introduce malus + zombienet based integration tests (#4131)

* test/malus: craft the first maliciously disputing actor

* initial draft

* Add Dockerfile and instructions how to use it to build malus image locally

* Forgot one flag for the build cmd

* we are not docker specific, we are happy to use any containerruntime

* shuffle things around

* add initial tera based integration test

* chores

* fixins

* simple setup to start

* other samples (WIP)

* add Docker version with cargo-chef

* update substarte and small change of orders in commands in the container file

* metrics one

* fmt

* minor

* fixin

* fix metric names

* -d

* add open gauge

* fmt

* spellcheck

* fix test

* adjust to changed error messages

* refactor, more malus impls

* more malus changes

* foo

* minor cleanup

* suggest garbage candidate

* chore

* fix suggest garabge malus

* malus: back garbage candidate

* cargo lock

* re-introduce metrics

* chore: cargo fmt

* undoe 1.54.0 output, CI uses 1.53.0 rustc

* update location of js types

* Fix trybuild

* add tag to image name also; this will be replaced in the prod version

* Tests fixed

* add some fix me

* add dockerfile for ci

* Add docker file for malus for ci

* use variables in .toml file

* add chnages for malus test

* some fixes

* some more fixes

* Update .gitlab-ci.yml

* add local build for polkadot and malus

* some fixes

* enable disputes feature in CI

* ok, ok

* rename: MsgFilter -> MessageInterceptor

* remove TODO that would not have worked

* intercept

* refactor

* fix README and containers

* fix

* chore: cargo fmt

* avoid some more malus-$VARIANT references

* fix argument order

* chore: add about

* Update sanity check in relay chain selection

* fix order, add dispute-unavailable-block malus

* fixup: avoid underflow issue

* it's all u32

* fix conditional use

* Revert "it's all u32"

This reverts commit 6b3ae25bfd0bbf0b51d90d743642a75a4a815d6e.

* Revert "fixup: avoid underflow issue"

This reverts commit 336cbe2938e9720f870d37d8feeab7ca69200f47.

* Revert "Update sanity check in relay chain selection"

This reverts commit 970647f35e1116136e12fd91cd9f2fb7e18ad28d.

* update the malus bin

* Update node/malus/integrationtests/0003-dispute-unavailable-block.feature

Co-authored-by: Andronik Ordian <write@reusable.software>

* add some FIXME reminders

* update path to index.js

* Update .gitlab-ci.yml

* Update node/malus/integrationtests/0001-dispute-valid-block.toml

* try 1: make malus test run

* chore: cargo fmt

* temporary fix

* use subcommand syntax from latest gurke

* cargo +nightly fmt

* add collator to a a test

* docs: add env vars to README

* update ci to run dispute-valid-block test

* needs the polkadot image

* Fix path for nodejs container

* post merge fix

* download proper dir  containg configs for malus test

* update the malus ci job

* rm a whitespace

* temp build for malus

* use correct build command for temp malus

* remove subcommands for now

* set max validators per core in the default HostConfig

* tabs

* update beefy

* fixup

* fixup II

* make one variant compile

* make other variants compile

* revert changes to chain_spec

* fmt

* build malus image from polkadot-test-malus again

* revert unrelated changes

* try fixing build-malus job

* Revert "remove subcommands for now"

This reverts commit 5d8292bc49252124937affec4b7c28181a5deb7e.

* try fixing build-malus job II

* MVP working dispute-ancestor

* renames

* fix PVF execution on malus

* fix test

* fix typo

* fmt

* checkmate

* try something

* make it actually work

* some tweaks to 01 feature test

* fmt

* sleep a bit more

* complete wococoization

* some tweaks to 01 feature test

* typo fix

* use correct metric names

* fix

* ffs

* .

