## Description

remove pkg/errors since we use the provided fmt.Errorf

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.2.0 to 1.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's releases</a>.</em></p>
<blockquote>
<h2>v1.2.1</h2>
<h3>Bug fixes</h3>
<ul>
<li>Quickfix for <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1437">spf13/cobra#1437</a> after v1.2.0 where parallel use of the <code>cmd.RegisterFlagCompletionFunc()</code> (and subsequent map) now works correctly and flag completions now work again</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="de187e874d"><code>de187e8</code></a> Fix flag completion (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1438">#1438</a>)</li>
<li>See full diff in <a href="https://github.com/spf13/cobra/compare/v1.2.0...v1.2.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/spf13/cobra&package-manager=go_modules&previous-version=1.2.0&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/go-kit/kit](https://github.com/go-kit/kit) from 0.10.0 to 0.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/go-kit/kit/releases">github.com/go-kit/kit's releases</a>.</em></p>
<blockquote>
<h2>v0.11.0</h2>
<p>A new release with several improvements and enhancements. The first one in a long while! Huge thanks to <a href="https://github.com/sagikazarmark"><code>@​sagikazarmark</code></a> for putting in most of the gruntwork to make it happen! You're a superstar.</p>
<p>The biggest thing: package log has been extracted to a separate repository and module, <a href="https://github.com/go-kit/log">go-kit/log</a>. This means that if you or your project was importing go-kit/kit just to get package log, you can significantly reduce your go.mod and dep graph by switching to the new module. Note that we have no current plans to alias the existing go-kit/kit/log to the new go-kit/log module and package, nor to deprecate the current package in favor of the new one. They are two distinct packages with no defined relationship to each other. This may change in the future.</p>
<p>Major changes:</p>
<ul>
<li>The log package was extracted to a <a href="https://github.com/go-kit/log">separate repository</a></li>
<li>Examples were moved to a separate <a href="https://github.com/go-kit/examples">repository</a></li>
<li>Deprecated kitgen was removed</li>
</ul>
<p>Thanks to the 22 contributors who contributed to this release! 🏌️‍♂️</p>
<h1>Bug fixes</h1>
<ul>
<li>metrics/cloudwatch: log CloudWatch response error (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/961">#961</a>) (thanks <a href="https://github.com/Trane9991"><code>@​Trane9991</code></a>)</li>
<li>log: defer mutex unlocks for panic safety in SyncLogger (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/974">#974</a>)</li>
<li>util/conn: close old connection before reconnect (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/982">#982</a>) (thanks <a href="https://github.com/chikaku"><code>@​chikaku</code></a>)</li>
<li>log/term: fix build on GOOS=js GOARCH=wasm (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/993">#993</a>) (thanks <a href="https://github.com/mvdan"><code>@​mvdan</code></a>)</li>
<li>transport/http/jsonrpc: move the ClientAfter calls to before the decode (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1008">#1008</a>) (thanks <a href="https://github.com/directionless"><code>@​directionless</code></a>)</li>
<li>sd/etcdv3: fix etcdv3 client won't return error when no endpoint is available (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1009">#1009</a>) (thanks <a href="https://github.com/wayjam"><code>@​wayjam</code></a>)</li>
<li>metrics/generic: fix uint64 alignment (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1007">#1007</a>) (thanks <a href="https://github.com/ldez"><code>@​ldez</code></a>)</li>
<li>log: fix stdlibadapter when prefixed (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1036">#1036</a>) (thanks <a href="https://github.com/soven"><code>@​soven</code></a>)</li>
<li>log: capture newlines in log stdlib (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1041">#1041</a>) (thanks <a href="https://github.com/SuperQ"><code>@​SuperQ</code></a>)</li>
</ul>
<h1>Enhancements</h1>
<ul>
<li>metrics/cloudwatch: use batch values API for CloudWatch PutMetric data call (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/960">#960</a>) (thanks <a href="https://github.com/Trane9991"><code>@​Trane9991</code></a>)</li>
<li>log: allow to use specific logrus level in the adaptor (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/962">#962</a>) (thanks <a href="https://github.com/Trane9991"><code>@​Trane9991</code></a>)</li>
<li>transport/http: add NewExplicitClient (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/971">#971</a>)</li>
<li>transport/http/jsonrpc: add RequestID in error body when using the DefaultErrorEncoder (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/969">#969</a>) (thanks <a href="https://github.com/esenac"><code>@​esenac</code></a>)</li>
<li>transport/http/jsonrpc: add Version to JSON-RPC client request (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/990">#990</a>) (thanks <a href="https://github.com/shirolimit"><code>@​shirolimit</code></a>)</li>
<li>log: add WithSuffix to append key-value pairs to those passed to Log (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/992">#992</a>) (thanks <a href="https://github.com/vinayvinay"><code>@​vinayvinay</code></a>)</li>
<li>sd/consul: improve inconsistent Consul SD index handling (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/999">#999</a>) (thanks <a href="https://github.com/vinayvinay"><code>@​vinayvinay</code></a>)</li>
<li>all: dependency updates (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1029">#1029</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1095">#1095</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1097">#1097</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1098">#1098</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1106">#1106</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1118">#1118</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1115">#1115</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1119">#1119</a>, <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1124">#1124</a>) (thanks <a href="https://github.com/ChrisHines"><code>@​ChrisHines</code></a>, <a href="https://github.com/Enrico204"><code>@​Enrico204</code></a>, <a href="https://github.com/sagikazarmark"><code>@​sagikazarmark</code></a>)</li>
<li>tracing/opencensus: add support for JSONRPC (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1022">#1022</a>) (thanks <a href="https://github.com/ryan-lang"><code>@​ryan-lang</code></a>)</li>
<li>tracing/opentracing: improve endpoint middleware options (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1072">#1072</a>) (thanks <a href="https://github.com/alebabai"><code>@​alebabai</code></a>)</li>
<li>auth/jwt: fix repetition of the word &quot;token&quot; in JWT (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1070">#1070</a>) (thanks <a href="https://github.com/amidam"><code>@​amidam</code></a>)</li>
<li>sd/zk: replace unmaintained zk library with drop-in replacement (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1120">#1120</a>) (thanks <a href="https://github.com/sagikazarmark"><code>@​sagikazarmark</code></a>)</li>
<li>cmd/kitgen: remove deprecated kitgen (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1121">#1121</a>) (thanks <a href="https://github.com/sagikazarmark"><code>@​sagikazarmark</code></a>)</li>
</ul>
<h1>Documentation, examples, tests</h1>
<ul>
<li>readme: change godoc to pkg.go.dev (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/963">#963</a>) (thanks <a href="https://github.com/relunctance"><code>@​relunctance</code></a>)</li>
<li>readme: add links to generator tools (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/964">#964</a>)</li>
<li>metrics/cloudwatch: fix bad Gauge test (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/975">#975</a>) (thanks <a href="https://github.com/Trane9991"><code>@​Trane9991</code></a>)</li>
<li>readme: update the link and description for go-micro (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/989">#989</a>) (thanks <a href="https://github.com/asim"><code>@​asim</code></a>)</li>
<li>examples: add missing &quot;to&quot; preposition (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1014">#1014</a>)</li>
<li>tracing/opencensus: fix failing tests (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1021">#1021</a>) (thanks <a href="https://github.com/ryan-lang"><code>@​ryan-lang</code></a>)</li>
<li>log: fix doc comment (<a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1028">#1028</a>) (thanks <a href="https://github.com/vrazdalovschi"><code>@​vrazdalovschi</code></a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a6c5d5805b"><code>a6c5d58</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1129">#1129</a> from sagikazarmark/improve-example-references</li>
<li><a href="4c47fd8c8a"><code>4c47fd8</code></a> remove examples from gitignore</li>
<li><a href="908c5cf02c"><code>908c5cf</code></a> docs: fix example links</li>
<li><a href="d19ee33dd5"><code>d19ee33</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1128">#1128</a> from robbert229/patch-1</li>
<li><a href="ccf3d8d333"><code>ccf3d8d</code></a> fix a broken link to the addsvc example</li>
<li><a href="f80eb06d27"><code>f80eb06</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1121">#1121</a> from sagikazarmark/remove-kitgen</li>
<li><a href="32681cc0d6"><code>32681cc</code></a> remove deprecated kitgen</li>
<li><a href="2ca6ab212f"><code>2ca6ab2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1112">#1112</a> from sagikazarmark/opentelemetry</li>
<li><a href="a119c95f09"><code>a119c95</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1122">#1122</a> from sagikazarmark/nats-test-panic</li>
<li><a href="2216160e8e"><code>2216160</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/go-kit/kit/issues/1124">#1124</a> from sagikazarmark/update-dependencies</li>
<li>Additional commits viewable in <a href="https://github.com/go-kit/kit/compare/v0.10.0...v0.11.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-kit/kit&package-manager=go_modules&previous-version=0.10.0&new-version=0.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.1.3...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.7.0 to 1.8.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="64821dda5a"><code>64821dd</code></a> public method to check cors domain (<a href="https://github-redirect.dependabot.com/rs/cors/issues/115">#115</a>)</li>
<li><a href="f9bce55a4e"><code>f9bce55</code></a> Updating renamed pressly import to go-chi (<a href="https://github-redirect.dependabot.com/rs/cors/issues/112">#112</a>)</li>
<li><a href="8b4a00bd36"><code>8b4a00b</code></a> Fix[RFC_7230] RFC-7230 compliance (<a href="https://github-redirect.dependabot.com/rs/cors/issues/103">#103</a>)</li>
<li><a href="be1c7e127a"><code>be1c7e1</code></a> Update preflight response status to http.StatusNoContent (204) (<a href="https://github-redirect.dependabot.com/rs/cors/issues/101">#101</a>)</li>
<li><a href="d4dacab067"><code>d4dacab</code></a> Add early break on allowedHeaders match found (<a href="https://github-redirect.dependabot.com/rs/cors/issues/95">#95</a>)</li>
<li><a href="6c08711d4f"><code>6c08711</code></a> Update go.mod (<a href="https://github-redirect.dependabot.com/rs/cors/issues/94">#94</a>)</li>
<li><a href="fdcf4f9773"><code>fdcf4f9</code></a> fix typo (<a href="https://github-redirect.dependabot.com/rs/cors/issues/87">#87</a>)</li>
<li><a href="927da63e68"><code>927da63</code></a> Fix doc comment on attribute (<a href="https://github-redirect.dependabot.com/rs/cors/issues/90">#90</a>)</li>
<li><a href="09a654deb2"><code>09a654d</code></a> Remove older version of Go from GH workflow</li>
<li><a href="a57a3ff56f"><code>a57a3ff</code></a> Update go support list</li>
<li>Additional commits viewable in <a href="https://github.com/rs/cors/compare/v1.7.0...v1.8.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/rs/cors&package-manager=go_modules&previous-version=1.7.0&new-version=1.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.38.0 to 1.39.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.38.0...v1.39.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sam Kleinman <garen@tychoish.com>

