diff --git a/contribs/gnokms/internal/common/server.go b/contribs/gnokms/internal/common/server.go
index 5d1c403a15c..9f40c5165d4 100644
--- a/contribs/gnokms/internal/common/server.go
+++ b/contribs/gnokms/internal/common/server.go
@@ -26,7 +26,7 @@ func NewSignerServer(
 		commonFlags.LogFormat,
 	)
 	if err != nil {
-		return nil, nil, fmt.Errorf("unable to initialize zap logger, %w", err)
+		return nil, nil, fmt.Errorf("unable to initialize zap logger: %w", err)
 	}
 
 	// Keep a reference to the zap logger flush function.
@@ -47,24 +47,26 @@ func NewSignerServer(
 		return nil, nil, err
 	}
 
-	endpoint := privval.NewSignerDialerEndpoint(
-		logger,
-		dialer,
-		privval.SignerDialerEndpointMaxDialRetries(commonFlags.DialMaxRetries),
-		privval.SignerDialerEndpointDialRetryInterval(commonFlags.DialRetryInterval),
-		privval.SignerDialerEndpointReadWriteTimeout(commonFlags.ReadWriteTimeout),
+	// Initialize the server with the dialer, the connection parameters and the private validator.
+	server := privval.NewSignerServer(
+		privval.NewSignerDialerEndpoint(
+			logger,
+			dialer,
+			privval.SignerDialerEndpointMaxDialRetries(commonFlags.DialMaxRetries),
+			privval.SignerDialerEndpointDialRetryInterval(commonFlags.DialRetryInterval),
+			privval.SignerDialerEndpointReadWriteTimeout(commonFlags.ReadWriteTimeout),
+		),
+		commonFlags.ChainID,
+		privVal,
 	)
 
-	// Initialize the remote signer server with the dialer and the gnokey private validator.
-	server := privval.NewSignerServer(endpoint, commonFlags.ChainID, privVal)
-
 	return server, flush, nil
 }
 
 // RunSignerServer initializes and start a remote signer server with the given private validator.
 // It then waits for the server to finish.
 func RunSignerServer(io commands.IO, commonFlags *Flags, privVal types.PrivValidator) error {
-	// Initialize the remote signer server with the gnokey private validator.
+	// Initialize the remote signer server with the private validator.
 	server, flush, err := NewSignerServer(io, commonFlags, privVal)
 	if err != nil {
 		return err
diff --git a/contribs/gnokms/internal/gnokey/gnokey.go b/contribs/gnokms/internal/gnokey/gnokey.go
index 05913aa8a5d..eb737f563d2 100644
--- a/contribs/gnokms/internal/gnokey/gnokey.go
+++ b/contribs/gnokms/internal/gnokey/gnokey.go
@@ -28,7 +28,7 @@ func (gk *gnokeyPrivVal) SignProposal(chainID string, proposal *types.Proposal)
 	// Sign the proposal.
 	sig, _, err := gk.keyBase.Sign(gk.keyInfo.GetName(), gk.password, proposal.SignBytes(chainID))
 	if err != nil {
-		return fmt.Errorf("unable to sign proposal bytes, %w", err)
+		return fmt.Errorf("unable to sign proposal bytes: %w", err)
 	}
 
 	// Save the signature (the proposal will be returned to the client).
@@ -42,7 +42,7 @@ func (gk *gnokeyPrivVal) SignVote(chainID string, vote *types.Vote) error {
 	// Sign the vote.
 	sig, _, err := gk.keyBase.Sign(gk.keyInfo.GetName(), gk.password, vote.SignBytes(chainID))
 	if err != nil {
-		return fmt.Errorf("unable to sign vote bytes, %w", err)
+		return fmt.Errorf("unable to sign vote bytes: %w", err)
 	}
 
 	// Save the vote (the vote will be returned to the client).
@@ -83,7 +83,7 @@ func newGnokeyPrivVal(
 				gnFlags.insecurePasswordStdin,
 			)
 			if err != nil {
-				return nil, fmt.Errorf("unable to get decryption key, %w", err)
+				return nil, fmt.Errorf("unable to get decryption key: %w", err)
 			}
 
 			// Check if the password is correct.
@@ -95,7 +95,7 @@ func newGnokeyPrivVal(
 			break
 		}
 	default: // Offline and Multi types are not supported.
-		return nil, fmt.Errorf("unsupported key type, %s", info.GetType())
+		return nil, fmt.Errorf("unsupported key type: %s", info.GetType())
 	}
 
 	return &gnokeyPrivVal{
diff --git a/tm2/pkg/bft/node/node.go b/tm2/pkg/bft/node/node.go
index 1c99f4b6d0f..d057b327544 100644
--- a/tm2/pkg/bft/node/node.go
+++ b/tm2/pkg/bft/node/node.go
@@ -976,7 +976,7 @@ func createAndStartPrivValidatorSocketClient(
 	listenAddr string,
 	logger *slog.Logger,
 ) (types.PrivValidator, error) {
-  // TODO: pass in the mutual auth keys
+	// TODO: pass in the mutual auth keys
 	listener, err := privval.NewListener(listenAddr, ed25519.GenPrivKey(), nil)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to start private validator")
diff --git a/tm2/pkg/bft/privval/utils.go b/tm2/pkg/bft/privval/utils.go
index 5ee37f4e55a..6bfb43819e1 100644
--- a/tm2/pkg/bft/privval/utils.go
+++ b/tm2/pkg/bft/privval/utils.go
@@ -11,6 +11,12 @@ import (
 	osm "github.com/gnolang/gno/tm2/pkg/os"
 )
 
+// Protocols supported by the privval package.
+const (
+	unix = "unix"
+	tcp  = "tcp"
+)
+
 // IsConnTimeout returns a boolean indicating whether the error is known to
 // report that a connection timeout occurred. This detects both fundamental
 // network timeouts, as well as ErrConnTimeout errors.
@@ -40,13 +46,15 @@ func NewListener(
 		return nil, err
 	}
 	switch protocol {
-	case "unix":
+	case unix:
 		listener = NewUnixListener(ln)
-	case "tcp":
+	case tcp:
 		listener = NewTCPListener(ln, listenerKey, authorizedKeys)
 	default:
 		return nil, fmt.Errorf(
-			"wrong listen address: expected either 'tcp' or 'unix' protocols, got %s",
+			"wrong listen address: expected either '%s' or '%s' protocols, got %s",
+			unix,
+			tcp,
 			protocol,
 		)
 	}
@@ -66,13 +74,15 @@ func NewDialer(
 
 	protocol, address := osm.ProtocolAndAddress(dialAddr)
 	switch protocol {
-	case "unix":
+	case unix:
 		dialer = DialUnixFn(address)
-	case "tcp":
+	case tcp:
 		dialer = DialTCPFn(address, tcpTimeout, dialerKey, authorizedKeys)
 	default:
 		return nil, fmt.Errorf(
-			"wrong listen address: expected either 'tcp' or 'unix' protocols, got %s",
+			"wrong dialer address: expected either '%s' or '%s' protocols, got %s",
+			unix,
+			tcp,
 			protocol,
 		)
 	}