* try some rearrangement

* Attempt to wait till initial node bootstrap in test

* Fix test syntax

* Run malus tests with v2 script

* Proper symlink created

* simnet v14

* add zombienet tests

* add zombie net test - draft

* add more tests to dispute suite

* add within to fix tests

* replace test directory and start test migration

* migrate all the tests

* add timeout to tests

* reduce debug

* make easy to test in dev

* set appropriated debug

* use image from ci

* fix config for test

* set images from ci

* fix config

* add COLIMAGE env

* tweek tests

* reduce debug

* typo

* wip, migrate old test to zombie-net

* adjunt test config for zombie-net

* run mauls 0001 test only

* clean and setup smoke-test in zombie-net

* add extra time to assertinons

* clean code to merge and improve README

* add info to access logs

* improved readme

* merge master and resolve conflicts

* Update zombienet_tests/README.md

Co-authored-by: Bernhard Schuster <bernhard@ahoi.io>

* clean and consolidate zombienet name

* change runner in gitlab

* add comment explain why we use wococo

* change tag for runner

* remove unused tests

* remove dup Dockerfile and update description

* fmt

* fix compilation post-merge

* fmt

* cut me Some slack

Co-authored-by: Bernhard Schuster <bernhard@ahoi.io>
Co-authored-by: radupopa2010 <radupopa2010@yahoo.com>
Co-authored-by: Bastian Köcher <info@kchr.de>
Co-authored-by: Anton Gavrilov <AntonE.Gavrilov@gmail.com>
Co-authored-by: Andronik Ordian <write@reusable.software>
Co-authored-by: Lldenaurois <Ljdenaurois@gmail.com>

polkadot/node/malus/Cargo.toml

@@ -1,11 +1,3 @@
-[lib]
-name = "malus"
-path = "src/lib.rs"
-
-[[bin]]
-name = "malus-variant-a"
-path = "src/variant-a.rs"
-
 [package]
 name = "polkadot-test-malus"
 description = "Misbehaving nodes for local testnets, system and Simnet tests."
@@ -16,17 +8,34 @@ edition = "2018"
 readme = "README.md"
 publish = false
 
+[[bin]]
+name = "malus"
+path = "src/malus.rs"
+
 [dependencies]
 polkadot-cli = { path = "../../cli", default-features = false, features = [ "cli", "malus" ]  }
 polkadot-node-subsystem = { path = "../subsystem" }
 polkadot-node-subsystem-util = { path = "../subsystem-util" }
+polkadot-node-subsystem-types = { path = "../subsystem-types" }
+polkadot-node-core-dispute-coordinator = { path = "../core/dispute-coordinator" }
 polkadot-node-core-candidate-validation = { path = "../core/candidate-validation" }
+polkadot-node-core-backing = { path = "../core/backing" }
+polkadot-node-primitives = { path = "../primitives" }
+polkadot-primitives = { path = "../../primitives" }
 polkadot-node-core-pvf = { path = "../core/pvf" }
 parity-util-mem = { version = "0.10.0", default-features = false, features = ["jemalloc-global"] }
 color-eyre = { version = "0.5.11", default-features = false }
 assert_matches = "1.5"
 structopt = "0.3.25"
 async-trait = "0.1.51"
+sp-keystore = { git = "https://github.com/paritytech/substrate", branch = "master" }
+futures = "0.3.16"
+futures-timer = "3.0.2"
+tracing = "0.1.26"
+
+[features]
+default = [] # we do not enable disputes by default to avoid feature leak
+disputes = ["polkadot-cli/disputes"]
 
 [dev-dependencies]
 polkadot-node-subsystem-test-helpers = { path = "../subsystem-test-helpers" }