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.8.0 to 1.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/viper/releases">github.com/spf13/viper's releases</a>.</em></p>
<blockquote>
<h2>v1.8.1</h2>
<p>This patch releases fixes two minor issues:</p>
<ul>
<li>Replace <code>%s</code> with <code>%w</code> when wrapping errors</li>
<li>Fix <code>pflag.StringArray</code> processing</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="bd03865899"><code>bd03865</code></a> Add a proper processing for pflag.StringArray</li>
<li><a href="3fcad43618"><code>3fcad43</code></a> update %s to %w</li>
<li>See full diff in <a href="https://github.com/spf13/viper/compare/v1.8.0...v1.8.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/spf13/viper&package-manager=go_modules&previous-version=1.8.0&new-version=1.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

At Oasis we have spend some time writing a new Ed25519/X25519/sr25519 implementation called curve25519-voi.  This PR switches the import from ed25519consensus/go-schnorrkel, which should lead to performance gains on most systems.

Summary of changes:
 * curve25519-voi is now used for Ed25519 operations, following the existing ZIP-215 semantics.
 * curve25519-voi's public key cache is enabled (hardcoded size of 4096 entries, should be tuned, see the code comment) to accelerate repeated Ed25519 verification with the same public key(s).
 * (BREAKING) curve25519-voi is now used for sr25519 operations.  This is a breaking change as the current sr25519 support does something decidedly non-standard when going from a MiniSecretKey to a SecretKey and or PublicKey (The expansion routine is called twice).  While I believe the new behavior (that expands once and only once) to be more "correct", this changes the semantics as implemented.
 * curve25519-voi is now used for merlin since the included STROBE implementation produces much less garbage on the heap.

Side issues fixed:
 * The version of go-schnorrkel that is currently imported by tendermint has a badly broken batch verification implementation.  Upstream has fixed the issue after I reported it, so the version should be bumped in the interim.

Open design questions/issues:
 * As noted, the public key cache size should be tuned.  It is currently backed by a trivial thread-safe LRU cache, which is not scan-resistant, but replacing it with something better is a matter of implementing an interface.
 * As far as I can tell, the only reason why serial verification on batch failure is necessary is to provide more detailed error messages (that are only used in some unit tests).  If you trust the batch verification to be consistent with serial verification then the fallback can be eliminated entirely (the BatchVerifier provided by the new library supports an option that omits the fallback if this is chosen as the way forward).
 * curve25519-voi's sr25519 support could use more optimization and more eyes on the code.  The algorithm unfortunately is woefully under-specified, and the implementation was done primarily because I got really sad when I actually looked at go-schnorrkel, and we do not use the algorithm at this time.

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.1 to 1.8.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.7.1...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Addresses  #3931

Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/rs/zerolog/releases)
- [Commits](https://github.com/rs/zerolog/compare/v1.22.0...v1.23.0)

---
updated-dependencies:
- dependency-name: github.com/rs/zerolog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/btcsuite/btcd](https://github.com/btcsuite/btcd) from 0.21.0-beta to 0.22.0-beta.
- [Release notes](https://github.com/btcsuite/btcd/releases)
- [Changelog](https://github.com/btcsuite/btcd/blob/master/CHANGES)
- [Commits](https://github.com/btcsuite/btcd/compare/v0.21.0-beta...v0.22.0-beta)

---
updated-dependencies:
- dependency-name: github.com/btcsuite/btcd
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sam Kleinman <garen@tychoish.com>

## Description

remove IAVL as a Tendermint dependency.

closes #5694 

I dont think this needs a changelog entry.

Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/lib/pq/releases">github.com/lib/pq's releases</a>.</em></p>
<blockquote>
<h2>v1.10.2</h2>
<ul>
<li>fix TimeTZ with second offsets</li>
<li>fix GOOS compilation</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="2da6713d67"><code>2da6713</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/lib/pq/issues/1039">#1039</a> from otan-cockroach/timetz_fix</li>
<li><a href="ad47bab1aa"><code>ad47bab</code></a> encode: fix TimeTZ with second offsets</li>
<li><a href="99af95f861"><code>99af95f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/lib/pq/issues/1041">#1041</a> from otan-cockroach/libpq</li>
<li><a href="62fa4b32ec"><code>62fa4b3</code></a> .travis.yml: fix CI</li>
<li><a href="d2b13db12b"><code>d2b13db</code></a> Delete test.yml</li>
<li><a href="a1b1a43f73"><code>a1b1a43</code></a> Create test.yml</li>
<li><a href="b2cfb1abfd"><code>b2cfb1a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/lib/pq/issues/1036">#1036</a> from bukforks/master</li>
<li><a href="6ed3b8ac03"><code>6ed3b8a</code></a> rm unused imports</li>
<li><a href="feb727accb"><code>feb727a</code></a> userCurrent for unsupported GOOS</li>
<li>See full diff in <a href="https://github.com/lib/pq/compare/v1.10.1...v1.10.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/lib/pq&package-manager=go_modules&previous-version=1.10.1&new-version=1.10.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.1 to 1.38.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p>
<blockquote>
<h2>Release 1.38.0</h2>
<h1>API Changes</h1>
<ul>
<li>reflection: accept interface instead of grpc.Server struct in Register() (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4340">#4340</a>)</li>
<li>resolver: add error return value from ClientConn.UpdateState (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4270">#4270</a>)</li>
</ul>
<h1>Behavior Changes</h1>
<ul>
<li>client: do not poll name resolver when errors or bad updates are reported (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4270">#4270</a>)</li>
<li>transport: InTapHandle may return RPC status errors; no longer RST_STREAMs (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4365">#4365</a>)</li>
</ul>
<h1>New Features</h1>
<ul>
<li>client: propagate connection error causes to RPC status (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4311">#4311</a>, <a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4316">#4316</a>)</li>
<li>xds: support inline RDS resource from LDS response (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4299">#4299</a>)</li>
<li>xds: server side support is now experimentally available</li>
<li>server: add ForceServerCodec() to set a custom encoding.Codec on the server (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4205">#4205</a>)
<ul>
<li>Special Thanks: <a href="https://github.com/ash2k"><code>@​ash2k</code></a></li>
</ul>
</li>
</ul>
<h1>Performance Improvements</h1>
<ul>
<li>metadata: reduce memory footprint in FromOutgoingContext (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4360">#4360</a>)
<ul>
<li>Special Thanks: <a href="https://github.com/irfansharif"><code>@​irfansharif</code></a></li>
</ul>
</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>xds/balancergroup: fix rare memory leak after closing ClientConn (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4308">#4308</a>)</li>
</ul>
<h1>Documentation</h1>
<ul>
<li>examples: update xds examples for PSM security (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4256">#4256</a>)</li>
<li>grpc: improve docs on StreamDesc (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4397">#4397</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0257c86573"><code>0257c86</code></a> Change version to 1.38.0 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4418">#4418</a>)</li>
<li><a href="ce3e5ec0d8"><code>ce3e5ec</code></a> v1.38.x: backport (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4453">#4453</a>)</li>
<li><a href="5f95ad6233"><code>5f95ad6</code></a> xds: workaround to deflake xds e2e tests (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4413">#4413</a>)</li>
<li><a href="b1940e15f6"><code>b1940e1</code></a> xds: register resources at the mgmt server before requesting them (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4406">#4406</a>)</li>
<li><a href="98c895f7e0"><code>98c895f</code></a> cleanup: use testutils.MarshalAny in more places (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4404">#4404</a>)</li>
<li><a href="12a377b1e4"><code>12a377b</code></a> xds: nack route configuration with regexes that don't compile (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4388">#4388</a>)</li>
<li><a href="c15291b0f5"><code>c15291b</code></a> client: initialize safe config selector when creating ClientConn (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4398">#4398</a>)</li>
<li><a href="328b1d171a"><code>328b1d1</code></a> transport: allow InTapHandle to return status errors (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4365">#4365</a>)</li>
<li><a href="aff517ba8a"><code>aff517b</code></a> xds: make e2e tests use a single management server instance (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4399">#4399</a>)</li>
<li><a href="0439465fe2"><code>0439465</code></a> xds_resolver: fix flaky Test/XDSResolverDelayedOnCommitted (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4393">#4393</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.37.1...v1.38.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.37.1&new-version=1.38.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.0 to 1.37.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p>
<blockquote>
<h2>Release 1.37.1</h2>
<ul>
<li>client: fix rare panic when shutting down client while receiving the first name resolver update (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4398">#4398</a>)</li>
<li>client: fix leaked addrConn struct when addresses are updated (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4347">#4347</a>)</li>
<li>xds/resolver: prevent panic when two LDS updates are receives without RDS in between (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4327">#4327</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="64031cbfcf"><code>64031cb</code></a> Change version to 1.37.1 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4415">#4415</a>)</li>
<li><a href="ef64e13978"><code>ef64e13</code></a> v1.37.x: backport PRs (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4411">#4411</a>)</li>
<li><a href="43d7a9fbd8"><code>43d7a9f</code></a> test: enable xDS CSDS test (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4359">#4359</a>)</li>
<li><a href="274d8cf1f6"><code>274d8cf</code></a> Change version to 1.37.1-dev (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4305">#4305</a>)</li>
<li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.37.0...v1.37.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.37.0&new-version=1.37.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/cosmos/iavl](https://github.com/cosmos/iavl) from 0.15.3 to 0.16.0.
- [Release notes](https://github.com/cosmos/iavl/releases)
- [Changelog](https://github.com/cosmos/iavl/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cosmos/iavl/compare/v0.15.3...v0.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/grpc-ecosystem/go-grpc-middleware](https://github.com/grpc-ecosystem/go-grpc-middleware) from 1.2.2 to 1.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc-ecosystem/go-grpc-middleware/releases">github.com/grpc-ecosystem/go-grpc-middleware's releases</a>.</em></p>
<blockquote>
<h2>v1.3.0</h2>
<p><a href="https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.2.2...v1.3.0">Full changelog</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="df0f91b29b"><code>df0f91b</code></a> validator: add support for protoc-gen-validate 0.6.0 (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/417">#417</a>)</li>
