diff --git a/secp256k1-haskell.cabal b/secp256k1-haskell.cabal
--- a/secp256k1-haskell.cabal
+++ b/secp256k1-haskell.cabal
@@ -1,16 +1,16 @@
 cabal-version: 2.0
 
--- This file has been generated from package.yaml by hpack version 0.34.4.
+-- This file has been generated from package.yaml by hpack version 0.35.1.
 --
 -- see: https://github.com/sol/hpack
 
 name:           secp256k1-haskell
-version:        0.6.1
+version:        0.7.0
 synopsis:       Bindings for secp256k1
 description:    Sign and verify signatures using the secp256k1 library.
 category:       Crypto
 homepage:       http://github.com/haskoin/secp256k1-haskell#readme
-bug-reports:    https://github.com/haskoin/secp256k1-haskell.git/issues
+bug-reports:    https://github.com/haskoin/secp256k1-haskell/issues
 author:         Jean-Pierre Rupp
 maintainer:     jprupp@protonmail.ch
 copyright:      (c) 2017 Jean-Pierre Rupp
@@ -23,7 +23,7 @@
 
 source-repository head
   type: git
-  location: https://github.com/haskoin/secp256k1-haskell.git
+  location: https://github.com/haskoin/secp256k1-haskell
 
 library
   exposed-modules:
@@ -39,7 +39,7 @@
   build-depends:
       QuickCheck >=2.9.2 && <2.15
     , base >=4.9 && <5
-    , base16 >=0.3.0.1
+    , base16 >=1.0
     , bytestring >=0.10.8 && <0.12
     , cereal >=0.5.4 && <0.6
     , deepseq >=1.4.2 && <1.5
@@ -56,6 +56,8 @@
       Crypto.Secp256k1.InternalSpec
       Crypto.Secp256k1Spec
       Paths_secp256k1_haskell
+  autogen-modules:
+      Paths_secp256k1_haskell
   hs-source-dirs:
       test
   ghc-options: -threaded -rtsopts -with-rtsopts=-N
@@ -63,7 +65,7 @@
       HUnit
     , QuickCheck >=2.9.2 && <2.15
     , base >=4.9 && <5
-    , base16 >=0.3.0.1
+    , base16 >=1.0
     , bytestring >=0.10.8 && <0.12
     , cereal >=0.5.4 && <0.6
     , deepseq >=1.4.2 && <1.5
diff --git a/src/Crypto/Secp256k1.hs b/src/Crypto/Secp256k1.hs
--- a/src/Crypto/Secp256k1.hs
+++ b/src/Crypto/Secp256k1.hs
@@ -1,357 +1,392 @@
-{-# LANGUAGE DeriveGeneric              #-}
-{-# LANGUAGE FlexibleContexts           #-}
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE FlexibleContexts #-}
 {-# LANGUAGE GeneralizedNewtypeDeriving #-}
-{-# LANGUAGE MultiParamTypeClasses      #-}
-{-|
-Module      : Crypto.Secp256k1
-License     : UNLICENSE
-Maintainer  : Jean-Pierre Rupp <jprupp@protonmail.ch>
-Stability   : experimental
-Portability : POSIX
+{-# LANGUAGE MultiParamTypeClasses #-}
+{-# LANGUAGE ImportQualifiedPost #-}
 
-Crytpographic functions from Bitcoin’s secp256k1 library.
--}
+-- |
+-- Module      : Crypto.Secp256k1
+-- License     : UNLICENSE
+-- Maintainer  : Jean-Pierre Rupp <jprupp@protonmail.ch>
+-- Stability   : experimental
+-- Portability : POSIX
+--
+-- Crytpographic functions from Bitcoin’s secp256k1 library.
 module Crypto.Secp256k1
-    ( -- * Messages
-      Msg
-    , msg
-    , getMsg
+  ( -- * Messages
+    Msg,
+    msg,
+    getMsg,
 
     -- * Secret Keys
-    , SecKey
-    , secKey
-    , getSecKey
-    , derivePubKey
+    SecKey,
+    secKey,
+    getSecKey,
+    derivePubKey,
 
     -- * Public Keys
-    , PubKey
-    , importPubKey
-    , exportPubKey
+    PubKey,
+    importPubKey,
+    exportPubKey,
 
     -- * Signatures
-    , Sig
-    , signMsg
-    , verifySig
-    , normalizeSig
+    Sig,
+    signMsg,
+    verifySig,
+    normalizeSig,
+
     -- ** DER
-    , importSig
-    , exportSig
+    importSig,
+    exportSig,
+
     -- ** Compact
-    , CompactSig
-    , getCompactSig
-    , compactSig
-    , exportCompactSig
-    , importCompactSig
+    CompactSig,
+    getCompactSig,
+    compactSig,
+    exportCompactSig,
+    importCompactSig,
 
     -- * Addition & Multiplication
-    , Tweak
-    , tweak
-    , getTweak
-    , tweakAddSecKey
-    , tweakMulSecKey
-    , tweakAddPubKey
-    , tweakMulPubKey
-    , combinePubKeys
-    , tweakNegate
-    ) where
+    Tweak,
+    tweak,
+    getTweak,
+    tweakAddSecKey,
+    tweakMulSecKey,
+    tweakAddPubKey,
+    tweakMulPubKey,
+    combinePubKeys,
+    tweakNegate,
+  )
+where
 
-import           Control.DeepSeq           (NFData)
-import           Control.Monad             (replicateM, unless, (<=<))
-import           Crypto.Secp256k1.Internal
-import           Data.ByteString           (ByteString)
-import qualified Data.ByteString           as BS
-import qualified Data.ByteString.Base16    as B16
-import           Data.Hashable             (Hashable (..))
-import           Data.Maybe                (fromJust, fromMaybe, isJust)
-import           Data.Serialize            (Serialize (..), getByteString,
-                                            putByteString)
-import           Data.String               (IsString (..))
-import           Data.String.Conversions   (ConvertibleStrings, cs)
-import           Foreign                   (alloca, allocaArray, allocaBytes,
-                                            free, mallocBytes, nullFunPtr,
-                                            nullPtr, peek, poke, pokeArray)
-import           GHC.Generics              (Generic)
-import           System.IO.Unsafe          (unsafePerformIO)
-import           Test.QuickCheck           (Arbitrary (..),
-                                            arbitraryBoundedRandom, suchThat)
-import           Text.Read                 (Lexeme (String), lexP, parens,
-                                            pfail, readPrec)
+import Control.DeepSeq (NFData)
+import Control.Monad (replicateM, unless, (<=<))
+import Crypto.Secp256k1.Internal
+import Data.Base16.Types (assertBase16, extractBase16)
+import Data.ByteString (ByteString)
+import Data.ByteString qualified as BS
+import Data.ByteString.Base16 (decodeBase16, encodeBase16, isBase16)
+import Data.Hashable (Hashable (..))
+import Data.Maybe (fromJust, fromMaybe, isJust)
+import Data.Serialize
+  ( Serialize (..),
+    getByteString,
+    putByteString,
+  )
+import Data.String (IsString (..))
+import Data.String.Conversions (ConvertibleStrings, cs)
+import Foreign
+  ( alloca,
+    allocaArray,
+    allocaBytes,
+    free,
+    mallocBytes,
+    nullFunPtr,
+    nullPtr,
+    peek,
+    poke,
+    pokeArray,
+  )
+import GHC.Generics (Generic)
+import System.IO.Unsafe (unsafePerformIO)
+import Test.QuickCheck
+  ( Arbitrary (..),
+    arbitraryBoundedRandom,
+    suchThat,
+  )
+import Text.Read
+  ( Lexeme (String),
+    lexP,
+    parens,
+    pfail,
+    readPrec,
+  )
 
-newtype PubKey     = PubKey     { getPubKey     :: ByteString    }
-    deriving (Eq, Generic, NFData)
-newtype Msg        = Msg        { getMsg        :: ByteString    }
-    deriving (Eq, Generic, NFData)
-newtype Sig        = Sig        { getSig        :: ByteString    }
-    deriving (Eq, Generic, NFData)
-newtype SecKey     = SecKey     { getSecKey     :: ByteString    }
-    deriving (Eq, Generic, NFData)
-newtype Tweak      = Tweak      { getTweak      :: ByteString    }
-    deriving (Eq, Generic, NFData)
-newtype CompactSig = CompactSig { getCompactSig :: ByteString    }
-    deriving (Eq, Generic, NFData)
+newtype PubKey = PubKey {getPubKey :: ByteString}
+  deriving (Eq, Generic, NFData)
 
+newtype Msg = Msg {getMsg :: ByteString}
+  deriving (Eq, Generic, NFData)
+
+newtype Sig = Sig {getSig :: ByteString}
+  deriving (Eq, Generic, NFData)
+
+newtype SecKey = SecKey {getSecKey :: ByteString}
+  deriving (Eq, Generic, NFData)
+
+newtype Tweak = Tweak {getTweak :: ByteString}
+  deriving (Eq, Generic, NFData)
+
+newtype CompactSig = CompactSig {getCompactSig :: ByteString}
+  deriving (Eq, Generic, NFData)
+
 instance Serialize PubKey where
-    put (PubKey bs) = putByteString bs
-    get = PubKey <$> getByteString 64
+  put (PubKey bs) = putByteString bs
+  get = PubKey <$> getByteString 64
 
 instance Serialize Msg where
-    put (Msg m) = putByteString m
-    get = Msg <$> getByteString 32
+  put (Msg m) = putByteString m
+  get = Msg <$> getByteString 32
 
 instance Serialize Sig where
-    put (Sig bs) = putByteString bs
-    get = Sig <$> getByteString 64
+  put (Sig bs) = putByteString bs
+  get = Sig <$> getByteString 64
 
 instance Serialize SecKey where
-    put (SecKey bs) = putByteString bs
-    get = SecKey <$> getByteString 32
+  put (SecKey bs) = putByteString bs
+  get = SecKey <$> getByteString 32
 
 instance Serialize Tweak where
-    put (Tweak bs) = putByteString bs
-    get = Tweak <$> getByteString 32
+  put (Tweak bs) = putByteString bs
+  get = Tweak <$> getByteString 32
 
 instance Serialize CompactSig where
-    put (CompactSig bs) = putByteString bs
-    get = CompactSig <$> getByteString 64
+  put (CompactSig bs) = putByteString bs
+  get = CompactSig <$> getByteString 64
 