polkadot/node/malus/README.md

@@ -1,3 +1,59 @@
 # malus
 
-Create nemesis nodes with alternate, at best fault, at worst intentionally destructive behavior traits.
+Create nemesis nodes with alternate, at best faulty, at worst intentionally destructive behavior traits.
+
+The first argument determines the behavior strain. The currently supported are:
+
+* `suggest-garbage-candidate`
+* `back-garbage-candidate`
+* `dispute-ancestor`
+
+## Integration test cases
+
+To define integration tests create file
+in the toml format as used with [zombienet][zombienet]
+under `./integrationtests` describing the network to spawn and
+also the `feature` file (with `.feature` extension ) using the format
+defined in the [DSL doc](https://github.com/paritytech/zombienet/blob/main/docs/testing-dsl-definition.md).
+
+## Usage
+
+> Assumes you already gained permissiones, ping in element @javier:matrix.parity.io to get access.
+> and you have cloned the [zombienet][zombienet] repo.
+
+To launch a test case in the development cluster use (e.g. for the  ./node/malus/integrationtests/0001-dispute-valid-block.toml):
+
+```sh
+# declare the containers pulled in by zombie-net test definitions
+export MALUS_IMAGE=docker.io/paritypr/malus:4131-ccd09bbf
+export ZOMBIENET_INTEGRATION_TEST_IMAGE=docker.io/paritypr/synth-wave:4131-0.9.12-ccd09bbf-29a1ac18
+export COL_IMAGE=docker.io/paritypr/colander:4131-ccd09bbf
+
+# login chore, once, with the values as provided in the above guide
+gcloud auth login
+gcloud config set project "parity-zombienet"
+gcloud container clusters get-credentials "parity-zombienet" --zone "europe-west3-b" --project parity-zombienet
+
+# launching the actual test
+cd zombienet
+npm run build
+node dist/cli.js test <path to polkadot repo>/node/malus/integrationtests/0001-dispute-valid-block.feature
+
+# Access  logs (in google cloud storage)
+gsutil ls gs://zombienet-logs/zombie-<namespace uniqueId>/logs/
+```
+
+This will also teardown the namespace after completion.
+
+## Container Image Building Note
+
+In order to build the container image you need to have the latest changes from
+polkadot and substrate master branches.
+
+```sh
+pwd # run this from the current dir
+podman build -t paritypr/malus:v1 -f Containerfile ../../..
+```
+
+[zombienet]: https://github.com/paritytech/zombienet
+[gke]: (https://github.com/paritytech/gurke/blob/main/docs/How-to-setup-access-to-gke-k8s-cluster.md)

