diff --git a/.github/dependabot/config.yml b/.github/dependabot/config.yml
new file mode 100644
index 0000000..5ace460
--- /dev/null
+++ b/.github/dependabot/config.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..11add3f
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,101 @@
+name: Build and Test
+
+on:
+  push:
+    branches:
+      - dev
+      - stage
+      - main
+      - release**
+  pull_request:
+
+jobs:
+  job_go_checks:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - name: Print github env vars
+        run: |
+          echo github.event_name: ${{ github.event_name }}
+          echo github.ref: ${{ github.ref }}
+          echo github.ref_name: ${{ github.ref_name }}
+          echo github.head_ref: ${{ github.head_ref }}
+          echo github.base_ref: ${{ github.base_ref }}
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Go environment
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.23'
+      - name: Tidy go module
+        run: |
+          go mod tidy
+          if [[ $(git status --porcelain) ]]; then
+            git diff
+            echo
+            echo "go mod tidy made these changes, please run 'go mod tidy' and include those changes in a commit"
+            exit 1
+          fi
+      - name: Run gofumpt
+        # Run gofumpt first, as it's quick and issues are common.
+        run: diff -u <(echo -n) <(go run mvdan.cc/gofumpt@v0.7.0 -d .)
+      - name: Run go vet
+        run: go vet ./...
+      - name: Run go generate
+        run: |
+          go generate ./...
+          if [[ $(git status --porcelain) ]]; then
+            git diff
+            echo
+            echo "go generate made these changes, please run 'go generate ./...' and include those changes in a commit"
+            exit 1
+          fi
+      - name: Run staticcheck
+        run: |
+          go install honnef.co/go/tools/cmd/staticcheck@2024.1.1
+          staticcheck -debug.version
+          staticcheck ./... 2> staticcheck-stderr
+      - name: Check staticcheck stderr (this step isn't needed because we are using actions/setup-go@v5 on GitHub hosted runner)
+        run: |
+          if cat staticcheck-stderr | grep "matched no packages" ; then
+            echo "staticcheck step did nothing, due to https://github.com/vocdoni/vocdoni-node/issues/444"
+            echo "Please re-run job."
+            # seize the opportunity to fix the underlying problem: a permissions error in ~/.cache
+            epoch=$(date +%s)
+            # if any file is reported by find, grep returns true and the mv is done
+            if [ -d ~/.cache ] && find ~/.cache -not -user `id --user` -print0 | grep -qz . ; then
+              echo "~/.cache had broken permissions, moving it away... (cache will be rebuilt with usage)"
+              mv -v ~/.cache ~/.cache-broken-by-root-$epoch
+            fi
+            exit 2
+          fi
+
+  job_go_test:
+    runs-on: ubuntu-latest
+    env:
+      LOG_PANIC_ON_INVALIDCHARS: true # check that log lines contains no invalid chars (evidence of format mismatch)
+    steps:
+      - uses: actions/checkout@v4
+      - uses: benjlevesque/short-sha@v3.0 # sets env.SHA to the first 7 chars of github.sha
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.23'
+      - run: mkdir -p "$PWD/gocoverage-unit/"
+      - name: Run Go test -race
+        id: go-test-race
+        # note that -race can easily make the crypto stuff 10x slower
+        # this is further limited to selected branches at the beginning of this file
+        if: runner.debug ||
+            github.event_name == 'push' &&
+            github.ref != 'refs/heads/dev'
+        env:
+          GORACE: atexit_sleep_ms=10 # the default of 1000 makes every Go package test sleep for 1s; see https://go.dev/issues/20364
+        run: go test ./...
+          -race -timeout=15m -vet=off
+          -cover -coverpkg=./... -covermode=atomic -args -test.gocoverdir="$PWD/gocoverage-unit/"
+      - name: Run Go test
+        if: steps.go-test-race.outcome == 'skipped'
+        # quicker, non-race test in case it's a PR or push to dev
+        run: go test ./...
diff --git a/crypto/ecc/bjj_iden3/babyjubjub.go b/crypto/ecc/bjj_iden3/babyjubjub.go
index 2a17dba..30851d6 100644
--- a/crypto/ecc/bjj_iden3/babyjubjub.go
+++ b/crypto/ecc/bjj_iden3/babyjubjub.go
@@ -67,8 +67,8 @@ func (g *BJJ) Neg(a curve.Point) {
 	proj := g.inner.Projective()
 	proj.X = proj.X.Neg(proj.X)
 	g.inner.X = g.inner.X.Set(proj.Affine().X)
-	//g.inner.X = g.inner.X.Neg(g.inner.X) // Negate the x-coordinate
-	//g.inner.X = g.inner.X.Mod(g.inner.X, constants.Q)
+	// g.inner.X = g.inner.X.Neg(g.inner.X) // Negate the x-coordinate
+	// g.inner.X = g.inner.X.Mod(g.inner.X, constants.Q)
 }
 