-decodeHex :: ConvertibleStrings a ByteString => a -> Maybe ByteString
-decodeHex str = case B16.decodeBase16 $ cs str of
-  Right bs -> Just bs
-  Left _ -> Nothing
+decodeHex :: (ConvertibleStrings a ByteString) => a -> Maybe ByteString
+decodeHex str =
+  if isBase16 $ cs str
+    then Just . decodeBase16 $ assertBase16 $ cs str
+    else Nothing
 
 instance Read PubKey where
-    readPrec = do
-        String str <- lexP
-        maybe pfail return $ importPubKey =<< decodeHex str
+  readPrec = do
+    String str <- lexP
+    maybe pfail return $ importPubKey =<< decodeHex str
 
 instance Hashable PubKey where
-    i `hashWithSalt` k = i `hashWithSalt` exportPubKey True k
+  i `hashWithSalt` k = i `hashWithSalt` exportPubKey True k
 
 instance IsString PubKey where
-    fromString = fromMaybe e . (importPubKey <=< decodeHex) where
-        e = error "Could not decode public key from hex string"
+  fromString = fromMaybe e . (importPubKey <=< decodeHex)
+    where
+      e = error "Could not decode public key from hex string"
 
 instance Show PubKey where
-    showsPrec _ = shows . B16.encodeBase16 . exportPubKey True
+  showsPrec _ = shows . extractBase16 . encodeBase16 . exportPubKey True
 
 instance Read Msg where
-    readPrec = parens $ do
-        String str <- lexP
-        maybe pfail return $ msg =<< decodeHex str
+  readPrec = parens $ do
+    String str <- lexP
+    maybe pfail return $ msg =<< decodeHex str
 
 instance Hashable Msg where
-    i `hashWithSalt` m = i `hashWithSalt` getMsg m
+  i `hashWithSalt` m = i `hashWithSalt` getMsg m
 
 instance IsString Msg where
-    fromString = fromMaybe e . (msg <=< decodeHex)  where
-        e = error "Could not decode message from hex string"
+  fromString = fromMaybe e . (msg <=< decodeHex)
+    where
+      e = error "Could not decode message from hex string"
 
 instance Show Msg where
-    showsPrec _ = shows . B16.encodeBase16 . getMsg
+  showsPrec _ = shows . extractBase16 . encodeBase16 . getMsg
 
 instance Read Sig where
-    readPrec = parens $ do
-        String str <- lexP
-        maybe pfail return $ importSig =<< decodeHex str
+  readPrec = parens $ do
+    String str <- lexP
+    maybe pfail return $ importSig =<< decodeHex str
 
 instance IsString Sig where
-    fromString = fromMaybe e . (importSig <=< decodeHex) where
-        e = error "Could not decode signature from hex string"
+  fromString = fromMaybe e . (importSig <=< decodeHex)
+    where
+      e = error "Could not decode signature from hex string"
 
 instance Hashable Sig where
-    i `hashWithSalt` s = i `hashWithSalt` exportSig s
+  i `hashWithSalt` s = i `hashWithSalt` exportSig s
 
 instance Show Sig where
-    showsPrec _ = shows . B16.encodeBase16 . exportSig
+  showsPrec _ = shows . extractBase16 . encodeBase16 . exportSig
 
 instance Read SecKey where
-    readPrec = parens $ do
-        String str <- lexP
-        maybe pfail return $ secKey =<< decodeHex str
+  readPrec = parens $ do
+    String str <- lexP
+    maybe pfail return $ secKey =<< decodeHex str
 
 instance Hashable SecKey where
-    i `hashWithSalt` k = i `hashWithSalt` getSecKey k
+  i `hashWithSalt` k = i `hashWithSalt` getSecKey k
 
 instance IsString SecKey where
-    fromString = fromMaybe e . (secKey <=< decodeHex) where
-        e = error "Colud not decode secret key from hex string"
+  fromString = fromMaybe e . (secKey <=< decodeHex)
+    where
+      e = error "Colud not decode secret key from hex string"
 
 instance Show SecKey where
-    showsPrec _ = shows . B16.encodeBase16 . getSecKey
+  showsPrec _ = shows . extractBase16 . encodeBase16 . getSecKey
 
 instance Hashable Tweak where
-    i `hashWithSalt` t = i `hashWithSalt` getTweak t
+  i `hashWithSalt` t = i `hashWithSalt` getTweak t
 
 instance Read Tweak where
-    readPrec = parens $ do
-        String str <- lexP
-        maybe pfail return $ tweak =<< decodeHex str
+  readPrec = parens $ do
+    String str <- lexP
+    maybe pfail return $ tweak =<< decodeHex str
 
 instance IsString Tweak where
-    fromString = fromMaybe e . (tweak <=< decodeHex) where
-        e = error "Could not decode tweak from hex string"
+  fromString = fromMaybe e . (tweak <=< decodeHex)
+    where
+      e = error "Could not decode tweak from hex string"
 
 instance Show Tweak where
-    showsPrec _ = shows . B16.encodeBase16 . getTweak
+  showsPrec _ = shows . extractBase16 . encodeBase16 . getTweak
 
 -- | Import 32-byte 'ByteString' as 'Msg'.
 msg :: ByteString -> Maybe Msg
 msg bs
-    | BS.length bs == 32 = Just (Msg bs)
-    | otherwise = Nothing
+  | BS.length bs == 32 = Just (Msg bs)
+  | otherwise = Nothing
 
 -- | Import 32-byte 'ByteString' as 'SecKey'.
 secKey :: ByteString -> Maybe SecKey
 secKey bs
-    | BS.length bs == 32 = Just (SecKey bs)
-    | otherwise = Nothing
+  | BS.length bs == 32 = Just (SecKey bs)
+  | otherwise = Nothing
 
 compactSig :: ByteString -> Maybe CompactSig
 compactSig bs
-    | BS.length bs == 64 = Just (CompactSig bs)
-    | otherwise = Nothing
+  | BS.length bs == 64 = Just (CompactSig bs)
+  | otherwise = Nothing
 
 -- | Convert signature to a normalized lower-S form. 'Nothing' indicates that it
 -- was already normal.
 normalizeSig :: Sig -> Maybe Sig
 normalizeSig (Sig sig) = unsafePerformIO $
-    unsafeUseByteString sig $ \(sig_in, _) -> do
+  unsafeUseByteString sig $ \(sig_in, _) -> do
     sig_out <- mallocBytes 64
     ret <- ecdsaSignatureNormalize ctx sig_out sig_in
     if isSuccess ret
-        then do
-            bs <- unsafePackByteString (sig_out, 64)
-            return (Just (Sig bs))
-        else do
-            free sig_out
-            return Nothing
+      then do
+        bs <- unsafePackByteString (sig_out, 64)
+        return (Just (Sig bs))
+      else do
+        free sig_out
+        return Nothing
 
 -- | 32-Byte 'ByteString' as 'Tweak'.
 tweak :: ByteString -> Maybe Tweak
 tweak bs
-    | BS.length bs == 32 = Just (Tweak bs)
-    | otherwise          = Nothing
+  | BS.length bs == 32 = Just (Tweak bs)
+  | otherwise = Nothing
 
 -- | Import DER-encoded public key.
 importPubKey :: ByteString -> Maybe PubKey
 importPubKey bs
   | BS.null bs = Nothing
   | otherwise = unsafePerformIO $
-    unsafeUseByteString bs $ \(input, len) -> do
-    pub_key <- mallocBytes 64
-    ret <- ecPubKeyParse ctx pub_key input len
-    if isSuccess ret
-        then do
+      unsafeUseByteString bs $ \(input, len) -> do
+        pub_key <- mallocBytes 64
+        ret <- ecPubKeyParse ctx pub_key input len
+        if isSuccess ret
+          then do
             out <- unsafePackByteString (pub_key, 64)
             return (Just (PubKey out))
-        else do
+          else do
             free pub_key
             return Nothing
 
 -- | Encode public key as DER. First argument 'True' for compressed output.
 exportPubKey :: Bool -> PubKey -> ByteString
 exportPubKey compress (PubKey in_bs) = unsafePerformIO $
-    unsafeUseByteString in_bs $ \(in_ptr, _) ->
+  unsafeUseByteString in_bs $ \(in_ptr, _) ->
     alloca $ \len_ptr ->
-    allocaBytes len $ \out_ptr -> do
-    poke len_ptr $ fromIntegral len
-    ret <- ecPubKeySerialize ctx out_ptr len_ptr in_ptr flags
-    unless (isSuccess ret) $ error "could not serialize public key"
-    final_len <- peek len_ptr
-    packByteString (out_ptr, final_len)
+      allocaBytes len $ \out_ptr -> do
+        poke len_ptr $ fromIntegral len
+        ret <- ecPubKeySerialize ctx out_ptr len_ptr in_ptr flags
+        unless (isSuccess ret) $ error "could not serialize public key"
+        final_len <- peek len_ptr
+        packByteString (out_ptr, final_len)
   where
-    len   = if compress then 33 else 65
+    len = if compress then 33 else 65
     flags = if compress then compressed else uncompressed
 
 exportCompactSig :: Sig -> CompactSig
 exportCompactSig (Sig sig_bs) = unsafePerformIO $
-    unsafeUseByteString sig_bs $ \(sig_ptr, _) -> do
+  unsafeUseByteString sig_bs $ \(sig_ptr, _) -> do
     out_ptr <- mallocBytes 64
     ret <- ecdsaSignatureSerializeCompact ctx out_ptr sig_ptr
     unless (isSuccess ret) $ do
-        free out_ptr
-        error "Could not obtain compact signature"
+      free out_ptr
+      error "Could not obtain compact signature"
     out_bs <- unsafePackByteString (out_ptr, 64)
     return $ CompactSig out_bs
 
 importCompactSig :: CompactSig -> Maybe Sig
 importCompactSig (CompactSig compact_sig) = unsafePerformIO $
-    unsafeUseByteString compact_sig $ \(compact_ptr, _) -> do
+  unsafeUseByteString compact_sig $ \(compact_ptr, _) -> do
     out_sig <- mallocBytes 64
     ret <- ecdsaSignatureParseCompact ctx out_sig compact_ptr
     if isSuccess ret
-        then do
-            out_bs <- unsafePackByteString (out_sig, 64)
-            return (Just (Sig out_bs))
-        else do
-            free out_sig
-            return Nothing
+      then do
+        out_bs <- unsafePackByteString (out_sig, 64)
+        return (Just (Sig out_bs))
+      else do
+        free out_sig
+        return Nothing
 
