### Tasks
- [x] research security updates for `go 1.19`
- [x] SPIKE: (why) does a go version bump require a coordinated upgrade?
- [ ] https://github.com/strangelove-ventures/wormhole/issues/52
- [ ] https://github.com/strangelove-ventures/wormhole/issues/43
- [ ] bump go version in `go.mod` if/when possible (find which deps are trailing behind and update them past 1.19). Which packages would be affected w/ a 1.21 bump? This'll help determine whether the bump will be consensus breaking.