diff --git a/Makefile b/Makefile
index 0f414e1c2..f775704a9 100644
--- a/Makefile
+++ b/Makefile
@@ -2,10 +2,12 @@
 
 GOTOOLS = \
 	github.com/Masterminds/glide \
-	github.com/jteeuwen/go-bindata/go-bindata
+	github.com/jteeuwen/go-bindata/go-bindata \
+	github.com/alecthomas/gometalinter
+
 REPO:=github.com/tendermint/go-crypto
 
-all: get_vendor_deps test
+all: get_vendor_deps metalinter_test test
 
 test:
 	go test `glide novendor`
@@ -31,3 +33,37 @@ codegen:
 	@echo "--> regenerating all interface wrappers"
 	@gen
 	@echo "Done!"
+
+metalinter: ensure_tools
+	@gometalinter --install
+	gometalinter --vendor --deadline=600s --enable-all --disable=lll ./...
+
+metalinter_test: ensure_tools
+	@gometalinter --install
+	gometalinter --vendor --deadline=600s --disable-all  \
+		--enable=deadcode \
+		--enable=gas \
+		--enable=goconst \
+		--enable=gocyclo \
+		--enable=gosimple \
+	 	--enable=ineffassign \
+	   	--enable=interfacer \
+		--enable=maligned \
+		--enable=megacheck \
+	 	--enable=misspell \
+		--enable=safesql \
+		--enable=staticcheck \
+		--enable=structcheck \
+	   	--enable=unconvert \
+		--enable=unused \
+		--enable=vetshadow \
+		--enable=vet \
+		--enable=varcheck \
+		./...
+
+		#--enable=dupl \
+		#--enable=errcheck \
+		#--enable=goimports \
+		#--enable=golint \ <== comments on anything exported
+		#--enable=gotype \
+		#--enable=unparam \
diff --git a/_gen.go b/_gen.go
deleted file mode 100644
index a98feaf4e..000000000
--- a/_gen.go
+++ /dev/null
@@ -1,6 +0,0 @@
-package main
-
-import (
-	_ "github.com/tendermint/go-wire/gen"
-	_ "github.com/clipperhouse/stringer"
-)
diff --git a/armor.go b/armor.go
index 3d2eff5e7..5f199df43 100644
--- a/armor.go
+++ b/armor.go
@@ -22,7 +22,7 @@ func EncodeArmor(blockType string, headers map[string]string, data []byte) strin
 	if err != nil {
 		PanicSanity("Error encoding ascii armor: " + err.Error())
 	}
-	return string(buf.Bytes())
+	return buf.String()
 }
 
 func DecodeArmor(armorStr string) (blockType string, headers map[string]string, data []byte, err error) {
diff --git a/bcrypt/bcrypt.go b/bcrypt/bcrypt.go
index a6b4a2cf6..6b23b7a9d 100644
--- a/bcrypt/bcrypt.go
+++ b/bcrypt/bcrypt.go
@@ -50,7 +50,7 @@ func (ih InvalidHashPrefixError) Error() string {
 type InvalidCostError int
 
 func (ic InvalidCostError) Error() string {
-	return fmt.Sprintf("crypto/bcrypt: cost %d is outside allowed range (%d,%d)", int(ic), int(MinCost), int(MaxCost))
+	return fmt.Sprintf("crypto/bcrypt: cost %d is outside allowed range (%d,%d)", int(ic), int(MinCost), int(MaxCost)) // nolint: unconvert
 }
 
 const (
diff --git a/embed_test.go b/embed_test.go
index e2d2fe504..e5c37c0c1 100644
--- a/embed_test.go
+++ b/embed_test.go
@@ -73,8 +73,8 @@ func TestEncodeDemo(t *testing.T) {
 		// Try to encode as binary
 		b, err := data.ToWire(tc.in)
 		if assert.Nil(err, "%d: %#v", i, tc.in) {
-			err := data.FromWire(b, tc.out)
-			if assert.Nil(err) {
+			err2 := data.FromWire(b, tc.out)
+			if assert.Nil(err2) {
 				assert.Equal(tc.expected, tc.out.String())
 			}
 		}
@@ -82,8 +82,8 @@ func TestEncodeDemo(t *testing.T) {
 		// Try to encode it as json
 		j, err := data.ToJSON(tc.in)
 		if assert.Nil(err, "%d: %#v", i, tc.in) {
-			err := data.FromJSON(j, tc.out)
-			if assert.Nil(err) {
+			err2 := data.FromJSON(j, tc.out)
+			if assert.Nil(err2) {
 				assert.Equal(tc.expected, tc.out.String())
 			}
 		}
diff --git a/example_test.go b/example_test.go
index c9cd2688d..2c8b94549 100644
--- a/example_test.go
+++ b/example_test.go
@@ -20,14 +20,14 @@ import (
 	"github.com/tendermint/go-crypto"
 )
 