 -- | Import DER-encoded signature.
 importSig :: ByteString -> Maybe Sig
 importSig bs
   | BS.null bs = Nothing
   | otherwise = unsafePerformIO $
-    unsafeUseByteString bs $ \(in_ptr, in_len) -> do
-    out_sig <- mallocBytes 64
-    ret <- ecdsaSignatureParseDer ctx out_sig in_ptr in_len
-    if isSuccess ret
-        then do
+      unsafeUseByteString bs $ \(in_ptr, in_len) -> do
+        out_sig <- mallocBytes 64
+        ret <- ecdsaSignatureParseDer ctx out_sig in_ptr in_len
+        if isSuccess ret
+          then do
             out_bs <- unsafePackByteString (out_sig, 64)
             return (Just (Sig out_bs))
-        else do
+          else do
             free out_sig
             return Nothing
 
 -- | Encode signature as strict DER.
 exportSig :: Sig -> ByteString
 exportSig (Sig in_sig) = unsafePerformIO $
-    unsafeUseByteString in_sig $ \(in_ptr, _) ->
+  unsafeUseByteString in_sig $ \(in_ptr, _) ->
     alloca $ \out_len ->
-    allocaBytes 72 $ \out_ptr -> do
-    poke out_len 72
-    ret <- ecdsaSignatureSerializeDer ctx out_ptr out_len in_ptr
-    unless (isSuccess ret) $ error "could not serialize signature"
-    final_len <- peek out_len
-    packByteString (out_ptr, final_len)
+      allocaBytes 72 $ \out_ptr -> do
+        poke out_len 72
+        ret <- ecdsaSignatureSerializeDer ctx out_ptr out_len in_ptr
+        unless (isSuccess ret) $ error "could not serialize signature"
+        final_len <- peek out_len
+        packByteString (out_ptr, final_len)
 
 -- | Verify message signature. 'True' means that the signature is correct.
 verifySig :: PubKey -> Sig -> Msg -> Bool
 verifySig (PubKey pub_key) (Sig sig) (Msg m) = unsafePerformIO $
-    unsafeUseByteString pub_key $ \(pub_key_ptr, _) ->
+  unsafeUseByteString pub_key $ \(pub_key_ptr, _) ->
     unsafeUseByteString sig $ \(sig_ptr, _) ->
-    unsafeUseByteString m $ \(msg_ptr, _) ->
-    isSuccess <$> ecdsaVerify ctx sig_ptr msg_ptr pub_key_ptr
+      unsafeUseByteString m $ \(msg_ptr, _) ->
+        isSuccess <$> ecdsaVerify ctx sig_ptr msg_ptr pub_key_ptr
 
 signMsg :: SecKey -> Msg -> Sig
 signMsg (SecKey sec_key) (Msg m) = unsafePerformIO $
-    unsafeUseByteString sec_key $ \(sec_key_ptr, _) ->
+  unsafeUseByteString sec_key $ \(sec_key_ptr, _) ->
     unsafeUseByteString m $ \(msg_ptr, _) -> do
-    sig_ptr <- mallocBytes 64
-    ret <- ecdsaSign ctx sig_ptr msg_ptr sec_key_ptr nullFunPtr nullPtr
-    unless (isSuccess ret) $ do
+      sig_ptr <- mallocBytes 64
+      ret <- ecdsaSign ctx sig_ptr msg_ptr sec_key_ptr nullFunPtr nullPtr
+      unless (isSuccess ret) $ do
         free sig_ptr
         error "could not sign message"
-    Sig <$> unsafePackByteString (sig_ptr, 64)
+      Sig <$> unsafePackByteString (sig_ptr, 64)
 
 derivePubKey :: SecKey -> PubKey
 derivePubKey (SecKey sec_key) = unsafePerformIO $
-    unsafeUseByteString sec_key $ \(sec_key_ptr, _) -> do
+  unsafeUseByteString sec_key $ \(sec_key_ptr, _) -> do
     pub_key_ptr <- mallocBytes 64
     ret <- ecPubKeyCreate ctx pub_key_ptr sec_key_ptr
     unless (isSuccess ret) $ do
-        free pub_key_ptr
-        error "could not compute public key"
+      free pub_key_ptr
+      error "could not compute public key"
     PubKey <$> unsafePackByteString (pub_key_ptr, 64)
 
-
 -- | Add tweak to secret key.
 tweakAddSecKey :: SecKey -> Tweak -> Maybe SecKey
 tweakAddSecKey (SecKey sec_key) (Tweak t) = unsafePerformIO $
-    unsafeUseByteString new_bs $ \(sec_key_ptr, _) ->
+  unsafeUseByteString new_bs $ \(sec_key_ptr, _) ->
     unsafeUseByteString t $ \(tweak_ptr, _) -> do
-    ret <- ecSecKeyTweakAdd ctx sec_key_ptr tweak_ptr
-    if isSuccess ret
+      ret <- ecSecKeyTweakAdd ctx sec_key_ptr tweak_ptr
+      if isSuccess ret
         then return (Just (SecKey new_bs))
         else return Nothing
   where
@@ -360,10 +395,10 @@
 -- | Multiply secret key by tweak.
 tweakMulSecKey :: SecKey -> Tweak -> Maybe SecKey
 tweakMulSecKey (SecKey sec_key) (Tweak t) = unsafePerformIO $
-    unsafeUseByteString new_bs $ \(sec_key_ptr, _) ->
+  unsafeUseByteString new_bs $ \(sec_key_ptr, _) ->
     unsafeUseByteString t $ \(tweak_ptr, _) -> do
-    ret <- ecSecKeyTweakMul ctx sec_key_ptr tweak_ptr
-    if isSuccess ret
+      ret <- ecSecKeyTweakMul ctx sec_key_ptr tweak_ptr
+      if isSuccess ret
         then return (Just (SecKey new_bs))
         else return Nothing
   where
@@ -372,10 +407,10 @@
 -- | Add tweak to public key. Tweak is multiplied first by G to obtain a point.
 tweakAddPubKey :: PubKey -> Tweak -> Maybe PubKey
 tweakAddPubKey (PubKey pub_key) (Tweak t) = unsafePerformIO $
-    unsafeUseByteString new_bs $ \(pub_key_ptr, _) ->
+  unsafeUseByteString new_bs $ \(pub_key_ptr, _) ->
     unsafeUseByteString t $ \(tweak_ptr, _) -> do
-    ret <- ecPubKeyTweakAdd ctx pub_key_ptr tweak_ptr
-    if isSuccess ret
+      ret <- ecPubKeyTweakAdd ctx pub_key_ptr tweak_ptr
+      if isSuccess ret
         then return (Just (PubKey new_bs))
         else return Nothing
   where
@@ -385,10 +420,10 @@
 -- point.
 tweakMulPubKey :: PubKey -> Tweak -> Maybe PubKey
 tweakMulPubKey (PubKey pub_key) (Tweak t) = unsafePerformIO $
-    unsafeUseByteString new_bs $ \(pub_key_ptr, _) ->
+  unsafeUseByteString new_bs $ \(pub_key_ptr, _) ->
     unsafeUseByteString t $ \(tweak_ptr, _) -> do
-    ret <- ecPubKeyTweakMul ctx pub_key_ptr tweak_ptr
-    if isSuccess ret
+      ret <- ecPubKeyTweakMul ctx pub_key_ptr tweak_ptr
+      if isSuccess ret
         then return (Just (PubKey new_bs))
         else return Nothing
   where
@@ -398,46 +433,47 @@
 combinePubKeys :: [PubKey] -> Maybe PubKey
 combinePubKeys [] = Nothing
 combinePubKeys pubs = unsafePerformIO $
-    pointers [] pubs $ \ps ->
+  pointers [] pubs $ \ps ->
     allocaArray (length ps) $ \a -> do
-    out <- mallocBytes 64
-    pokeArray a ps
-    ret <- ecPubKeyCombine ctx out a (fromIntegral $ length ps)
-    if isSuccess ret
+      out <- mallocBytes 64
+      pokeArray a ps
+      ret <- ecPubKeyCombine ctx out a (fromIntegral $ length ps)
+      if isSuccess ret
         then do
-            bs <- unsafePackByteString (out, 64)
-            return (Just (PubKey bs))
+          bs <- unsafePackByteString (out, 64)
+          return (Just (PubKey bs))
         else do
-            free out
-            return Nothing
+          free out
+          return Nothing
   where
     pointers ps [] f = f ps
     pointers ps (PubKey pub_key : pub_keys) f =
-        unsafeUseByteString pub_key $ \(p, _) ->
+      unsafeUseByteString pub_key $ \(p, _) ->
         pointers (p : ps) pub_keys f
 
 tweakNegate :: Tweak -> Maybe Tweak
 tweakNegate (Tweak t) = unsafePerformIO $
-    unsafeUseByteString new $ \(out, _) -> do
+  unsafeUseByteString new $ \(out, _) -> do
     ret <- ecTweakNegate ctx out
     if isSuccess ret
-        then return (Just (Tweak new))
-        else return Nothing
+      then return (Just (Tweak new))
+      else return Nothing
   where
     new = BS.copy t
 
