,
 		HolePunchingOptions: nil,

--- a/op-node/p2p/host_test.go
+++ b/op-node/p2p/host_test.go
@@ -2,7 +2,6 @@ package p2p
 import (
 	"context"
-	"crypto/ecdsa"
 	"crypto/rand"
 	"math/big"
 	"net"
@@ -24,10 +23,10 @@ import (
 	"github.com/libp2p/go-libp2p-core/crypto"
 	"github.com/libp2p/go-libp2p-core/network"
 	"github.com/libp2p/go-libp2p-core/peer"
-	tswarm "github.com/libp2p/go-libp2p-swarm/testing"
-	yamux "github.com/libp2p/go-libp2p-yamux"
 	lconf "github.com/libp2p/go-libp2p/config"
+	"github.com/libp2p/go-libp2p/p2p/muxer/yamux"
 	mocknet "github.com/libp2p/go-libp2p/p2p/net/mock"
+	tswarm "github.com/libp2p/go-libp2p/p2p/net/swarm/testing"
 	"github.com/stretchr/testify/require"
 )
@@ -39,7 +38,7 @@ func TestingConfig(t *testing.T) *Config {
 	mux := lconf.MsMuxC{MuxC: mtpt, ID: "/yamux/1.0.0"}
 	return &Config{
-		Priv:                (*ecdsa.PrivateKey)((p).(*crypto.Secp256k1PrivateKey)),
+		Priv:                (p).(*crypto.Secp256k1PrivateKey),
 		DisableP2P:          false,
 		NoDiscovery:         true, // we statically peer during most tests.
 		ListenIP:            net.IP{127, 0, 0, 1},
@@ -106,7 +105,7 @@ func TestP2PFull(t *testing.T) {
 	require.NoError(t, err)
 	confA := Config{
-		Priv:                (*ecdsa.PrivateKey)((pA).(*crypto.Secp256k1PrivateKey)),
+		Priv:                (pA).(*crypto.Secp256k1PrivateKey),
 		DisableP2P:          false,
 		NoDiscovery:         true,
 		ListenIP:            net.IP{127, 0, 0, 1},
@@ -129,7 +128,7 @@ func TestP2PFull(t *testing.T) {
 	}
 	// copy config A, and change the settings for B
 	confB := confA
-	confB.Priv = (*ecdsa.PrivateKey)((pB).(*crypto.Secp256k1PrivateKey))
+	confB.Priv = (pB).(*crypto.Secp256k1PrivateKey)
 	confB.Store = sync.MutexWrap(ds.NewMapDatastore())
 	// TODO: maybe swap the order of sec/mux preferences, to test that negotiation works
@@ -258,7 +257,7 @@ func TestDiscovery(t *testing.T) {
 	rollupCfg := &rollup.Config{L2ChainID: big.NewInt(901)}
 	confA := Config{
-		Priv:                (*ecdsa.PrivateKey)((pA).(*crypto.Secp256k1PrivateKey)),
+		Priv:                (pA).(*crypto.Secp256k1PrivateKey),
 		DisableP2P:          false,
 		NoDiscovery:         false,
 		AdvertiseIP:         net.IP{127, 0, 0, 1},
@@ -284,7 +283,7 @@ func TestDiscovery(t *testing.T) {
 	}
 	// copy config A, and change the settings for B
 	confB := confA
-	confB.Priv = (*ecdsa.PrivateKey)((pB).(*crypto.Secp256k1PrivateKey))
+	confB.Priv = (pB).(*crypto.Secp256k1PrivateKey)
 	confB.Store = sync.MutexWrap(ds.NewMapDatastore())
 	confB.DiscoveryDB = discDBB
@@ -301,7 +300,7 @@ func TestDiscovery(t *testing.T) {
 	confB.Bootnodes = []*enode.Node{nodeA.Dv5Udp().Self()}
 	// Copy B config to C, and ensure they have a different priv / peerstore
 	confC := confB
-	confC.Priv = (*ecdsa.PrivateKey)((pC).(*crypto.Secp256k1PrivateKey))
+	confC.Priv = (pC).(*crypto.Secp256k1PrivateKey)
 	confC.Store = sync.MutexWrap(ds.NewMapDatastore())
 	confB.DiscoveryDB = discDBC