polkadot/node/malus/container/Containerfile-cargo-chef

@@ -0,0 +1,155 @@
+#
+### Builder stage
+#
+
+FROM rust as builder
+
+WORKDIR /usr/src/polkadot-malus
+RUN apt-get update && \
+  DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    ca-certificates \
+    clang \
+    curl \
+    cmake \
+    libssl1.1 \
+    libssl-dev \
+    pkg-config
+
+RUN export PATH="$PATH:$HOME/.cargo/bin" && \
+    rustup toolchain install nightly && \
+    rustup target add wasm32-unknown-unknown --toolchain nightly && \
+    rustup default stable
+
+COPY polkadot/  /usr/src/polkadot-malus/polkadot/
+COPY substrate/  /usr/src/polkadot-malus/substrate/
+
+WORKDIR /usr/src/polkadot-malus/polkadot
+
+RUN cargo build -p polkadot-test-malus --release
+RUN cp -v /usr/src/polkadot-malus/polkadot/target/release/malus /usr/local/bin
+
+# check if executable works in this container
+RUN /usr/local/bin/malus $VARIANT --version
+
+#
+### Runtime
+#
+
+FROM debian:buster-slim as runtime
+RUN apt-get update && \
+    apt-get install -y curl tini
+
+COPY --from=builder /usr/src/polkadot-malus/polkadot/target/release/malus /usr/local/bin
+# Non-root user for security purposes.
+#
+# UIDs below 10,000 are a security risk, as a container breakout could result
+# in the container being ran as a more privileged user on the host kernel with
+# the same UID.
+#
+# Static GID/UID is also useful for chown'ing files outside the container where
+# such a user does not exist.
+RUN groupadd --gid 10001 nonroot && \
+    useradd  --home-dir /home/nonroot \
+            --create-home \
+            --shell /bin/bash \
+            --gid nonroot \
+            --groups nonroot \
+            --uid 10000 nonroot
+WORKDIR /home/nonroot/polkadot-malus
+
+RUN chown -R nonroot. /home/nonroot
+
+# Use the non-root user to run our application
+# Tell run test script that it runs in container
+USER nonroot
+# check if executable works in this container
+RUN /usr/local/bin/malus --version
+# Tini allows us to avoid several Docker edge cases, see https://github.com/krallin/tini.
+ENTRYPOINT ["tini", "--", "/usr/local/bin/malus"]
+
+
+
+
+FROM rust:1.54.0 as planner
+WORKDIR /usr/src/polkadot-malus
+# We only pay the installation cost once,
+# it will be cached from the second build onwards
+RUN cargo install cargo-chef
+COPY polkadot/  /usr/src/polkadot-malus/polkadot/
+COPY substrate/  /usr/src/polkadot-malus/substrate/
+WORKDIR /usr/src/polkadot-malus/polkadot
+RUN cargo chef prepare  --recipe-path recipe.json
+
+
+FROM rust:1.54.0 as cacher
+WORKDIR /usr/src/polkadot-malus/polkadot
+RUN cargo install cargo-chef
+RUN apt-get update && \
+  DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    ca-certificates \
+    clang \
+    curl \
+    cmake \
+    libssl1.1 \
+    libssl-dev \
+    pkg-config
+RUN export PATH="$PATH:$HOME/.cargo/bin" && \
+    rustup toolchain install nightly && \
+    rustup target add wasm32-unknown-unknown --toolchain nightly && \
+    rustup default stable
+COPY --from=planner /usr/src/polkadot-malus/polkadot/recipe.json recipe.json
+RUN cargo chef cook --release --recipe-path recipe.json
+
+
+FROM rust:1.54.0 as builder
+WORKDIR /usr/src/polkadot-malus
+COPY polkadot/  /usr/src/polkadot-malus/polkadot/
+COPY substrate/  /usr/src/polkadot-malus/substrate/
+# Copy over the cached dependencies
+WORKDIR /usr/src/polkadot-malus/polkadot
+COPY --from=cacher /usr/src/polkadot-malus/polkadot/target target
+COPY --from=cacher $CARGO_HOME $CARGO_HOME
+RUN apt-get update && \
+  DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    ca-certificates \
+    clang \
+    curl \
+    cmake \
+    libssl1.1 \
+    libssl-dev \
+    pkg-config
+RUN export PATH="$PATH:$HOME/.cargo/bin" && \
+    rustup toolchain install nightly && \
+    rustup target add wasm32-unknown-unknown --toolchain nightly && \
+    rustup default stable
+RUN cargo build -p polkadot-test-malus --release
+
+
+FROM debian:buster-slim as runtime
+RUN apt-get update && \
+    apt-get install -y curl tini
+COPY --from=builder /usr/src/polkadot-malus/polkadot/target/release/malus /usr/local/bin
+# Non-root user for security purposes.
+#
+# UIDs below 10,000 are a security risk, as a container breakout could result
+# in the container being ran as a more privileged user on the host kernel with
+# the same UID.
+#
+# Static GID/UID is also useful for chown'ing files outside the container where
+# such a user does not exist.
+RUN groupadd --gid 10001 nonroot && \
+    useradd  --home-dir /home/nonroot \
+            --create-home \
+            --shell /bin/bash \
+            --gid nonroot \
+            --groups nonroot \
+            --uid 10000 nonroot
+WORKDIR /home/nonroot/polkadot-malus
+RUN chown -R nonroot. /home/nonroot
+# Use the non-root user to run our application
+# Tell run test script that it runs in container
+USER nonroot
+# check if executable works in this container
+RUN /usr/local/bin/malus --version
+# Tini allows us to avoid several Docker edge cases, see https://github.com/krallin/tini.
+ENTRYPOINT ["/usr/local/bin/malus"]

polkadot/node/malus/container/build.sh

@@ -0,0 +1 @@
+podman build -t paritypr/malus:v1 -f Containerfile ../../../..

polkadot/node/malus/container/malus-local-build.Containerfile

@@ -0,0 +1,66 @@
+#
+### Builder stage
+#
+
+FROM rust as builder
+
+WORKDIR /usr/src/polkadot-malus
+COPY polkadot/  /usr/src/polkadot-malus/polkadot/
+RUN apt-get update && \
+  DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    ca-certificates \
+    clang \
+    curl \
+    cmake \
+    libssl1.1 \
+    libssl-dev \
+    pkg-config
+
+RUN export PATH="$PATH:$HOME/.cargo/bin" && \
+    rustup toolchain install nightly && \
+    rustup target add wasm32-unknown-unknown --toolchain nightly && \
+    rustup default stable
+
+
+WORKDIR /usr/src/polkadot-malus/polkadot
+
+RUN cargo build -p polkadot-test-malus --release --verbose
+RUN cp -v /usr/src/polkadot-malus/polkadot/target/release/malus /usr/local/bin
+
+# check if executable works in this container
+RUN /usr/local/bin/malus --version
+
+#
+### Runtime
+#
+
+FROM debian:buster-slim as runtime
+RUN apt-get update && \
+    apt-get install -y curl tini
+
+COPY --from=builder /usr/src/polkadot-malus/polkadot/target/release/malus /usr/local/bin
+# Non-root user for security purposes.
+#
+# UIDs below 10,000 are a security risk, as a container breakout could result
+# in the container being ran as a more privileged user on the host kernel with
+# the same UID.
+#
+# Static GID/UID is also useful for chown'ing files outside the container where
+# such a user does not exist.
+RUN groupadd --gid 10001 nonroot && \
+    useradd  --home-dir /home/nonroot \
+            --create-home \
+            --shell /bin/bash \
+            --gid nonroot \
+            --groups nonroot \
+            --uid 10000 nonroot
+WORKDIR /home/nonroot/polkadot-malus
+
+RUN chown -R nonroot. /home/nonroot
+
+# Use the non-root user to run our application
+USER nonroot
+# check if executable works in this container
+RUN /usr/local/bin/malus --version
+# Tini allows us to avoid several Docker edge cases, see https://github.com/krallin/tini.
+ENTRYPOINT ["tini", "--", "/usr/local/bin/malus"]