<li><a href="165f605a7b"><code>165f605</code></a> Updating gogo/protobuf to v1.3.2 from v1.2.1 to fix CVE-2021-3121 (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/416">#416</a>)</li>
<li><a href="baff2d4634"><code>baff2d4</code></a> wrong example misguide user to catch panic (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/414">#414</a>)</li>
<li><a href="315ddd9812"><code>315ddd9</code></a> logging/zap/ctxzap: add shorthand functions (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/408">#408</a>)</li>
<li><a href="a77ba4df9c"><code>a77ba4d</code></a> Settable grpc logger (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/402">#402</a>)</li>
<li><a href="be4c235f9d"><code>be4c235</code></a> Support customization of timestamp format (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/398">#398</a>)</li>
<li><a href="912313c08f"><code>912313c</code></a> use status.Error instead of status.Errorf (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/397">#397</a>)</li>
<li><a href="fab13c27ec"><code>fab13c2</code></a> downgrade grpc requirements to &lt;1.30.0 (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/381">#381</a>)</li>
<li><a href="48900393c7"><code>4890039</code></a> Added stale bot (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/370">#370</a>)</li>
<li><a href="83ed827d3c"><code>83ed827</code></a> Fix logrus verbosity level checker (<a href="https://github-redirect.dependabot.com/grpc-ecosystem/go-grpc-middleware/issues/369">#369</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.2.2...v1.3.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/grpc-ecosystem/go-grpc-middleware&package-manager=go_modules&previous-version=1.2.2&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/confio/ics23/go](https://github.com/confio/ics23) from 0.6.3 to 0.6.6.
<details>
<summary>Commits</summary>
<ul>
<li><a href="53a3a58ab8"><code>53a3a58</code></a> Revert go mod</li>
<li><a href="b66f10fc78"><code>b66f10f</code></a> Bump to 0.6.5</li>
<li><a href="19f273dffb"><code>19f273d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/confio/ics23/issues/40">#40</a> from confio/cleanup</li>
<li><a href="46f21260db"><code>46f2126</code></a> Clippy and cleanup in tests</li>
<li><a href="667ddb335e"><code>667ddb3</code></a> Fix clippy warnings</li>
<li><a href="ea8b91d186"><code>ea8b91d</code></a> cargo fmt</li>
<li><a href="267cfba090"><code>267cfba</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/confio/ics23/issues/39">#39</a> from kostko/kostko/feature/more-ops</li>
<li><a href="346d8d9b19"><code>346d8d9</code></a> Implement FIXED32_LITTLE length operation</li>
<li><a href="61321db422"><code>61321db</code></a> Add SHA-512/256 hash operation</li>
<li><a href="77277ad2f8"><code>77277ad</code></a> Bump Rust to 0.6.4</li>
<li>Additional commits viewable in <a href="https://github.com/confio/ics23/compare/v0.6.3...go/v0.6.6">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/confio/ics23/go&package-manager=go_modules&previous-version=0.6.3&new-version=0.6.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.36.1 to 1.37.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p>
<blockquote>
<h2>Release 1.37.0</h2>
<h1>API Changes</h1>
<ul>
<li>balancer: Add UpdateAddresses() to balancer.ClientConn interface (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4215">#4215</a>)
<ul>
<li><strong>NOTICE</strong>: balancer.SubConn.UpdateAddresses() is now deprecated and will be <strong>REMOVED</strong> in gRPC-Go 1.39</li>
</ul>
</li>
</ul>
<h1>Behavior Changes</h1>
<ul>
<li>balancer/base: keep address attributes for pickers (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4253">#4253</a>)
<ul>
<li>Special Thanks: <a href="https://github.com/longXboy"><code>@​longXboy</code></a></li>
</ul>
</li>
</ul>
<h1>New Features</h1>
<ul>
<li>xds: add support for csds (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4226">#4226</a>, <a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4217">#4217</a>, <a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4243">#4243</a>)</li>
<li>admin: create admin package for conveniently registering standard admin services (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4274">#4274</a>)</li>
<li>xds: add support for HTTP filters (gRFC A39) (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4206">#4206</a>, <a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4221">#4221</a>)</li>
<li>xds: implement fault injection HTTP filter (A33) (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4236">#4236</a>)</li>
<li>xds: enable timeout, circuit breaking, and fault injection by default (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4286">#4286</a>)</li>
<li>xds: implement a priority based load balancer (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4070">#4070</a>)</li>
<li>xds/creds: support all SAN matchers on client-side (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4246">#4246</a>)</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>xds: add env var protection for client-side security (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4247">#4247</a>)</li>
<li>circuit breaking: update picker inline when there's a counter update (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4212">#4212</a>)</li>
<li>server: fail RPCs without POST HTTP method (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4241">#4241</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="daba805838"><code>daba805</code></a> Change version to 1.37.0 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4304">#4304</a>)</li>
<li><a href="03fa67a523"><code>03fa67a</code></a> xds/interop: register admin services and reflection (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4307">#4307</a>) (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4320">#4320</a>)</li>
<li><a href="4a19753e9d"><code>4a19753</code></a> interop: add a flag to clients to statically configure grpclb (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4290">#4290</a>)</li>
<li><a href="2456c5cff0"><code>2456c5c</code></a> Allow using interop client for making Traffic Director RPCs (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4291">#4291</a>)</li>
<li><a href="80e380eff4"><code>80e380e</code></a> balancer/base: keep address attributes for pickers (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4253">#4253</a>)</li>
<li><a href="702608ffae"><code>702608f</code></a> xds: enable timeout, circuit breaking, and fault injection by default (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4286">#4286</a>)</li>
<li><a href="faf4e1c777"><code>faf4e1c</code></a> xds: rename proto import to grpc (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4287">#4287</a>)</li>
<li><a href="46da49ca60"><code>46da49c</code></a> xds: use different proto import for grpc services (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4285">#4285</a>)</li>
<li><a href="b331a48e06"><code>b331a48</code></a> alts: re-add vmOnGCP and once globals for easier testing (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4284">#4284</a>)</li>
<li><a href="d26af8e391"><code>d26af8e</code></a> admin: implement admin services (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4274">#4274</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.36.1...v1.37.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.36.1&new-version=1.37.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/Workiva/go-datastructures](https://github.com/Workiva/go-datastructures) from 1.0.52 to 1.0.53.
- [Release notes](https://github.com/Workiva/go-datastructures/releases)
- [Commits](https://github.com/Workiva/go-datastructures/compare/v1.0.52...v1.0.53)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marko <marbar3778@yahoo.com>

Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/golang/protobuf/releases)
- [Commits](https://github.com/golang/protobuf/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/minio/highwayhash](https://github.com/minio/highwayhash) from 1.0.1 to 1.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/minio/highwayhash/releases">github.com/minio/highwayhash's releases</a>.</em></p>
<blockquote>
<h2>Version v1.0.2</h2>
<h2>Changelog</h2>
<h3>Fixed</h3>
<p>Issue <a href="https://github-redirect.dependabot.com/minio/highwayhash/issues/17">#17</a> - on arm64 (on Go 1.16) wrong hash values got computed due to incorrectly naming asm constants like regular Go functions. This probably confused the linker and caused the arm64 implementation to compute incorrect hash values. Fixed by 08ce0b4</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="08ce0b4fa7"><code>08ce0b4</code></a> Fix ARM64 assembly (<a href="https://github-redirect.dependabot.com/minio/highwayhash/issues/19">#19</a>)</li>
<li><a href="5311fe963f"><code>5311fe9</code></a> disable arm64 assembler and update CI to Go 1.16 (<a href="https://github-redirect.dependabot.com/minio/highwayhash/issues/18">#18</a>)</li>
<li>See full diff in <a href="https://github.com/minio/highwayhash/compare/v1.0.1...v1.0.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/minio/highwayhash&package-manager=go_modules&previous-version=1.0.1&new-version=1.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.9.0...v1.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.4.3 to 1.5.1.
- [Release notes](https://github.com/golang/protobuf/releases)
- [Commits](https://github.com/golang/protobuf/compare/v1.4.3...v1.5.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>
Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.35.0 to 1.36.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.35.0...v1.36.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tess Rinearson <tess.rinearson@gmail.com>
Co-authored-by: Callum Waters <cmwaters19@gmail.com>