-func Example_Sha256() {
+func ExampleSha256() {
 	sum := crypto.Sha256([]byte("This is Tendermint"))
 	fmt.Printf("%x\n", sum)
 	// Output:
 	// f91afb642f3d1c87c17eb01aae5cb65c242dfdbe7cf1066cc260f4ce5d33b94e
 }
 
-func Example_Ripemd160() {
+func ExampleRipemd160() {
 	sum := crypto.Ripemd160([]byte("This is Tendermint"))
 	fmt.Printf("%x\n", sum)
 	// Output:
diff --git a/hd/address.go b/hd/address.go
index d7553a4d7..5b664b496 100644
--- a/hd/address.go
+++ b/hd/address.go
@@ -11,7 +11,6 @@ import (
 	"errors"
 	"fmt"
 	"hash"
-	"log"
 	"math/big"
 	"strconv"
 	"strings"
@@ -86,8 +85,7 @@ func ComputeTxId(rawTxHex string) string {
 	return HexEncode(ReverseBytes(CalcHash256(HexDecode(rawTxHex))))
 }
 
-// Private methods...
-
+/*
 func printKeyInfo(privKeyBytes []byte, pubKeyBytes []byte, chain []byte) {
 	if pubKeyBytes == nil {
 		pubKeyBytes = PubKeyBytesFromPrivKeyBytes(privKeyBytes, true)
@@ -99,6 +97,7 @@ func printKeyInfo(privKeyBytes []byte, pubKeyBytes []byte, chain []byte) {
 		addr,
 		HexEncode(chain))
 }
+*/
 
 func DerivePrivateKeyForPath(privKeyBytes []byte, chain []byte, path string) []byte {
 	data := privKeyBytes
@@ -144,7 +143,7 @@ func DerivePublicKeyForPath(pubKeyBytes []byte, chain []byte, path string) []byt
 }
 
 func DerivePrivateKey(privKeyBytes []byte, chain []byte, i uint32, prime bool) ([]byte, []byte) {
-	data := []byte{}
+	var data []byte
 	if prime {
 		i = i | 0x80000000
 		data = append([]byte{byte(0)}, privKeyBytes...)
@@ -177,11 +176,11 @@ func addPoints(a []byte, b []byte) []byte {
 		panic(err)
 	}
 	sumX, sumY := btcec.S256().Add(ap.X, ap.Y, bp.X, bp.Y)
-	sum := (*btcec.PublicKey)(&btcec.PublicKey{
+	sum := &btcec.PublicKey{
 		Curve: btcec.S256(),
 		X:     sumX,
 		Y:     sumY,
-	})
+	}
 	return sum.SerializeCompressed()
 }
 
@@ -248,11 +247,11 @@ func WIFFromPrivKeyBytes(privKeyBytes []byte, compress bool) string {
 
 func PubKeyBytesFromPrivKeyBytes(privKeyBytes []byte, compress bool) (pubKeyBytes []byte) {
 	x, y := btcec.S256().ScalarBaseMult(privKeyBytes)
-	pub := (*btcec.PublicKey)(&btcec.PublicKey{
+	pub := &btcec.PublicKey{
 		Curve: btcec.S256(),
 		X:     x,
 		Y:     y,
-	})
+	}
 
 	if compress {
 		return pub.SerializeCompressed()
diff --git a/hd/hd_test.go b/hd/hd_test.go
index b2f7d2e8f..02d80388c 100644
--- a/hd/hd_test.go
+++ b/hd/hd_test.go
@@ -2,9 +2,9 @@ package hd
 
 import (
 	"bytes"
-	"crypto/hmac"
-	"crypto/sha512"
-	"encoding/binary"
+	//"crypto/hmac"
+	//"crypto/sha512"
+	//"encoding/binary"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
@@ -15,10 +15,10 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/tyler-smith/go-bip39"
 