 instance Arbitrary Msg where
-    arbitrary = gen_msg
-      where
-        valid_bs = bs_gen `suchThat` isJust
-        bs_gen = msg . BS.pack <$> replicateM 32 arbitraryBoundedRandom
-        gen_msg = fromJust <$> valid_bs
+  arbitrary = gen_msg
+    where
+      valid_bs = bs_gen `suchThat` isJust
+      bs_gen = msg . BS.pack <$> replicateM 32 arbitraryBoundedRandom
+      gen_msg = fromJust <$> valid_bs
 
 instance Arbitrary SecKey where
-    arbitrary = gen_key where
-        valid_bs = bs_gen `suchThat` isJust
-        bs_gen = secKey . BS.pack <$> replicateM 32 arbitraryBoundedRandom
-        gen_key = fromJust <$> valid_bs
+  arbitrary = gen_key
+    where
+      valid_bs = bs_gen `suchThat` isJust
+      bs_gen = secKey . BS.pack <$> replicateM 32 arbitraryBoundedRandom
+      gen_key = fromJust <$> valid_bs
 
 instance Arbitrary PubKey where
-    arbitrary = derivePubKey <$> arbitrary
+  arbitrary = derivePubKey <$> arbitrary
diff --git a/test/Crypto/Secp256k1/InternalSpec.hs b/test/Crypto/Secp256k1/InternalSpec.hs
--- a/test/Crypto/Secp256k1/InternalSpec.hs
+++ b/test/Crypto/Secp256k1/InternalSpec.hs
@@ -1,378 +1,443 @@
 {-# LANGUAGE OverloadedStrings #-}
+
 module Crypto.Secp256k1.InternalSpec (spec) where
 
-import           Control.Monad
-import           Control.Monad.Trans
-import           Crypto.Secp256k1.Internal
-import           Data.ByteString           (ByteString, copy, packCStringLen,
-                                            useAsCStringLen)
-import qualified Data.ByteString.Base16    as B16
-import           Data.Either               (fromRight)
-import           Foreign
-import           System.Entropy
-import           Test.HUnit                (Assertion, assertBool, assertEqual)
-import           Test.Hspec
+import Control.Monad
+import Control.Monad.Trans
+import Crypto.Secp256k1.Internal
+import Data.Base16.Types (assertBase16)
+import Data.ByteString
+  ( ByteString,
+    copy,
+    packCStringLen,
+    useAsCStringLen,
+  )
+import Data.ByteString.Base16 (decodeBase16)
+import Data.Either (fromRight)
+import Foreign
+import System.Entropy
+import Test.HUnit (Assertion, assertBool, assertEqual)
+import Test.Hspec
 
 spec :: Spec
 spec = do
-    describe "housekeeping" $ do
-        it "creates context" createContextTest
-        it "randomizes context" randomizeContextTest
-        it "clones context" cloneContextTest
-    describe "serialization" $ do
-        it "parses public key" ecPubkeyParseTest
-        it "serializes public key" ecPubKeySerializeTest
-        it "parses DER signature" ecdsaSignatureParseDerTest
-        it "serializes DER signature" ecdsaSignatureSerializeDerTest
-    describe "signatures" $ do
-        it "verifies signature" ecdsaVerifyTest
-        -- TODO:
-        -- , testCase "RFC6979 nonce function"   nonce_function_rfc6979_test
-        it "signs message" ecdsaSignTest
-    describe "secret keys" $ do
-        it "verifies secret key" ecSecKeyVerifyTest
-        it "creates public key" ecPubkeyCreateTest
-        it "adds secret key" ecSecKeyTweakAddTest
-        it "multiplies secret key" ecSecKeyTweakMulTest
-    describe "public keys" $ do
-        it "adds public key" ecPubKeyTweakAddTest
-        it "multiplies public key" ecPubKeyTweakMulTest
-        it "combines public keys" ecPubKeyCombineTest
+  describe "housekeeping" $ do
+    it "creates context" createContextTest
+    it "randomizes context" randomizeContextTest
+    it "clones context" cloneContextTest
+  describe "serialization" $ do
+    it "parses public key" ecPubkeyParseTest
+    it "serializes public key" ecPubKeySerializeTest
+    it "parses DER signature" ecdsaSignatureParseDerTest
+    it "serializes DER signature" ecdsaSignatureSerializeDerTest
+  describe "signatures" $ do
+    it "verifies signature" ecdsaVerifyTest
+    -- TODO:
+    -- , testCase "RFC6979 nonce function"   nonce_function_rfc6979_test
+    it "signs message" ecdsaSignTest
+  describe "secret keys" $ do
+    it "verifies secret key" ecSecKeyVerifyTest
+    it "creates public key" ecPubkeyCreateTest
+    it "adds secret key" ecSecKeyTweakAddTest
+    it "multiplies secret key" ecSecKeyTweakMulTest
+  describe "public keys" $ do
+    it "adds public key" ecPubKeyTweakAddTest
+    it "multiplies public key" ecPubKeyTweakMulTest
+    it "combines public keys" ecPubKeyCombineTest
 
 withEntropy :: (Ptr Seed32 -> IO a) -> IO a
 withEntropy f =
-    getEntropy 32 >>= \e ->
+  getEntropy 32 >>= \e ->
     useByteString e $ \(s, _) -> f s
 
 createContextTest :: Assertion
 createContextTest = do
-    context_ptr <- liftIO $ contextCreate signVerify
-    assertBool "context not null" $ context_ptr /= nullPtr
+  context_ptr <- liftIO $ contextCreate signVerify
+  assertBool "context not null" $ context_ptr /= nullPtr
 
 randomizeContextTest :: Assertion
 randomizeContextTest = do
-    ret <- liftIO $ contextCreate sign >>= \x ->
+  ret <-
+    liftIO $
+      contextCreate sign >>= \x ->
         withEntropy (contextRandomize x)
-    assertBool "context randomized" $ isSuccess ret
+  assertBool "context randomized" $ isSuccess ret
 
 cloneContextTest :: Assertion
 cloneContextTest = do
-    (x1, x2) <- liftIO $ do
-        x1 <- contextCreate signVerify
-        ret <- withEntropy $ contextRandomize x1
-        unless (isSuccess ret) $ error "failed to randomize context"
-        x2 <- contextClone x1
-        return (x1, x2)
-    assertBool "original context not null" $ x1 /= nullPtr
-    assertBool "cloned context not null" $ x2 /= nullPtr
-    assertBool "context ptrs different" $ x1 /= x2
+  (x1, x2) <- liftIO $ do
+    x1 <- contextCreate signVerify
+    ret <- withEntropy $ contextRandomize x1
+    unless (isSuccess ret) $ error "failed to randomize context"
+    x2 <- contextClone x1
+    return (x1, x2)
+  assertBool "original context not null" $ x1 /= nullPtr
+  assertBool "cloned context not null" $ x2 /= nullPtr
+  assertBool "context ptrs different" $ x1 /= x2
 
 ecPubkeyParseTest :: Assertion
 ecPubkeyParseTest = do
-    ret <- liftIO $ useAsCStringLen der $ \(i, il) -> do
-        x <- contextCreate verify
-        allocaBytes 64 $ \pubkey ->
-            ecPubKeyParse x pubkey (castPtr i) (fromIntegral il)
-    assertBool "parsed public key" (isSuccess ret)
+  ret <- liftIO $ useAsCStringLen der $ \(i, il) -> do
+    x <- contextCreate verify
+    allocaBytes 64 $ \pubkey ->
+      ecPubKeyParse x pubkey (castPtr i) (fromIntegral il)
+  assertBool "parsed public key" (isSuccess ret)
   where
-    der = fromRight undefined $ B16.decodeBase16
-        "03dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd44705"
+    der =
+      decodeBase16 $
+        assertBase16
+          "03dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd44705"
 
 ecPubKeySerializeTest :: Assertion
 ecPubKeySerializeTest = do
-    (ret, dec) <- liftIO $
-        useByteString der $ \(i, il) ->
-        allocaBytes 64 $ \k ->
+  (ret, dec) <- liftIO $
+    useByteString der $ \(i, il) ->
+      allocaBytes 64 $ \k ->
         alloca $ \ol ->
-        allocaBytes 72 $ \o -> do
-        poke ol 72
-        x <- contextCreate verify
-        ret1 <- ecPubKeyParse x k i il
-        unless (isSuccess ret1) $ error "failed to parse pubkey"
-        ret2 <- ecPubKeySerialize x o ol k compressed
-        len <- fromIntegral <$> peek ol
-        decoded <- packCStringLen (castPtr o, len)
-        return (ret2, decoded)
-    assertBool  "serialized public key successfully" $ isSuccess ret
-    assertEqual "public key matches" der dec
+          allocaBytes 72 $ \o -> do
+            poke ol 72
+            x <- contextCreate verify
+            ret1 <- ecPubKeyParse x k i il
+            unless (isSuccess ret1) $ error "failed to parse pubkey"
+            ret2 <- ecPubKeySerialize x o ol k compressed
+            len <- fromIntegral <$> peek ol
+            decoded <- packCStringLen (castPtr o, len)
+            return (ret2, decoded)
+  assertBool "serialized public key successfully" $ isSuccess ret
+  assertEqual "public key matches" der dec
   where
-    der = fromRight undefined $ B16.decodeBase16
-        "03dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd44705"
+    der =
+      decodeBase16 $
+        assertBase16
+          "03dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd44705"
 