--- a/op-node/p2p/rpc_server.go
+++ b/op-node/p2p/rpc_server.go
@@ -2,7 +2,6 @@ package p2p
 import (
 	"context"
-	"crypto/ecdsa"
 	"errors"
 	"fmt"
 	"net"
@@ -10,6 +9,7 @@ import (
 	"github.com/ethereum-optimism/optimism/op-node/metrics"
+	decredSecp "github.com/decred/dcrd/dcrec/secp256k1/v4"
 	gcrypto "github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/ethereum/go-ethereum/p2p/discover"
@@ -100,7 +100,7 @@ func dumpPeer(id peer.ID, nw network.Network, pstore peerstore.Peerstore, connMg
 			if !ok {
 				return nil, fmt.Errorf("unexpected pubkey type: %T", pub)
 			}
-			info.NodeID = enode.PubkeyToIDV4((*ecdsa.PublicKey)(typedPub))
+			info.NodeID = enode.PubkeyToIDV4((*decredSecp.PublicKey)(typedPub).ToECDSA())
 		}
 	}
 	if dat, err := pstore.Get(id, "ProtocolVersion"); err != nil {

--- a/op-node/rollup/derive/channel_in_reader.go
+++ b/op-node/rollup/derive/channel_in_reader.go
@@ -57,9 +57,9 @@ func (cr *ChannelInReader) WriteChannel(data []byte) {
 }
 // ReadBatch returns a decoded rollup batch, or an error:
-// - io.EOF, if the ChannelInReader source needs more data, to be provided with WriteChannel()/
+//   - io.EOF, if the ChannelInReader source needs more data, to be provided with WriteChannel()/
-// - any other error (e.g. invalid compression or batch data):
+//   - any other error (e.g. invalid compression or batch data):
-//   the caller should ChannelInReader.NextChannel() before continuing reading the next batch.
+//     the caller should ChannelInReader.NextChannel() before continuing reading the next batch.
 func (cr *ChannelInReader) ReadBatch(dest *BatchData) error {
 	// The channel reader may not be initialized yet,
 	// and initializing involves reading (zlib header data), so we do that now.

--- a/op-node/rollup/derive/deposit_log.go
+++ b/op-node/rollup/derive/deposit_log.go
@@ -20,12 +20,13 @@ var (
 // UnmarshalDepositLogEvent decodes an EVM log entry emitted by the deposit contract into typed deposit data.
 //
 // parse log data for:
-//     event TransactionDeposited(
+//
-//         address indexed from,
+//	event TransactionDeposited(
-//         address indexed to,
+//	    address indexed from,
-//         uint256 indexed version,
+//	    address indexed to,
-//         bytes opaqueData
+//	    uint256 indexed version,
-//     );
+//	    bytes opaqueData
+//	);
 //
 // Additionally, the event log-index and
 func UnmarshalDepositLogEvent(ev *types.Log) (*types.DepositTx, error) {