 func (g *BJJ) SetZero() {
@@ -91,8 +91,8 @@ func (g *BJJ) SetGenerator() {
 }
 
 func (g *BJJ) String() string {
-	//bytes := g.Marshal()
-	//return fmt.Sprintf("%x", bytes)
+	// bytes := g.Marshal()
+	// return fmt.Sprintf("%x", bytes)
 	return fmt.Sprintf("%s,%s", g.inner.X.String(), g.inner.Y.String())
 }
 
diff --git a/crypto/elgamal/dkg/dkg.go b/crypto/elgamal/dkg/dkg.go
index 003e8f3..049ecb1 100644
--- a/crypto/elgamal/dkg/dkg.go
+++ b/crypto/elgamal/dkg/dkg.go
@@ -55,8 +55,8 @@ func (p *Participant) GenerateSecretPolynomial() {
 		p.PublicCoeffs = append(p.PublicCoeffs, commitment)
 
 		// Log the secret coefficient and commitment
-		//log.Printf("Participant %d: SecretCoeff[%d] = %s", p.ID, i, coeff.String())
-		//log.Printf("Participant %d: PublicCoeff[%d] = %s", p.ID, i, commitment.String())
+		// log.Printf("Participant %d: SecretCoeff[%d] = %s", p.ID, i, coeff.String())
+		// log.Printf("Participant %d: PublicCoeff[%d] = %s", p.ID, i, commitment.String())
 	}
 }
 
diff --git a/crypto/elgamal/dkg/secies/secies_test.go b/crypto/elgamal/dkg/secies/secies_test.go
index 5e6e648..e6972c1 100644
--- a/crypto/elgamal/dkg/secies/secies_test.go
+++ b/crypto/elgamal/dkg/secies/secies_test.go
@@ -184,7 +184,6 @@ func TestDecryptionWithMalformedCiphertext(t *testing.T) {
 	if recoveredMessage.Cmp(message) == 0 {
 		t.Fatal("Decryption should have failed with corrupted RBytes, but it succeeded")
 	}
-
 }
 
 func TestEncryptDecryptWithMaxMessage(t *testing.T) {
diff --git a/go.mod b/go.mod
index 21a9707..888d99b 100644
--- a/go.mod
+++ b/go.mod
@@ -32,7 +32,6 @@ require (
 	github.com/cockroachdb/pebble v1.1.2 // indirect
 	github.com/cockroachdb/redact v1.1.5 // indirect
 	github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 // indirect
-	github.com/cometbft/cometbft v1.0.0-alpha.1 // indirect
 	github.com/consensys/bavard v0.1.24 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dchest/blake512 v1.0.0 // indirect
@@ -40,8 +39,6 @@ require (
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/getsentry/sentry-go v0.27.0 // indirect
 	github.com/glendc/go-external-ip v0.1.0 // indirect
-	github.com/go-kit/log v0.2.1 // indirect
-	github.com/go-logfmt/logfmt v0.6.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/snappy v0.0.5-0.20220116011046-fa5810519dcb // indirect
 	github.com/google/go-cmp v0.6.0 // indirect