-	"github.com/btcsuite/btcd/chaincfg"
-	"github.com/btcsuite/btcutil/hdkeychain"
-	"github.com/mndrix/btcutil"
-	"github.com/tyler-smith/go-bip32"
+	//"github.com/btcsuite/btcd/chaincfg"
+	//"github.com/btcsuite/btcutil/hdkeychain"
+	//"github.com/mndrix/btcutil"
+	//"github.com/tyler-smith/go-bip32"
 
 	"github.com/tendermint/go-crypto"
 )
@@ -33,7 +33,7 @@ type addrData struct {
 }
 
 // NOTE: atom fundraiser address
-var hdPath string = "m/44'/118'/0'/0/0"
+// var hdPath string = "m/44'/118'/0'/0/0"
 var hdToAddrTable []addrData
 
 func init() {
@@ -109,12 +109,14 @@ func TestReverseBytes(t *testing.T) {
 	}
 }
 
+/*
 func ifExit(err error, n int) {
 	if err != nil {
 		fmt.Println(n, err)
 		os.Exit(1)
 	}
 }
+*/
 
 func gocrypto(seed []byte) ([]byte, []byte, []byte) {
 
@@ -131,6 +133,7 @@ func gocrypto(seed []byte) ([]byte, []byte, []byte) {
 	return HexDecode(priv), privBytes, pubBytes
 }
 
+/*
 func btcsuite(seed []byte) ([]byte, []byte, []byte) {
 	fmt.Println("HD")
 	masterKey, err := hdkeychain.NewMaster(seed, &chaincfg.MainNetParams)
@@ -207,9 +210,9 @@ func tylerSmith(seed []byte) ([]byte, []byte, []byte) {
 	pub := k.PublicKey().Key
 	return masterKey.Key, priv, pub
 }
+*/
 
 // Benchmarks
-
 var revBytesCases = [][]byte{
 	nil,
 	[]byte(""),
@@ -238,5 +241,6 @@ func BenchmarkReverseBytes(b *testing.B) {
 	// sink is necessary to ensure if the compiler tries
 	// to smart, that it won't optimize away the benchmarks.
 	if sink != nil {
+		_ = sink
 	}
 }
diff --git a/keys/cryptostore/holder.go b/keys/cryptostore/holder.go
index 2fc617b4e..cb8a2e149 100644
--- a/keys/cryptostore/holder.go
+++ b/keys/cryptostore/holder.go
@@ -24,15 +24,9 @@ func New(coder Encoder, store keys.Storage, codec keys.Codec) Manager {
 	}
 }
 
-// exists just to make sure we fulfill the Signer interface
-func (s Manager) assertSigner() keys.Signer {
-	return s
-}
-
-// exists just to make sure we fulfill the Manager interface
-func (s Manager) assertKeyManager() keys.Manager {
-	return s
-}
+// assert Manager satisfies keys.Signer and keys.Manager interfaces
+var _ keys.Signer = Manager{}
+var _ keys.Manager = Manager{}
 
 // Create adds a new key to the storage engine, returning error if
 // another key already stored under this name
diff --git a/keys/cryptostore/holder_test.go b/keys/cryptostore/holder_test.go
index 7484b1517..a8fc90989 100644
--- a/keys/cryptostore/holder_test.go
+++ b/keys/cryptostore/holder_test.go
@@ -50,22 +50,22 @@ func TestKeyManagement(t *testing.T) {
 	assert.NotNil(err)
 
 	// list shows them in order
-	keys, err := cstore.List()
+	keyS, err := cstore.List()
 	require.Nil(err)
-	require.Equal(2, len(keys))
+	require.Equal(2, len(keyS))
 	// note these are in alphabetical order
-	assert.Equal(n2, keys[0].Name)
-	assert.Equal(n1, keys[1].Name)
-	assert.Equal(i2.PubKey, keys[0].PubKey)
+	assert.Equal(n2, keyS[0].Name)
+	assert.Equal(n1, keyS[1].Name)
+	assert.Equal(i2.PubKey, keyS[0].PubKey)
 