Bumps [github.com/tendermint/tm-db](https://github.com/tendermint/tm-db) from 0.6.3 to 0.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/tendermint/tm-db/releases">github.com/tendermint/tm-db's releases</a>.</em></p>
<blockquote>
<h2>v0.6.4</h2>
<p><a href="https://github.com/tendermint/tm-db/blob/v0.6.4/CHANGELOG.md#064">https://github.com/tendermint/tm-db/blob/v0.6.4/CHANGELOG.md#064</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/tendermint/tm-db/blob/master/CHANGELOG.md">github.com/tendermint/tm-db's changelog</a>.</em></p>
<blockquote>
<h2>0.6.4</h2>
<p><strong>2021-02-09</strong></p>
<p>Bump protobuf to 1.3.2 and grpc to 1.35.0.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6f9a08cd45"><code>6f9a08c</code></a> update changelog for v0.6.4 (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/150">#150</a>)</li>
<li><a href="4de5f6b9a4"><code>4de5f6b</code></a> CODEOWNERS: remove erikgrinaker (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/148">#148</a>)</li>
<li><a href="9f5cde003a"><code>9f5cde0</code></a> build(deps): bump google.golang.org/grpc from 1.33.2 to 1.35.0 (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/143">#143</a>)</li>
<li><a href="c606a78361"><code>c606a78</code></a> build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0 (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/142">#142</a>)</li>
<li><a href="0438145e16"><code>0438145</code></a> build(deps): bump github.com/gogo/protobuf from 1.3.1 to 1.3.2 (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/140">#140</a>)</li>
<li><a href="f2b292dfc2"><code>f2b292d</code></a> testing: docker deployment (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/144">#144</a>)</li>
<li><a href="3157a92898"><code>3157a92</code></a> changelog: update with 0.5.2 release (<a href="https://github-redirect.dependabot.com/tendermint/tm-db/issues/138">#138</a>)</li>
<li>See full diff in <a href="https://github.com/tendermint/tm-db/compare/v0.6.3...v0.6.4">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/tendermint/tm-db&package-manager=go_modules&previous-version=0.6.3&new-version=0.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