polkadot/node/malus/container/polkadot-local-build.Containerfile

@@ -0,0 +1,66 @@
+#
+### Builder stage
+#
+
+FROM rust as builder
+
+WORKDIR /usr/src/polkadot
+COPY polkadot/  /usr/src/polkadot
+RUN apt-get update && \
+  DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    ca-certificates \
+    clang \
+    curl \
+    cmake \
+    libssl1.1 \
+    libssl-dev \
+    pkg-config
+
+RUN export PATH="$PATH:$HOME/.cargo/bin" && \
+    rustup toolchain install nightly && \
+    rustup target add wasm32-unknown-unknown --toolchain nightly && \
+    rustup default stable
+
+
+WORKDIR /usr/src/polkadot
+
+RUN cargo build --release --bin polkadot --features disputes --verbose
+RUN cp -v /usr/src/polkadot/target/release/polkadot /usr/local/bin
+
+# check if executable works in this container
+RUN /usr/local/bin/polkadot --version
+
+#
+### Runtime
+#
+
+FROM debian:buster-slim as runtime
+RUN apt-get update && \
+    apt-get install -y curl tini
+
+COPY --from=builder /usr/src/polkadot/target/release/polkadot /usr/local/bin
+# Non-root user for security purposes.
+#
+# UIDs below 10,000 are a security risk, as a container breakout could result
+# in the container being ran as a more privileged user on the host kernel with
+# the same UID.
+#
+# Static GID/UID is also useful for chown'ing files outside the container where
+# such a user does not exist.
+RUN groupadd --gid 10001 nonroot && \
+    useradd  --home-dir /home/nonroot \
+            --create-home \
+            --shell /bin/bash \
+            --gid nonroot \
+            --groups nonroot \
+            --uid 10000 nonroot
+WORKDIR /home/nonroot/polkadot
+
+RUN chown -R nonroot. /home/nonroot
+
+# Use the non-root user to run our application
+USER nonroot
+# check if executable works in this container
+RUN /usr/local/bin/polkadot --version
+# Tini allows us to avoid several Docker edge cases, see https://github.com/krallin/tini.
+ENTRYPOINT ["tini", "--", "/usr/local/bin/polkadot"]

polkadot/node/malus/integrationtests/0001-dispute-valid-block.feature

@@ -0,0 +1,29 @@
+Description: Disputes
+Network: ./0001-dispute-valid-block.toml
+Creds: config.gcloud
+
+
+alice: is up
+bob: is up
+charlie: is up
+david is up
+alice: reports node_roles is 4
+bob: reports node_roles is 4
+alice: reports sub_libp2p_is_major_syncing is 0
+alice: reports block height is at least 2 within 15 seconds
+alice: reports peers count is at least 2
+bob: reports block height is at least 2
+bob: reports peers count is at least 2
+charlie: reports block height is at least 2
+charlie: reports peers count is at least 2
+alice: reports parachain_candidate_disputes_total is at least 1 within 250 seconds
+bob: reports parachain_candidate_disputes_total is at least 1 within 45 seconds
+charlie: reports parachain_candidate_disputes_total is at least 1 within 45 seconds
+alice: reports parachain_candidate_dispute_votes{validity="valid"} is at least 1 within 45 seconds
+bob: reports parachain_candidate_dispute_votes{validity="valid"} is at least 2 within 45 seconds
+charlie: reports parachain_candidate_dispute_votes{validity="valid"} is at least 2 within 45 seconds
+alice: reports parachain_candidate_dispute_concluded{validity="valid"} is at least 1 within 45 seconds
+alice: reports parachain_candidate_dispute_concluded{validity="invalid"} is 0 within 45 seconds
+bob: reports parachain_candidate_dispute_concluded{validity="valid"} is at least 1 within 45 seconds
+charlie: reports parachain_candidate_dispute_concluded{validity="valid"} is at least 1 within 45 seconds
+charlie: reports parachain_candidate_dispute_concluded{validity="valid"} is at least 1 within 45 seconds