 	// deleting a key removes it
 	err = cstore.Delete("bad name", "foo")
 	require.NotNil(err)
 	err = cstore.Delete(n1, p1)
 	require.Nil(err)
-	keys, err = cstore.List()
+	keyS, err = cstore.List()
 	require.Nil(err)
-	assert.Equal(1, len(keys))
+	assert.Equal(1, len(keyS))
 	_, err = cstore.Get(n1)
 	assert.NotNil(err)
 
diff --git a/keys/server/helpers.go b/keys/server/helpers.go
index 710e4f392..3fb947316 100644
--- a/keys/server/helpers.go
+++ b/keys/server/helpers.go
@@ -5,6 +5,7 @@ for key management, transaction signing, and query validation.
 Please read the README and godoc to see how to
 configure the server for your application.
 */
+
 package server
 
 import (
@@ -12,8 +13,8 @@ import (
 	"io/ioutil"
 	"net/http"
 
-	data "github.com/tendermint/go-wire/data"
 	"github.com/tendermint/go-crypto/keys/server/types"
+	data "github.com/tendermint/go-wire/data"
 
 	"github.com/pkg/errors"
 )
diff --git a/keys/storage/filestorage/main.go b/keys/storage/filestorage/main.go
index bd29ce41f..2bd4dcc1f 100644
--- a/keys/storage/filestorage/main.go
+++ b/keys/storage/filestorage/main.go
@@ -22,13 +22,14 @@ import (
 const (
 	// BlockType is the type of block.
 	BlockType = "Tendermint Light Client"
+
 	// PrivExt is the extension for private keys.
 	PrivExt = "tlc"
 	// PubExt is the extensions for public keys.
 	PubExt = "pub"
 
 	keyPerm = os.FileMode(0600)
-	pubPerm = os.FileMode(0644)
+	// pubPerm = os.FileMode(0644)
 	dirPerm = os.FileMode(0700)
 )
 
@@ -51,10 +52,8 @@ func New(dir string) FileStore {
 	return FileStore{dir}
 }
 
-// assertStorage just makes sure we implement the proper Storage interface
-func (s FileStore) assertStorage() keys.Storage {
-	return s
-}
+// assert FileStore satisfies keys.Storage
+var _ keys.Storage = FileStore{}
 
 // Put creates two files, one with the public info as json, the other
 // with the (encoded) private key as gpg ascii-armor style
@@ -90,11 +89,10 @@ func (s FileStore) Get(name string) (salt []byte, key []byte, info keys.Info, er
 // Info for all keys located in this directory.
 func (s FileStore) List() (keys.Infos, error) {
 	dir, err := os.Open(s.keyDir)
-	defer dir.Close()
-
 	if err != nil {
 		return nil, errors.Wrap(err, "List Keys")
 	}
+	defer dir.Close()
 
 	names, err := dir.Readdirnames(0)
 	if err != nil {
@@ -142,11 +140,10 @@ func (s FileStore) nameToPaths(name string) (pub, priv string) {
 
 func readInfo(path string) (info keys.Info, err error) {
 	f, err := os.Open(path)
-	defer f.Close()
-
 	if err != nil {
 		return info, errors.Wrap(err, "Reading data")
 	}
+	defer f.Close()
 
 	d, err := ioutil.ReadAll(f)
 	if err != nil {
@@ -171,11 +168,10 @@ func readInfo(path string) (info keys.Info, err error) {
 
 func read(path string) (salt, key []byte, name string, err error) {
 	f, err := os.Open(path)
-	defer f.Close()
-
 	if err != nil {
 		return nil, nil, "", errors.Wrap(err, "Reading data")
 	}
+	defer f.Close()
 
 	d, err := ioutil.ReadAll(f)
 	if err != nil {
@@ -209,11 +205,10 @@ func read(path string) (salt, key []byte, name string, err error) {
 
 func writeInfo(path string, info keys.Info) error {
 	f, err := os.OpenFile(path, os.O_CREATE|os.O_EXCL|os.O_WRONLY, keyPerm)
-	defer f.Close()
-
 	if err != nil {
 		return errors.Wrap(err, "Writing data")
 	}
+	defer f.Close()
 
 	headers := map[string]string{"name": info.Name}
 	text := crypto.EncodeArmor(BlockType, headers, info.PubKey.Bytes())
@@ -224,11 +219,10 @@ func writeInfo(path string, info keys.Info) error {
 