 ecdsaSignatureParseDerTest :: Assertion
 ecdsaSignatureParseDerTest = do
-    ret <- liftIO $ useAsCStringLen der $ \(d, dl) -> allocaBytes 64 $ \s -> do
-        x <- contextCreate verify
-        ecdsaSignatureParseDer x s (castPtr d) (fromIntegral dl)
-    assertBool "parsed signature successfully" $ isSuccess ret
+  ret <- liftIO $ useAsCStringLen der $ \(d, dl) -> allocaBytes 64 $ \s -> do
+    x <- contextCreate verify
+    ecdsaSignatureParseDer x s (castPtr d) (fromIntegral dl)
+  assertBool "parsed signature successfully" $ isSuccess ret
   where
-    der = fromRight undefined $ B16.decodeBase16
-        "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
-        \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
-        \45"
+    der =
+      decodeBase16 $
+        assertBase16
+          "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
+          \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
+          \45"
 
 parseDer :: Ctx -> ByteString -> IO ByteString
 parseDer x bs =
-    useAsCStringLen bs $ \(d, dl) ->
+  useAsCStringLen bs $ \(d, dl) ->
     allocaBytes 64 $ \s -> do
-    ret <- ecdsaSignatureParseDer x s (castPtr d) (fromIntegral dl)
-    unless (isSuccess ret) $ error "could not parse DER"
-    packByteString (s, 64)
+      ret <- ecdsaSignatureParseDer x s (castPtr d) (fromIntegral dl)
+      unless (isSuccess ret) $ error "could not parse DER"
+      packByteString (s, 64)
 
 ecdsaSignatureSerializeDerTest :: Assertion
 ecdsaSignatureSerializeDerTest = do
-    (ret, enc) <- liftIO $ do
-        x <- contextCreate verify
-        sig <- parseDer x der
-        alloca $ \ol ->
-            allocaBytes 72 $ \o ->
-            useByteString sig $ \(s, _) -> do
-            poke ol 72
-            ret <- ecdsaSignatureSerializeDer x o ol s
-            len <- fromIntegral <$> peek ol
-            enc <- packCStringLen (castPtr o, len)
-            return (ret, enc)
-    assertBool  "serialization successful" $ isSuccess ret
-    assertEqual "signatures match" der enc
+  (ret, enc) <- liftIO $ do
+    x <- contextCreate verify
+    sig <- parseDer x der
+    alloca $ \ol ->
+      allocaBytes 72 $ \o ->
+        useByteString sig $ \(s, _) -> do
+          poke ol 72
+          ret <- ecdsaSignatureSerializeDer x o ol s
+          len <- fromIntegral <$> peek ol
+          enc <- packCStringLen (castPtr o, len)
+          return (ret, enc)
+  assertBool "serialization successful" $ isSuccess ret
+  assertEqual "signatures match" der enc
   where
-    der = fromRight undefined $ B16.decodeBase16
-        "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
-        \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
-        \45"
+    der =
+      decodeBase16 $
+        assertBase16
+          "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
+          \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
+          \45"
 
 ecdsaVerifyTest :: Assertion
 ecdsaVerifyTest = do
-    ret <- liftIO $ do
-        x <- contextCreate verify
-        sig <- parseDer x der
-        pk <- useByteString pub $ \(p, pl) ->
-            allocaBytes 64 $ \k -> do
-            ret <- ecPubKeyParse x k p (fromIntegral pl)
-            unless (isSuccess ret) $ error "could not parse public key"
-            packByteString (k, 64)
-        useByteString msg $ \(m, _) ->
-            useByteString pk $ \(k, _) ->
-            useByteString sig $ \(s, _) ->
-            ecdsaVerify x s m k
-    assertBool "signature valid" $ isSuccess ret
+  ret <- liftIO $ do
+    x <- contextCreate verify
+    sig <- parseDer x der
+    pk <- useByteString pub $ \(p, pl) ->
+      allocaBytes 64 $ \k -> do
+        ret <- ecPubKeyParse x k p (fromIntegral pl)
+        unless (isSuccess ret) $ error "could not parse public key"
+        packByteString (k, 64)
+    useByteString msg $ \(m, _) ->
+      useByteString pk $ \(k, _) ->
+        useByteString sig $ \(s, _) ->
+          ecdsaVerify x s m k
+  assertBool "signature valid" $ isSuccess ret
   where
-    der = fromRight undefined $ B16.decodeBase16
-        "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
-        \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
-        \45"
-    pub = fromRight undefined $ B16.decodeBase16
-        "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
-        \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-    msg = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    der =
+      decodeBase16 $
+        assertBase16
+          "3045022100f502bfa07af43e7ef265618b0d929a7619ee01d6150e37eb6eaaf2c8bd37\
+          \fb2202206f0415ab0e9a977afd78b2c26ef39b3952096d319fd4b101c768ad6c132e30\
+          \45"
+    pub =
+      decodeBase16 $
+        assertBase16
+          "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
+          \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
+    msg =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
 
 signCtx :: IO Ctx
-signCtx = contextCreate sign >>= \c ->
+signCtx =
+  contextCreate sign >>= \c ->
     withEntropy (contextRandomize c) >>= \r ->
-        unless (isSuccess r) (error "failed to randomize context") >> return c
+      unless (isSuccess r) (error "failed to randomize context") >> return c
 
 createPubKey :: Ctx -> Ptr SecKey32 -> Ptr PubKey64 -> IO ()
 createPubKey x k p = do
-    ret <- ecPubKeyCreate x p k
-    unless (isSuccess ret) $ error "failed to create public key"
+  ret <- ecPubKeyCreate x p k
+  unless (isSuccess ret) $ error "failed to create public key"
 
 ecdsaSignTest :: Assertion
 ecdsaSignTest = do
-    der <- liftIO $ do
-        x <- signCtx
-        allocaBytes 64 $ \s ->
-            useByteString msg $ \(m, _) ->
-            useByteString key $ \(k, _) ->
-            alloca $ \ol ->
+  der <- liftIO $ do
+    x <- signCtx
+    allocaBytes 64 $ \s ->
+      useByteString msg $ \(m, _) ->
+        useByteString key $ \(k, _) ->
+          alloca $ \ol ->
             allocaBytes 72 $ \o -> do
-                poke ol 72
-                ret1 <- ecdsaSign x s m k nullFunPtr nullPtr
-                unless (isSuccess ret1) $ error "could not sign message"
-                ret2 <- ecdsaSignatureSerializeDer x o ol s
-                unless (isSuccess ret2) $ error "could not serialize signature"
-                len <- peek ol
-                packCStringLen (castPtr o, fromIntegral len)
-    ret <- liftIO $ do
-        pub <- allocaBytes 64 $ \p ->
-             useByteString key $ \(s, _) -> do
-             x <- signCtx
-             createPubKey x s p
-             packByteString (p, 64)
-        useByteString msg $ \(m, _) ->
-            useByteString pub $ \(p, _) -> do
-            x <- contextCreate verify
-            s' <- parseDer x der
-            useByteString s' $ \(s, _) -> ecdsaVerify x s m p
-    assertBool "signature matches" (isSuccess ret)
+              poke ol 72
+              ret1 <- ecdsaSign x s m k nullFunPtr nullPtr
+              unless (isSuccess ret1) $ error "could not sign message"
+              ret2 <- ecdsaSignatureSerializeDer x o ol s
+              unless (isSuccess ret2) $ error "could not serialize signature"
+              len <- peek ol
+              packCStringLen (castPtr o, fromIntegral len)
+  ret <- liftIO $ do
+    pub <- allocaBytes 64 $ \p ->
+      useByteString key $ \(s, _) -> do
+        x <- signCtx
+        createPubKey x s p
+        packByteString (p, 64)
+    useByteString msg $ \(m, _) ->
+      useByteString pub $ \(p, _) -> do
+        x <- contextCreate verify
+        s' <- parseDer x der
+        useByteString s' $ \(s, _) -> ecdsaVerify x s m p
+  assertBool "signature matches" (isSuccess ret)
   where
-    msg = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-    key = fromRight undefined $ B16.decodeBase16
-        "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-
+    msg =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    key =
+      decodeBase16 $
+        assertBase16
+          "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
 
 ecSecKeyVerifyTest :: Assertion
 ecSecKeyVerifyTest = do
-    ret <- liftIO $ useByteString key $ \(k, _) -> do
-        x <- signCtx
-        ecSecKeyVerify x k
-    assertBool "valid secret key" $ isSuccess ret
+  ret <- liftIO $ useByteString key $ \(k, _) -> do
+    x <- signCtx
+    ecSecKeyVerify x k
+  assertBool "valid secret key" $ isSuccess ret
   where
-    key = fromRight undefined $ B16.decodeBase16
-        "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
+    key =
+      decodeBase16 $
+        assertBase16
+          "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
 
 ecPubkeyCreateTest :: Assertion
 ecPubkeyCreateTest = do
-    pk <- liftIO $
-        useByteString key $ \(s, _) ->
-        allocaBytes 64 $ \k -> do
+  pk <- liftIO $
+    useByteString key $ \(s, _) ->
+      allocaBytes 64 $ \k -> do
         x <- signCtx
         createPubKey x s k
         allocaBytes 65 $ \o ->
-            alloca $ \ol -> do
+          alloca $ \ol -> do
             poke ol 65
             rets <- ecPubKeySerialize x o ol k uncompressed
             unless (isSuccess rets) $ error "failed to serialize public key"
             len <- fromIntegral <$> peek ol
             packCStringLen (castPtr o, len)
-    assertEqual "public key matches" pub pk
+  assertEqual "public key matches" pub pk
   where
-    key = fromRight undefined $ B16.decodeBase16
-        "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-    pub = fromRight undefined $ B16.decodeBase16
-        "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
-        \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
+    key =
+      decodeBase16 $
+        assertBase16
+          "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
+    pub =
+      decodeBase16 $
+        assertBase16
+          "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
+          \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
 