polkadot/node/malus/integrationtests/0001-dispute-valid-block.toml

@@ -0,0 +1,40 @@
+[settings]
+timeout = 1000
+
+[relaychain]
+default_image = "{{ZOMBIENET_INTEGRATION_TEST_IMAGE}}"
+chain = "wococo-local"
+chain_spec_command = "polkadot build-spec --chain wococo-local --disable-default-bootnode --raw > /cfg/wococo-local.json"
+command = "polkadot"
+
+  [[relaychain.nodes]]
+  name = "alice"
+  validator = true
+  extra_args = [ "--alice", "-lparachain=debug" ]
+
+  [[relaychain.nodes]]
+  name = "bob"
+  validator = true
+  extra_args = [ "--bob", "-lparachain=debug" ]
+
+  [[relaychain.nodes]]
+  name = "charlie"
+  validator = true
+  extra_args = [ "--charlie", "-lparachain=debug" ]
+
+  [[relaychain.nodes]]
+  name = "david"
+  validator = true
+  command = "/usr/local/bin/malus dispute-ancestor"
+  extra_args = ["--dave", "-lparachain=debug"]
+  image = "{{MALUS_IMAGE}}"
+  autoConnectApi = false
+
+[[parachains]]
+id = 100
+
+  [parachains.collator]
+  name = "collator01"
+  image = "{{COL_IMAGE}}"
+  command = "/usr/local/bin/adder-collator"
+  args = ["-lparachain=debug"]

polkadot/node/malus/src/interceptor.rs

@@ -24,9 +24,6 @@ use polkadot_node_subsystem::*;
 pub use polkadot_node_subsystem::{messages::AllMessages, overseer, FromOverseer};
 use std::{future::Future, pin::Pin};
 
-#[cfg(test)]
-mod tests;
-
 /// Filter incoming and outgoing messages.
 pub trait MessageInterceptor<Sender>: Send + Sync + Clone + 'static
 where