--- a/op-node/rollup/sync/start.go
+++ b/op-node/rollup/sync/start.go
@@ -11,10 +11,10 @@
 // associated with the epoch that the L2 block belongs to) and to its parent L2 block. The L2 chain
 // node must satisfy the following validity rules:
 //
-//     1. l2block.number == l2block.l2parent.block.number + 1
+//  1. l2block.number == l2block.l2parent.block.number + 1
-//     2. l2block.l1Origin.number >= l2block.l2parent.l1Origin.number
+//  2. l2block.l1Origin.number >= l2block.l2parent.l1Origin.number
-//     3. l2block.l1Origin is in the canonical chain on L1
+//  3. l2block.l1Origin is in the canonical chain on L1
-//     4. l1_rollup_genesis is an ancestor of l2block.l1Origin
+//  4. l1_rollup_genesis is an ancestor of l2block.l1Origin
 //
 // During normal operation, both the L1 and L2 canonical chains can change, due to a re-organisation
 // or due to an extension (new L1 or L2 block).
@@ -22,14 +22,15 @@
 // When one of these changes occurs, the rollup node needs to determine what the new L2 head blocks
 // should be. We track two L2 head blocks:
 //
-//     - The *unsafe L2 block*: This is the highest L2 block whose L1 origin is a plausible (1)
+//   - The *unsafe L2 block*: This is the highest L2 block whose L1 origin is a plausible (1)
-//       extension of the canonical L1 chain (as known to the op-node).
+//     extension of the canonical L1 chain (as known to the op-node).
-//     - The *safe L2 block*: This is the highest L2 block whose epoch's sequencing window is
+//   - The *safe L2 block*: This is the highest L2 block whose epoch's sequencing window is
-//       complete within the canonical L1 chain (as known to the op-node).
+//     complete within the canonical L1 chain (as known to the op-node).
 //
 // (1) Plausible meaning that the blockhash of the L2 block's L1 origin (as reported in the L1
-//     Attributes deposit within the L2 block) is not canonical at another height in the L1 chain,
+//
-//     and the same holds for all its ancestors.
+//	Attributes deposit within the L2 block) is not canonical at another height in the L1 chain,
+//	and the same holds for all its ancestors.
 //
 // In particular, in the case of L1 extension, the L2 unsafe head will generally remain the same,
 // but in the case of an L1 re-org, we need to search for the new safe and unsafe L2 block.
@@ -61,9 +62,9 @@ var TooDeepReorgErr = errors.New("reorg is too deep")
 const MaxReorgDepth = 500
 // isCanonical returns the following values:
-// - `aheadOrCanonical: true if the supplied block is ahead of the known head of the L1 chain,
+//   - `aheadOrCanonical: true if the supplied block is ahead of the known head of the L1 chain,
-//    or canonical in the L1 chain.
+//     or canonical in the L1 chain.
-// - `canonical`: true if the block is canonical in the L1 chain.
+//   - `canonical`: true if the block is canonical in the L1 chain.
 func isAheadOrCanonical(ctx context.Context, l1 L1Chain, block eth.BlockID) (aheadOrCanonical bool, canonical bool, err error) {
 	if l1Head, err := l1.L1HeadBlockRef(ctx); err != nil {
 		return false, false, err
@@ -80,14 +81,15 @@ func isAheadOrCanonical(ctx context.Context, l1 L1Chain, block eth.BlockID) (ahe
 // FindL2Heads walks back from `start` (the previous unsafe L2 block) and finds the unsafe and safe
 // L2 blocks.
 //
-//     - The *unsafe L2 block*: This is the highest L2 block whose L1 origin is a plausible (1)
+//   - The *unsafe L2 block*: This is the highest L2 block whose L1 origin is a plausible (1)
-//       extension of the canonical L1 chain (as known to the op-node).
+//     extension of the canonical L1 chain (as known to the op-node).
-//     - The *safe L2 block*: This is the highest L2 block whose epoch's sequencing window is
+//   - The *safe L2 block*: This is the highest L2 block whose epoch's sequencing window is
-//       complete within the canonical L1 chain (as known to the op-node).
+//     complete within the canonical L1 chain (as known to the op-node).
 //
 // (1) Plausible meaning that the blockhash of the L2 block's L1 origin (as reported in the L1
-//     Attributes deposit within the L2 block) is not canonical at another height in the L1 chain,
+//
-//     and the same holds for all its ancestors.
+//	Attributes deposit within the L2 block) is not canonical at another height in the L1 chain,
+//	and the same holds for all its ancestors.
 func FindL2Heads(ctx context.Context, start eth.L2BlockRef, seqWindowSize uint64,
 	l1 L1Chain, l2 L2Chain, genesis *rollup.Genesis) (unsafe eth.L2BlockRef, safe eth.L2BlockRef, err error) {

--- a/op-node/withdrawals/utils.go
+++ b/op-node/withdrawals/utils.go
@@ -237,9 +237,9 @@ var (
 // WithdrawalHash computes the hash of the withdrawal that was stored in the L2 withdrawal contract state.
 // TODO:
-// 	- I don't like having to use the ABI Generated struct
+//   - I don't like having to use the ABI Generated struct
-// 	- There should be a better way to run the ABI encoding
+//   - There should be a better way to run the ABI encoding
-//	- These needs to be fuzzed against the solidity
+//   - These needs to be fuzzed against the solidity
 func WithdrawalHash(ev *bindings.L2ToL1MessagePasserWithdrawalInitiated) (common.Hash, error) {
 	//  abi.encode(nonce, msg.sender, _target, msg.value, _gasLimit, _data)
 	args := abi.Arguments{

--- a/specs/meta/linting.md
+++ b/specs/meta/linting.md
@@ -62,9 +62,7 @@ Justification for linting rules:
 ```shell
 # Install linter globally (should not affect go.mod)
-go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.45.2
+go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.48.0
-# Disabling goanalysis_metalinter
-# See https://github.com/golangci/golangci-lint/issues/2788
 # run linter, add --fix option to fix problems (where supported)
-golangci-lint run -E asciicheck,goimports,misspell -D goanalysis_metalinter
+golangci-lint run -E asciicheck,goimports,misspell
 ```