 ecSecKeyTweakAddTest :: Assertion
 ecSecKeyTweakAddTest = do
-    (ret, tweaked) <- liftIO $
-        signCtx >>= \x ->
+  (ret, tweaked) <-
+    liftIO $
+      signCtx >>= \x ->
         useByteString tweak $ \(w, _) ->
-        useByteString key $ \(k, _) -> do
-        ret <- ecSecKeyTweakAdd x k w
-        tweaked <- packByteString (k, 32)
-        return (ret, tweaked)
-    assertBool "successful secret key tweak" $ isSuccess ret
-    assertEqual "tweaked keys match" expected tweaked
+          useByteString key $ \(k, _) -> do
+            ret <- ecSecKeyTweakAdd x k w
+            tweaked <- packByteString (k, 32)
+            return (ret, tweaked)
+  assertBool "successful secret key tweak" $ isSuccess ret
+  assertEqual "tweaked keys match" expected tweaked
   where
-    key = fromRight undefined $ B16.decodeBase16
-        "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-    tweak = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-    expected = fromRight undefined $ B16.decodeBase16
-        "ec1e3ce1cefa18a671d51125e2b249688d934b0e28f5d1665384d9b02f929059"
+    key =
+      decodeBase16 $
+        assertBase16
+          "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
+    tweak =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    expected =
+      decodeBase16 $
+        assertBase16
+          "ec1e3ce1cefa18a671d51125e2b249688d934b0e28f5d1665384d9b02f929059"
 
 ecSecKeyTweakMulTest :: Assertion
 ecSecKeyTweakMulTest = do
-    (ret, tweaked) <- liftIO $ do
-        x <- contextCreate sign
-        retr <- withEntropy $ contextRandomize x
-        unless (isSuccess retr) $ error "failed to randomize context"
-        useByteString tweak $ \(w, _) -> useByteString key $ \(k, _) -> do
-            ret <- ecSecKeyTweakMul x k w
-            tweaked <- packByteString (k, 32)
-            return (ret, tweaked)
-    assertBool "successful secret key tweak" $ isSuccess ret
-    assertEqual "tweaked keys match" expected tweaked
+  (ret, tweaked) <- liftIO $ do
+    x <- contextCreate sign
+    retr <- withEntropy $ contextRandomize x
+    unless (isSuccess retr) $ error "failed to randomize context"
+    useByteString tweak $ \(w, _) -> useByteString key $ \(k, _) -> do
+      ret <- ecSecKeyTweakMul x k w
+      tweaked <- packByteString (k, 32)
+      return (ret, tweaked)
+  assertBool "successful secret key tweak" $ isSuccess ret
+  assertEqual "tweaked keys match" expected tweaked
   where
-    key = fromRight undefined $ B16.decodeBase16
-        "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-    tweak = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-    expected = fromRight undefined $ B16.decodeBase16
-        "a96f5962493acb179f60a86a9785fc7a30e0c39b64c09d24fe064d9aef15e4c0"
+    key =
+      decodeBase16 $
+        assertBase16
+          "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
+    tweak =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    expected =
+      decodeBase16 $
+        assertBase16
+          "a96f5962493acb179f60a86a9785fc7a30e0c39b64c09d24fe064d9aef15e4c0"
 
 serializeKey :: Ctx -> Ptr PubKey64 -> IO ByteString
 serializeKey x p = allocaBytes 72 $ \d -> alloca $ \dl -> do
-    poke dl 72
-    ret <- ecPubKeySerialize x d dl p uncompressed
-    unless (isSuccess ret) $ error "could not serialize public key"
-    len <- peek dl
-    packCStringLen (castPtr d, fromIntegral len)
+  poke dl 72
+  ret <- ecPubKeySerialize x d dl p uncompressed
+  unless (isSuccess ret) $ error "could not serialize public key"
+  len <- peek dl
+  packCStringLen (castPtr d, fromIntegral len)
 
 parseKey :: Ctx -> ByteString -> IO ByteString
 parseKey x bs =
-    allocaBytes 64 $ \p ->
+  allocaBytes 64 $ \p ->
     useByteString bs $ \(d, dl) -> do
-    ret <- ecPubKeyParse x p d dl
-    unless (isSuccess ret) $ error "could not parse public key"
-    packByteString (p, 64)
+      ret <- ecPubKeyParse x p d dl
+      unless (isSuccess ret) $ error "could not parse public key"
+      packByteString (p, 64)
 
 ecPubKeyTweakAddTest :: Assertion
 ecPubKeyTweakAddTest = do
-    (ret, tweaked) <- liftIO $ do
-        x <- contextCreate verify
-        pk <- copy <$> parseKey x pub
-        useByteString tweak $ \(w, _) ->
-            useByteString pk $ \(p, _) -> do
-            ret <- ecPubKeyTweakAdd x p w
-            tweaked <- serializeKey x p
-            return (ret, tweaked)
-    assertBool "successful secret key tweak" $ isSuccess ret
-    assertEqual "tweaked keys match" expected tweaked
+  (ret, tweaked) <- liftIO $ do
+    x <- contextCreate verify
+    pk <- copy <$> parseKey x pub
+    useByteString tweak $ \(w, _) ->
+      useByteString pk $ \(p, _) -> do
+        ret <- ecPubKeyTweakAdd x p w
+        tweaked <- serializeKey x p
+        return (ret, tweaked)
+  assertBool "successful secret key tweak" $ isSuccess ret
+  assertEqual "tweaked keys match" expected tweaked
   where
-    pub = fromRight undefined $ B16.decodeBase16
-        "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
-        \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-    tweak = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-    expected = fromRight undefined $ B16.decodeBase16
-        "04441c3982b97576646e0df0c96736063df6b42f2ee566d13b9f6424302d1379e518fd\
-        \c87a14c5435bff7a5db4552042cb4120c6b86a4bbd3d0643f3c14ad01368"
+    pub =
+      decodeBase16 $
+        assertBase16
+          "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
+          \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
+    tweak =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    expected =
+      decodeBase16 $
+        assertBase16
+          "04441c3982b97576646e0df0c96736063df6b42f2ee566d13b9f6424302d1379e518fd\
+          \c87a14c5435bff7a5db4552042cb4120c6b86a4bbd3d0643f3c14ad01368"
 
 ecPubKeyTweakMulTest :: Assertion
 ecPubKeyTweakMulTest = do
-    (ret, tweaked) <- liftIO $ do
-        x <- contextCreate verify
-        pk <- copy <$> parseKey x pub
-        useByteString tweak $ \(w, _) ->
-            useByteString pk $ \(p, _) -> do
-            ret <- ecPubKeyTweakMul x p w
-            tweaked <- serializeKey x p
-            return (ret, tweaked)
-    assertBool "successful secret key tweak" $ isSuccess ret
-    assertEqual "tweaked keys match" expected tweaked
+  (ret, tweaked) <- liftIO $ do
+    x <- contextCreate verify
+    pk <- copy <$> parseKey x pub
+    useByteString tweak $ \(w, _) ->
+      useByteString pk $ \(p, _) -> do
+        ret <- ecPubKeyTweakMul x p w
+        tweaked <- serializeKey x p
+        return (ret, tweaked)
+  assertBool "successful secret key tweak" $ isSuccess ret
+  assertEqual "tweaked keys match" expected tweaked
   where
-    pub = fromRight undefined $ B16.decodeBase16
-        "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
-        \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-    tweak = fromRight undefined $ B16.decodeBase16
-        "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-    expected = fromRight undefined $ B16.decodeBase16
-        "04f379dc99cdf5c83e433defa267fbb3377d61d6b779c06a0e4ce29ae3ff5353b12ae4\
-        \9c9d07e7368f2ba5a446c203255ce912322991a2d6a9d5d5761c61ed1845"
+    pub =
+      decodeBase16 $
+        assertBase16
+          "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
+          \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
+    tweak =
+      decodeBase16 $
+        assertBase16
+          "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
+    expected =
+      decodeBase16 $
+        assertBase16
+          "04f379dc99cdf5c83e433defa267fbb3377d61d6b779c06a0e4ce29ae3ff5353b12ae4\
+          \9c9d07e7368f2ba5a446c203255ce912322991a2d6a9d5d5761c61ed1845"
 
 ecPubKeyCombineTest :: Assertion
 ecPubKeyCombineTest = do
-    (ret, com) <- liftIO $
-        allocaBytes 64 $ \p1 ->
-        allocaBytes 64 $ \p2 ->
+  (ret, com) <- liftIO $
+    allocaBytes 64 $ \p1 ->
+      allocaBytes 64 $ \p2 ->
         allocaBytes 64 $ \p3 ->
-        allocaArray 3 $ \a ->
-        allocaBytes 64 $ \p -> do
-            x <- contextCreate verify
-            parse x pub1 p1
-            parse x pub2 p2
-            parse x pub3 p3
-            pokeArray a [p1, p2, p3]
-            ret <- ecPubKeyCombine x p a 3
-            com <- serializeKey x p
-            return (ret, com)
-    assertBool "successful key combination" $ isSuccess ret
-    assertEqual "combined keys match" expected com
+          allocaArray 3 $ \a ->
+            allocaBytes 64 $ \p -> do
+              x <- contextCreate verify
+              parse x pub1 p1
+              parse x pub2 p2
+              parse x pub3 p3
+              pokeArray a [p1, p2, p3]
+              ret <- ecPubKeyCombine x p a 3
+              com <- serializeKey x p
+              return (ret, com)
+  assertBool "successful key combination" $ isSuccess ret
+  assertEqual "combined keys match" expected com
   where
     parse x pub p = useByteString pub $ \(d, dl) -> do
-        ret <- ecPubKeyParse x p d dl
-        unless (isSuccess ret) $ error "could not parse public key"
-    pub1 = fromRight undefined $ B16.decodeBase16
-        "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
-        \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-    pub2 = fromRight undefined $ B16.decodeBase16
-        "0487d82042d93447008dfe2af762068a1e53ff394a5bf8f68a045fa642b99ea5d153f5\
-        \77dd2dba6c7ae4cfd7b6622409d7edd2d76dd13a8092cd3af97b77bd2c77"
-    pub3 = fromRight undefined $ B16.decodeBase16
-        "049b101edcbe1ee37ff6b2318526a425b629e823d7d8d9154417880595a28000ee3feb\
-        \d908754b8ce4e491aa6fe488b41fb5d4bb3788e33c9ff95a7a9229166d59"
-    expected = fromRight undefined $ B16.decodeBase16
-        "043d9a7ec70011efc23c33a7e62d2ea73cca87797e3b659d93bea6aa871aebde56c3bc\
-        \6134ca82e324b0ab9c0e601a6d2933afe7fb5d9f3aae900f5c5dc6e362c8"
+      ret <- ecPubKeyParse x p d dl
+      unless (isSuccess ret) $ error "could not parse public key"
+    pub1 =
+      decodeBase16 $
+        assertBase16
+          "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd447051221\
+          \3d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
+    pub2 =
+      decodeBase16 $
+        assertBase16
+          "0487d82042d93447008dfe2af762068a1e53ff394a5bf8f68a045fa642b99ea5d153f5\
+          \77dd2dba6c7ae4cfd7b6622409d7edd2d76dd13a8092cd3af97b77bd2c77"
+    pub3 =
+      decodeBase16 $
+        assertBase16
+          "049b101edcbe1ee37ff6b2318526a425b629e823d7d8d9154417880595a28000ee3feb\
+          \d908754b8ce4e491aa6fe488b41fb5d4bb3788e33c9ff95a7a9229166d59"
+    expected =
+      decodeBase16 $
+        assertBase16
+          "043d9a7ec70011efc23c33a7e62d2ea73cca87797e3b659d93bea6aa871aebde56c3bc\
+          \6134ca82e324b0ab9c0e601a6d2933afe7fb5d9f3aae900f5c5dc6e362c8"
diff --git a/test/Crypto/Secp256k1Spec.hs b/test/Crypto/Secp256k1Spec.hs
--- a/test/Crypto/Secp256k1Spec.hs
+++ b/test/Crypto/Secp256k1Spec.hs
@@ -1,248 +1,295 @@
 module Crypto.Secp256k1Spec (spec) where
 