## Description
 
- bump deadlock dep to master
  - fixes `make test` since we now use `deadlock.Once`

Closes: #XXX

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>

Closes #5907

- add init-corpus to blockchain reactor
- remove validator-set FromBytes test
now that we have proto, we don't need to test it! bye amino
- simplify mempool test
do we want to test remote ABCI app?
- do not recreate mux on every crash in jsonrpc test
- update p2p pex reactor test
- remove p2p/listener test
the API has changed + I did not understand what it's tested anyway
- update secretconnection test
- add readme and makefile
- list inputs in readme
- add nightly workflow
- remove blockchain fuzz test
EncodeMsg / DecodeMsg no longer exist

## Description

- bump gogoproto (1.3.2)
- regenerate proto files

Closes: #XXX

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.34.0 to 1.35.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p>
<blockquote>
<h2>Release 1.35.0</h2>
<h1>Behavior Changes</h1>
<ul>
<li>roundrobin: strip attributes from addresses (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4024">#4024</a>)</li>
<li>balancer: set RPC metadata in address attributes, instead of Metadata field (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4041">#4041</a>)</li>
</ul>
<h1>New Features</h1>
<ul>
<li>support unix-abstract schema (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4079">#4079</a>)
<ul>
<li>Special Thanks: <a href="https://github.com/resec">@resec</a></li>
</ul>
</li>
<li>xds: implement experimental RouteAction timeout support (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4116">#4116</a>)</li>
<li>xds: Implement experimental circuit breaking support. (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4050">#4050</a>)</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>xds: <code>server_features</code> should be a child of <code>xds_servers</code> and not a sibling (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4087">#4087</a>)</li>
<li>xds: NACK more invalid RDS responses (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4120">#4120</a>)</li>
</ul>
<h2>Release 1.34.1</h2>
<ul>
<li>xds client: Updated v3 type for http connection manager (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4137">#4137</a>)</li>
<li>lrs: use JSON for locality's String representation (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4135">#4135</a>)</li>
<li>eds/lrs: handle nil when LRS is disabled (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4086">#4086</a>)</li>
<li>client: fix &quot;unix&quot; scheme handling for some corner cases (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4021">#4021</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="577eb69627"><code>577eb69</code></a> Change version to 1.35.0 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4140">#4140</a>)</li>
<li><a href="fb40d83340"><code>fb40d83</code></a> xds interop: turn on circuit breaking test (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4144">#4144</a>)</li>
<li><a href="083393f287"><code>083393f</code></a> xds/resolver: fix resource deletion (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4143">#4143</a>)</li>
<li><a href="85e55dc558"><code>85e55dc</code></a> interop: update client for xds testing support (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4108">#4108</a>)</li>
<li><a href="6a318bb011"><code>6a318bb</code></a> xds: add HTTP connection manager max_stream_duration support (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4122">#4122</a>)</li>
<li><a href="0bd76be2bb"><code>0bd76be</code></a> lrs: use JSON for locality's String representation (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4135">#4135</a>)</li>
<li><a href="ecc9a99b66"><code>ecc9a99</code></a> interop: remove test.proto clones/variants and use grpc-proto repo instead (#...</li>
<li><a href="4f80d77fe4"><code>4f80d77</code></a> github: enable CodeQL checker (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4134">#4134</a>)</li>
<li><a href="829919d572"><code>829919d</code></a> xds client: Updated v3 type for http connection manager (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4137">#4137</a>)</li>
<li><a href="f4a20d2f41"><code>f4a20d2</code></a> xds: NACK more invalid RDS responses (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/4120">#4120</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.34.0...v1.35.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.34.0&new-version=1.35.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.1 to 1.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's releases</a>.</em></p>
<blockquote>
<h2>Minor improvements and bug fixes</h2>
<p>Minor feature improvements and bug fixes</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="acba37e5db"><code>acba37e</code></a> Only use repeatability if no repeatability left</li>
<li><a href="eb8c41ec07"><code>eb8c41e</code></a> Add more tests to mock package</li>
<li><a href="a5830c56d3"><code>a5830c5</code></a> Extract method to evaluate closest match</li>
<li><a href="1962448488"><code>1962448</code></a> Use Repeatability as tie-breaker for closest match</li>
<li><a href="92707c0b2d"><code>92707c0</code></a> Fixed the link to not point to assert only</li>
<li><a href="05dd0b2b35"><code>05dd0b2</code></a> Updated the readme to point to pkg.dev</li>
<li><a href="c26b7f39f8"><code>c26b7f3</code></a> Update assertions.go</li>
<li><a href="8fb4b2442e"><code>8fb4b24</code></a> [Fix] The most recent changes to golang/protobuf breaks the spew Circular dat...</li>
<li><a href="dc8af7208c"><code>dc8af72</code></a> add generated code for positive/negative assertion</li>
<li><a href="1544508911"><code>1544508</code></a> add assert positive/negative</li>
<li>Additional commits viewable in <a href="https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/stretchr/testify&package-manager=go_modules&previous-version=1.6.1&new-version=1.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: Anton Kaliaev <anton.kalyaev@gmail.com>