 func write(path, name string, salt, key []byte) error {
 	f, err := os.OpenFile(path, os.O_CREATE|os.O_EXCL|os.O_WRONLY, keyPerm)
-	defer f.Close()
-
 	if err != nil {
 		return errors.Wrap(err, "Writing data")
 	}
+	defer f.Close()
 
 	headers := map[string]string{
 		"name": name,
diff --git a/keys/storage/memstorage/main.go b/keys/storage/memstorage/main.go
index ddc46afc9..516aa40b8 100644
--- a/keys/storage/memstorage/main.go
+++ b/keys/storage/memstorage/main.go
@@ -24,10 +24,8 @@ func New() MemStore {
 	return MemStore{}
 }
 
-// assertStorage just makes sure we implement the Storage interface
-func (s MemStore) assertStorage() keys.Storage {
-	return s
-}
+// assert MemStore satisfies keys.Storage
+var _ keys.Storage = MemStore{}
 
 // Put adds the given key, returns an error if it another key
 // is already stored under this name
diff --git a/keys/wordcodec_test.go b/keys/wordcodec_test.go
index 25c5439a6..a44607be2 100644
--- a/keys/wordcodec_test.go
+++ b/keys/wordcodec_test.go
@@ -119,8 +119,8 @@ func TestCheckInvalidLists(t *testing.T) {
 			w, err := codec.BytesToWords(data)
 			if tc.valid {
 				assert.Nil(err, "%d: %+v", i, err)
-				b, err := codec.WordsToBytes(w)
-				assert.Nil(err, "%d: %+v", i, err)
+				b, err1 := codec.WordsToBytes(w)
+				assert.Nil(err1, "%d: %+v", i, err1)
 				assert.Equal(data, b)
 			} else {
 				assert.NotNil(err, "%d", i)
diff --git a/keys/wordlist/wordlist.go b/keys/wordlist/wordlist.go
index 97ddb2369..58ff41181 100644
--- a/keys/wordlist/wordlist.go
+++ b/keys/wordlist/wordlist.go
@@ -204,9 +204,9 @@ func AssetNames() []string {
 // _bindata is a table, holding each asset generator, mapped to its name.
 var _bindata = map[string]func() (*asset, error){
 	"keys/wordlist/chinese_simplified.txt": keysWordlistChinese_simplifiedTxt,
-	"keys/wordlist/english.txt": keysWordlistEnglishTxt,
-	"keys/wordlist/japanese.txt": keysWordlistJapaneseTxt,
-	"keys/wordlist/spanish.txt": keysWordlistSpanishTxt,
+	"keys/wordlist/english.txt":            keysWordlistEnglishTxt,
+	"keys/wordlist/japanese.txt":           keysWordlistJapaneseTxt,
+	"keys/wordlist/spanish.txt":            keysWordlistSpanishTxt,
 }
 
 // AssetDir returns the file names below a certain
@@ -248,13 +248,14 @@ type bintree struct {
 	Func     func() (*asset, error)
 	Children map[string]*bintree
 }
+
 var _bintree = &bintree{nil, map[string]*bintree{
 	"keys": &bintree{nil, map[string]*bintree{
 		"wordlist": &bintree{nil, map[string]*bintree{
 			"chinese_simplified.txt": &bintree{keysWordlistChinese_simplifiedTxt, map[string]*bintree{}},
-			"english.txt": &bintree{keysWordlistEnglishTxt, map[string]*bintree{}},
-			"japanese.txt": &bintree{keysWordlistJapaneseTxt, map[string]*bintree{}},
-			"spanish.txt": &bintree{keysWordlistSpanishTxt, map[string]*bintree{}},
+			"english.txt":            &bintree{keysWordlistEnglishTxt, map[string]*bintree{}},
+			"japanese.txt":           &bintree{keysWordlistJapaneseTxt, map[string]*bintree{}},
+			"spanish.txt":            &bintree{keysWordlistSpanishTxt, map[string]*bintree{}},
 		}},
 	}},
 }}
@@ -305,4 +306,3 @@ func _filePath(dir, name string) string {
 	cannonicalName := strings.Replace(name, "\\", "/", -1)
 	return filepath.Join(append([]string{dir}, strings.Split(cannonicalName, "/")...)...)
 }
-