-import           Control.Monad.Par
-import qualified Control.Monad.Par       as P
-import           Crypto.Secp256k1
-import qualified Data.ByteString         as BS
-import qualified Data.ByteString.Base16  as B16
-import qualified Data.ByteString.Char8   as B8
-import           Data.Either             (fromRight)
-import           Data.Maybe              (fromMaybe, isNothing)
-import           Data.String             (fromString)
-import           Data.String.Conversions (cs)
-import           Test.HUnit              (Assertion, assertEqual)
-import           Test.Hspec
-import           Test.QuickCheck
+import Control.Monad.Par
+import qualified Control.Monad.Par as P
+import Crypto.Secp256k1
+import Data.Base16.Types (assertBase16, extractBase16)
+import qualified Data.ByteString as BS
+import Data.ByteString.Base16 (decodeBase16, encodeBase16)
+import qualified Data.ByteString.Char8 as B8
+import Data.Either (fromRight)
+import Data.Maybe (fromMaybe, isNothing)
+import Data.String (fromString)
+import Data.String.Conversions (cs)
+import Test.HUnit (Assertion, assertEqual)
+import Test.Hspec
+import Test.QuickCheck
 
 spec :: Spec
 spec = do
-    describe "signatures" $ do
-        it "signs message" $
-            property signMsgTest
-        it "signs messages in parallel" $
-            property signMsgParTest
-        it "detects bad signature" $
-            property badSignatureTest
-        it "normalizes signatures" $
-            property normalizeSigTest
-    describe "serialization" $ do
-        it "serializes public key" $
-            property serializePubKeyTest
-        it "serializes public keys in parallel" $
-            property parSerializePubKeyTest
-        it "serializes DER signature" $
-            property serializeSigTest
-        it "serializes DER signatures in parallel" $
-            property parSerializeSigTest
-        it "serializes compact signature" $
-            property serializeCompactSigTest
-        it "serialize secret key" $
-            property serializeSecKeyTest
-        it "shows and reads public key" $
-            property (showRead :: PubKey -> Bool)
-        it "shows and reads secret key" $
-            property (showRead :: SecKey -> Bool)
-        it "shows and reads tweak" $
-            property (showReadTweak :: SecKey -> Bool)
-        it "shows and reads signature" $
-            property (showReadSig :: (SecKey, Msg) -> Bool)
-        it "shows and reads message" $
-            property (showRead :: Msg -> Bool)
-        it "reads public key from string" $
-            property isStringPubKey
-        it "reads secret key from string" $
-            property isStringSecKey
-        it "reads signature from string" $
-            property isStringSig
-        it "reads message from string" $
-            property isStringMsg
-        it "reads tweak from string" $
-            property isStringTweak
-    describe "tweaks" $ do
-        it "add secret key" $ property tweakAddSecKeyTest
-        it "multiply secret key" $ property tweakMulSecKeyTest
-        it "add public key" $ property tweakAddPubKeyTest
-        it "multiply public key" $ property tweakMulPubKeyTest
-        it "combine public keys" $ property combinePubKeyTest
-        it "can't combine 0 public keys" $ property combinePubKeyEmptyListTest
-        it "negates tweak" $ property negateTweakTest
+  describe "signatures" $ do
+    it "signs message" $
+      property signMsgTest
+    it "signs messages in parallel" $
+      property signMsgParTest
+    it "detects bad signature" $
+      property badSignatureTest
+    it "normalizes signatures" $
+      property normalizeSigTest
+  describe "serialization" $ do
+    it "serializes public key" $
+      property serializePubKeyTest
+    it "serializes public keys in parallel" $
+      property parSerializePubKeyTest
+    it "serializes DER signature" $
+      property serializeSigTest
+    it "serializes DER signatures in parallel" $
+      property parSerializeSigTest
+    it "serializes compact signature" $
+      property serializeCompactSigTest
+    it "serialize secret key" $
+      property serializeSecKeyTest
+    it "shows and reads public key" $
+      property (showRead :: PubKey -> Bool)
+    it "shows and reads secret key" $
+      property (showRead :: SecKey -> Bool)
+    it "shows and reads tweak" $
+      property (showReadTweak :: SecKey -> Bool)
+    it "shows and reads signature" $
+      property (showReadSig :: (SecKey, Msg) -> Bool)
+    it "shows and reads message" $
+      property (showRead :: Msg -> Bool)
+    it "reads public key from string" $
+      property isStringPubKey
+    it "reads secret key from string" $
+      property isStringSecKey
+    it "reads signature from string" $
+      property isStringSig
+    it "reads message from string" $
+      property isStringMsg
+    it "reads tweak from string" $
+      property isStringTweak
+  describe "tweaks" $ do
+    it "add secret key" $ property tweakAddSecKeyTest
+    it "multiply secret key" $ property tweakMulSecKeyTest
+    it "add public key" $ property tweakAddPubKeyTest
+    it "multiply public key" $ property tweakMulPubKeyTest
+    it "combine public keys" $ property combinePubKeyTest
+    it "can't combine 0 public keys" $ property combinePubKeyEmptyListTest
+    it "negates tweak" $ property negateTweakTest
 
 hexToBytes :: String -> BS.ByteString
-hexToBytes = fromRight undefined . B16.decodeBase16 . B8.pack
+hexToBytes = decodeBase16 . assertBase16 . B8.pack
 
 isStringPubKey :: (PubKey, Bool) -> Bool
-isStringPubKey (k, c) = k == fromString (cs hex) where
-    hex = B16.encodeBase16 $ exportPubKey c k
+isStringPubKey (k, c) = k == fromString (cs hex)
+  where
+    hex = extractBase16 . encodeBase16 $ exportPubKey c k
 
 isStringSig :: (SecKey, Msg) -> Bool
-isStringSig (k, m) = g == fromString (cs hex) where
+isStringSig (k, m) = g == fromString (cs hex)
+  where
     g = signMsg k m
-    hex = B16.encodeBase16 $ exportSig g
+    hex = extractBase16 . encodeBase16 $ exportSig g
 
 isStringMsg :: Msg -> Bool
-isStringMsg m = m == fromString (cs m') where
-    m' = B16.encodeBase16 $ getMsg m
+isStringMsg m = m == fromString (cs m')
+  where
+    m' = extractBase16 . encodeBase16 $ getMsg m
 
 isStringSecKey :: SecKey -> Bool
-isStringSecKey k = k == fromString (cs hex) where
-    hex = B16.encodeBase16 $ getSecKey k
+isStringSecKey k = k == fromString (cs hex)
+  where
+    hex = extractBase16 . encodeBase16 $ getSecKey k
 
 isStringTweak :: SecKey -> Bool
-isStringTweak k = t == fromString (cs hex) where
+isStringTweak k = t == fromString (cs hex)
+  where
     t = fromMaybe e . tweak $ getSecKey k
-    hex = B16.encodeBase16 $ getTweak t
+    hex = extractBase16 . encodeBase16 $ getTweak t
     e = error "Could not extract tweak from secret key"
 
 showReadTweak :: SecKey -> Bool
-showReadTweak k = showRead t where
+showReadTweak k = showRead t
+  where
     t = tweak $ getSecKey k
 
 showReadSig :: (SecKey, Msg) -> Bool
-showReadSig (k, m) = showRead sig where
+showReadSig (k, m) = showRead sig
+  where
     sig = signMsg k m
 
 showRead :: (Show a, Read a, Eq a) => a -> Bool
 showRead x = read (show x) == x
 
 signMsgTest :: (Msg, SecKey) -> Bool
-signMsgTest (fm, fk) = verifySig fp fg fm where
+signMsgTest (fm, fk) = verifySig fp fg fm
+  where
     fp = derivePubKey fk
     fg = signMsg fk fm
 
 signMsgParTest :: [(Msg, SecKey)] -> Bool
 signMsgParTest xs = P.runPar $ do
-    ys <- mapM (P.spawnP . signMsgTest) xs
-    and <$> mapM P.get ys
+  ys <- mapM (P.spawnP . signMsgTest) xs
+  and <$> mapM P.get ys
 