Bumps [github.com/cosmos/iavl](https://github.com/cosmos/iavl) from 0.15.2 to 0.15.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/cosmos/iavl/releases">github.com/cosmos/iavl's releases</a>.</em></p>
<blockquote>
<h2>v0.15.3</h2>
<p><a href="257e8b9292/CHANGELOG.md (0153-december-21-2020</a></p>)
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/cosmos/iavl/blob/master/CHANGELOG.md">github.com/cosmos/iavl's changelog</a>.</em></p>
<blockquote>
<h2>0.15.3 (December 21, 2020)</h2>
<p>Special thanks to external contributors on this release: <a href="https://github.com/odeke-em">@odeke-em</a></p>
<h3>Improvements</h3>
<ul>
<li><a href="https://github-redirect.dependabot.com/cosmos/iavl/pull/352">#352</a> Reuse buffer to improve performance of <code>GetMembershipProof()</code> and <code>GetNonMembershipProof()</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="257e8b9292"><code>257e8b9</code></a> changelog: release 0.15.3 (<a href="https://github-redirect.dependabot.com/cosmos/iavl/issues/353">#353</a>)</li>
<li><a href="b2dffed4b2"><code>b2dffed</code></a> convertVarIntToBytes: use reusable bytes array (<a href="https://github-redirect.dependabot.com/cosmos/iavl/issues/352">#352</a>)</li>
<li><a href="9e510e5a64"><code>9e510e5</code></a> github: run tests with 32-bit arch as well (<a href="https://github-redirect.dependabot.com/cosmos/iavl/issues/350">#350</a>)</li>
<li>See full diff in <a href="https://github.com/cosmos/iavl/compare/v0.15.2...v0.15.3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/cosmos/iavl&package-manager=go_modules&previous-version=0.15.2&new-version=0.15.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.8.0 to 1.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p>
<blockquote>
<h2>1.9.0 / 2020-12-17</h2>
<ul>
<li>[FEATURE] <code>NewPidFileFn</code> helper to create process collectors for processes whose PID is read from a file. <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/804">#804</a></li>
<li>[BUGFIX] promhttp: Prevent endless loop in <code>InstrumentHandler...</code> middlewares with invalid metric or label names. <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/823">#823</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p>
<blockquote>
<h2>1.9.0 / 2020-12-17</h2>
<ul>
<li>[FEATURE] <code>NewPidFileFn</code> helper to create process collectors for processes whose PID is read from a file. <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/804">#804</a></li>
<li>[BUGFIX] promhttp: Prevent endless loop in <code>InstrumentHandler...</code> middlewares with invalid metric or label names. <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/823">#823</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d89cf5af88"><code>d89cf5a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/826">#826</a> from prometheus/beorn7/release</li>
<li><a href="80ca9cdc4e"><code>80ca9cd</code></a> Cut release 1.9.0</li>
<li><a href="8d16199dea"><code>8d16199</code></a> Update dependencies</li>
<li><a href="8b73bd904c"><code>8b73bd9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/823">#823</a> from prometheus/beorn7/promhttp</li>
<li><a href="98eb6cbf7c"><code>98eb6cb</code></a> promhttp: Correctly detect invalid metric and label names</li>
<li><a href="37c26edd5b"><code>37c26ed</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/821">#821</a> from prometheus/beorn7/multierror</li>
<li><a href="34ca120377"><code>34ca120</code></a> Be more explicit about the multi-line properties of MultiError</li>
<li><a href="fd6d368676"><code>fd6d368</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/client_golang/issues/819">#819</a> from jubalh/sp</li>
<li><a href="cf6dc82780"><code>cf6dc82</code></a> Correct spelling: possibilites -&gt; possibilities</li>
<li><a href="39b478e90c"><code>39b478e</code></a> Added example api code showing how to add auth tokens and user agents to prom...</li>
<li>Additional commits viewable in <a href="https://github.com/prometheus/client_golang/compare/v1.8.0...v1.9.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.8.0&new-version=1.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Bumps [github.com/cosmos/iavl](https://github.com/cosmos/iavl) from 0.15.0 to 0.15.2.
- [Release notes](https://github.com/cosmos/iavl/releases)
- [Changelog](https://github.com/cosmos/iavl/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cosmos/iavl/compare/v0.15.0...v0.15.2)

Signed-off-by: dependabot[bot] <support@github.com>

## Description

Bump version to get performance updates:

```
benchmark                    old ns/op     new ns/op     delta
BenchmarkVerification-8      174857        78376         -55.18%
```

Closes: #XXX

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>
Co-authored-by: Marko <marbar3778@yahoo.com>

Bumps [github.com/cosmos/iavl](https://github.com/cosmos/iavl) from 0.15.0-rc5 to 0.15.0.
- [Release notes](https://github.com/cosmos/iavl/releases)
- [Changelog](https://github.com/cosmos/iavl/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cosmos/iavl/compare/v0.15.0-rc5...v0.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps IAVL, which pulled in some other upgrades as well. I think they should be fine though.

Bumps [github.com/tendermint/tm-db](https://github.com/tendermint/tm-db) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/tendermint/tm-db/releases)
- [Changelog](https://github.com/tendermint/tm-db/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tendermint/tm-db/compare/v0.6.2...v0.6.3)

Signed-off-by: dependabot[bot] <support@github.com>