 badSignatureTest :: (Msg, SecKey, PubKey) -> Bool
-badSignatureTest (fm, fk, fp) = not $ verifySig fp fg fm where
+badSignatureTest (fm, fk, fp) = not $ verifySig fp fg fm
+  where
     fg = signMsg fk fm
 
 normalizeSigTest :: (Msg, SecKey) -> Bool
-normalizeSigTest (fm, fk) = isNothing sig where
+normalizeSigTest (fm, fk) = isNothing sig
+  where
     fg = signMsg fk fm
     sig = normalizeSig fg
 
 serializePubKeyTest :: (PubKey, Bool) -> Bool
 serializePubKeyTest (fp, b) =
-    case importPubKey $ exportPubKey b fp of
-        Just fp' -> fp == fp'
-        Nothing  -> False
+  case importPubKey $ exportPubKey b fp of
+    Just fp' -> fp == fp'
+    Nothing -> False
 
 parSerializePubKeyTest :: [(PubKey, Bool)] -> Bool
 parSerializePubKeyTest ps = runPar $ do
-    as <- mapM (spawnP . serializePubKeyTest) ps
-    and <$> mapM get as
+  as <- mapM (spawnP . serializePubKeyTest) ps
+  and <$> mapM get as
 
 serializeSigTest :: (Msg, SecKey) -> Bool
 serializeSigTest (fm, fk) =
-    case importSig $ exportSig fg of
-        Just fg' -> fg == fg'
-        Nothing  -> False
+  case importSig $ exportSig fg of
+    Just fg' -> fg == fg'
+    Nothing -> False
   where
     fg = signMsg fk fm
 
 parSerializeSigTest :: [(Msg, SecKey)] -> Bool
 parSerializeSigTest ms = runPar $ do
-    as <- mapM (spawnP . serializeSigTest) ms
-    and <$> mapM get as
+  as <- mapM (spawnP . serializeSigTest) ms
+  and <$> mapM get as
 
 serializeCompactSigTest :: (Msg, SecKey) -> Bool
 serializeCompactSigTest (fm, fk) =
-    case importCompactSig $ exportCompactSig fg of
-        Just fg' -> fg == fg'
-        Nothing  -> False
+  case importCompactSig $ exportCompactSig fg of
+    Just fg' -> fg == fg'
+    Nothing -> False
   where
     fg = signMsg fk fm
 
 serializeSecKeyTest :: SecKey -> Bool
 serializeSecKeyTest fk =
-    case secKey $ getSecKey fk of
-        Just fk' -> fk == fk'
-        Nothing  -> False
+  case secKey $ getSecKey fk of
+    Just fk' -> fk == fk'
+    Nothing -> False
 
 tweakAddSecKeyTest :: Assertion
 tweakAddSecKeyTest =
-    assertEqual "tweaked keys match" expected tweaked
+  assertEqual "tweaked keys match" expected tweaked
   where
     tweaked = do
-        key <- secKey $ hexToBytes
+      key <-
+        secKey $
+          hexToBytes
             "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-        twk <- tweak $ hexToBytes
+      twk <-
+        tweak $
+          hexToBytes
             "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-        tweakAddSecKey key twk
-    expected = secKey $ hexToBytes
-        "ec1e3ce1cefa18a671d51125e2b249688d934b0e28f5d1665384d9b02f929059"
+      tweakAddSecKey key twk
+    expected =
+      secKey $
+        hexToBytes
+          "ec1e3ce1cefa18a671d51125e2b249688d934b0e28f5d1665384d9b02f929059"
 
 tweakMulSecKeyTest :: Assertion
 tweakMulSecKeyTest =
-    assertEqual "tweaked keys match" expected tweaked
+  assertEqual "tweaked keys match" expected tweaked
   where
     tweaked = do
-        key <- secKey $ hexToBytes
+      key <-
+        secKey $
+          hexToBytes
             "f65255094d7773ed8dd417badc9fc045c1f80fdc5b2d25172b031ce6933e039a"
-        twk <- tweak $ hexToBytes
+      twk <-
+        tweak $
+          hexToBytes
             "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-        tweakMulSecKey key twk
-    expected = secKey $ hexToBytes
-        "a96f5962493acb179f60a86a9785fc7a30e0c39b64c09d24fe064d9aef15e4c0"
+      tweakMulSecKey key twk
+    expected =
+      secKey $
+        hexToBytes
+          "a96f5962493acb179f60a86a9785fc7a30e0c39b64c09d24fe064d9aef15e4c0"
 
 tweakAddPubKeyTest :: Assertion
 tweakAddPubKeyTest =
-    assertEqual "tweaked keys match" expected tweaked
+  assertEqual "tweaked keys match" expected tweaked
   where
     tweaked = do
-        pub <- importPubKey $ hexToBytes
+      pub <-
+        importPubKey $
+          hexToBytes
             "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd4470512213d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-        twk <- tweak $ hexToBytes
+      twk <-
+        tweak $
+          hexToBytes
             "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-        tweakAddPubKey pub twk
-    expected = importPubKey $ hexToBytes
-        "04441c3982b97576646e0df0c96736063df6b42f2ee566d13b9f6424302d1379e518fdc87a14c5435bff7a5db4552042cb4120c6b86a4bbd3d0643f3c14ad01368"
+      tweakAddPubKey pub twk
+    expected =
+      importPubKey $
+        hexToBytes
+          "04441c3982b97576646e0df0c96736063df6b42f2ee566d13b9f6424302d1379e518fdc87a14c5435bff7a5db4552042cb4120c6b86a4bbd3d0643f3c14ad01368"
 
 tweakMulPubKeyTest :: Assertion
 tweakMulPubKeyTest =
-    assertEqual "tweaked keys match" expected tweaked
+  assertEqual "tweaked keys match" expected tweaked
   where
     tweaked = do
-        pub <- importPubKey $ hexToBytes
+      pub <-
+        importPubKey $
+          hexToBytes
             "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd4470512213d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-        twk <- tweak $ hexToBytes
+      twk <-
+        tweak $
+          hexToBytes
             "f5cbe7d88182a4b8e400f96b06128921864a18187d114c8ae8541b566c8ace00"
-        tweakMulPubKey pub twk
-    expected = importPubKey $ hexToBytes
-        "04f379dc99cdf5c83e433defa267fbb3377d61d6b779c06a0e4ce29ae3ff5353b12ae49c9d07e7368f2ba5a446c203255ce912322991a2d6a9d5d5761c61ed1845"
+      tweakMulPubKey pub twk
+    expected =
+      importPubKey $
+        hexToBytes
+          "04f379dc99cdf5c83e433defa267fbb3377d61d6b779c06a0e4ce29ae3ff5353b12ae49c9d07e7368f2ba5a446c203255ce912322991a2d6a9d5d5761c61ed1845"
 
 combinePubKeyTest :: Assertion
 combinePubKeyTest =
-    assertEqual "combined keys match" expected combined
+  assertEqual "combined keys match" expected combined
   where
     combined = do
-        pub1 <- importPubKey $ hexToBytes
+      pub1 <-
+        importPubKey $
+          hexToBytes
             "04dded4203dac96a7e85f2c374a37ce3e9c9a155a72b64b4551b0bfe779dd4470512213d5ed790522c042dee8e85c4c0ec5f96800b72bc5940c8bc1c5e11e4fcbf"
-        pub2 <- importPubKey $ hexToBytes
+      pub2 <-
+        importPubKey $
+          hexToBytes
             "0487d82042d93447008dfe2af762068a1e53ff394a5bf8f68a045fa642b99ea5d153f577dd2dba6c7ae4cfd7b6622409d7edd2d76dd13a8092cd3af97b77bd2c77"
-        pub3 <- importPubKey $ hexToBytes
+      pub3 <-
+        importPubKey $
+          hexToBytes
             "049b101edcbe1ee37ff6b2318526a425b629e823d7d8d9154417880595a28000ee3febd908754b8ce4e491aa6fe488b41fb5d4bb3788e33c9ff95a7a9229166d59"
-        combinePubKeys [pub1, pub2, pub3]
-    expected = importPubKey $ hexToBytes
-        "043d9a7ec70011efc23c33a7e62d2ea73cca87797e3b659d93bea6aa871aebde56c3bc6134ca82e324b0ab9c0e601a6d2933afe7fb5d9f3aae900f5c5dc6e362c8"
+      combinePubKeys [pub1, pub2, pub3]
+    expected =
+      importPubKey $
+        hexToBytes
+          "043d9a7ec70011efc23c33a7e62d2ea73cca87797e3b659d93bea6aa871aebde56c3bc6134ca82e324b0ab9c0e601a6d2933afe7fb5d9f3aae900f5c5dc6e362c8"
 
 combinePubKeyEmptyListTest :: Assertion
 combinePubKeyEmptyListTest =
-    assertEqual "empty pubkey list must return Nothing" expected combined
+  assertEqual "empty pubkey list must return Nothing" expected combined
   where
     expected = Nothing
     combined = combinePubKeys []
 
 negateTweakTest :: Assertion
 negateTweakTest =
-    assertEqual "can recover secret key 1 after adding tweak 1" oneKey subtracted
+  assertEqual "can recover secret key 1 after adding tweak 1" oneKey subtracted
   where
-    Just oneKey = secKey $ fromRight undefined $ B16.decodeBase16 $ B8.pack
-        "0000000000000000000000000000000000000000000000000000000000000001"
-    Just oneTwk = tweak $ fromRight undefined $ B16.decodeBase16 $ B8.pack
-        "0000000000000000000000000000000000000000000000000000000000000001"
+    Just oneKey =
+      secKey . decodeBase16 . assertBase16 $
+        B8.pack
+          "0000000000000000000000000000000000000000000000000000000000000001"
+    Just oneTwk =
+      tweak . decodeBase16 . assertBase16 $
+        B8.pack
+          "0000000000000000000000000000000000000000000000000000000000000001"
     Just minusOneTwk = tweakNegate oneTwk
     Just twoKey = tweakAddSecKey oneKey oneTwk
     Just subtracted = tweakAddSecKey twoKey minusOneTwk