polkadot/node/malus/src/malus.rs

@@ -0,0 +1,126 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+//! A malus or nemesis node launch code.
+
+use color_eyre::eyre;
+use polkadot_cli::{Cli, RunCmd};
+use structopt::StructOpt;
+
+pub(crate) mod interceptor;
+pub(crate) mod shared;
+
+mod variants;
+
+use variants::*;
+
+/// Define the different variants of behavior.
+#[derive(Debug, StructOpt)]
+#[structopt(about = "Malus - the nemesis of polkadot.")]
+#[structopt(rename_all = "kebab-case")]
+enum NemesisVariant {
+	/// Suggest a candidate with an invalid proof of validity.
+	SuggestGarbageCandidate(RunCmd),
+	/// Back a candidate with a specifically crafted proof of validity.
+	BackGarbageCandidate(RunCmd),
+	/// Delayed disputing of ancestors that are perfectly fine.
+	DisputeAncestor(RunCmd),
+
+	#[allow(missing_docs)]
+	#[structopt(name = "prepare-worker", setting = structopt::clap::AppSettings::Hidden)]
+	PvfPrepareWorker(polkadot_cli::ValidationWorkerCommand),
+
+	#[allow(missing_docs)]
+	#[structopt(name = "execute-worker", setting = structopt::clap::AppSettings::Hidden)]
+	PvfExecuteWorker(polkadot_cli::ValidationWorkerCommand),
+}
+
+#[derive(Debug, StructOpt)]
+#[allow(missing_docs)]
+struct MalusCli {
+	#[structopt(subcommand)]
+	pub variant: NemesisVariant,
+}
+
+fn run_cmd(run: RunCmd) -> Cli {
+	Cli { subcommand: None, run }
+}
+
+impl MalusCli {
+	/// Launch a malus node.
+	fn launch(self) -> eyre::Result<()> {
+		match self.variant {
+			NemesisVariant::BackGarbageCandidate(cmd) =>
+				polkadot_cli::run_node(run_cmd(cmd), BackGarbageCandidate)?,
+			NemesisVariant::SuggestGarbageCandidate(cmd) =>
+				polkadot_cli::run_node(run_cmd(cmd), SuggestGarbageCandidate)?,
+			NemesisVariant::DisputeAncestor(cmd) =>
+				polkadot_cli::run_node(run_cmd(cmd), DisputeValidCandidates)?,
+			NemesisVariant::PvfPrepareWorker(cmd) => {
+				#[cfg(target_os = "android")]
+				{
+					return Err("PVF preparation workers are not supported under this platform")
+						.into()
+				}
+
+				#[cfg(not(target_os = "android"))]
+				{
+					polkadot_node_core_pvf::prepare_worker_entrypoint(&cmd.socket_path);
+				}
+			},
+			NemesisVariant::PvfExecuteWorker(cmd) => {
+				#[cfg(target_os = "android")]
+				{
+					return Err("PVF execution workers are not supported under this platform").into()
+				}
+
+				#[cfg(not(target_os = "android"))]
+				{
+					polkadot_node_core_pvf::execute_worker_entrypoint(&cmd.socket_path);
+				}
+			},
+		}
+		Ok(())
+	}
+}
+
+fn main() -> eyre::Result<()> {
+	color_eyre::install()?;
+	let cli = MalusCli::from_args();
+	cli.launch()?;
+	Ok(())
+}
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+
+	#[test]
+	fn subcommand_works() {
+		let cli = MalusCli::from_iter_safe(IntoIterator::into_iter([
+			"malus",
+			"dispute-ancestor",
+			"--bob",
+		]))
+		.unwrap();
+		assert_matches::assert_matches!(cli, MalusCli {
+			variant: NemesisVariant::DisputeAncestor(run),
+			..
+		} => {
+			assert!(run.base.bob);
+		});
+	}
+}

polkadot/node/malus/src/shared.rs

@@ -0,0 +1,49 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+use futures::prelude::*;
+use polkadot_node_primitives::SpawnNamed;
+
+pub const MALUS: &str = "MALUS😈😈😈";
+
+#[allow(unused)]
+pub(crate) const MALICIOUS_POV: &[u8] = "😈😈pov_looks_valid_to_me😈😈".as_bytes();
+
+/// Launch a service task for each item in the provided queue.
+#[allow(unused)]
+pub(crate) fn launch_processing_task<X, F, U, Q, S>(spawner: &S, queue: Q, action: F)
+where
+	F: Fn(X) -> U + Send + 'static,
+	U: Future<Output = ()> + Send + 'static,
+	Q: Stream<Item = X> + Send + 'static,
+	X: Send,
+	S: 'static + SpawnNamed + Clone + Unpin,
+{
+	let spawner2: S = spawner.clone();
+	spawner.spawn(
+		"nemesis-queue-processor",
+		Some("malus"),
+		Box::pin(async move {
+			let spawner3 = spawner2.clone();
+			queue
+				.for_each(move |input| {
+					spawner3.spawn("nemesis-task", Some("malus"), Box::pin(action(input)));
+					async move { () }
+				})
+				.await;
+		}),
+	);
+}

polkadot/node/malus/src/variant-a.rs

@@ -1,121 +0,0 @@
-// Copyright 2017-2020 Parity Technologies (UK) Ltd.
-// This file is part of Polkadot.
-
-// Polkadot is free software: you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-
-// Polkadot is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-
-// You should have received a copy of the GNU General Public License
-// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
-
-//! A malicious overseer.
-//!
-//! An example on how to use the `OverseerGen` pattern to
-//! instantiate a modified subsystem implementation
-//! for usage with `simnet`/Gurke.
-
-#![allow(missing_docs)]
-
-use color_eyre::eyre;
-use polkadot_cli::{
-	prepared_overseer_builder,
-	service::{
-		AuthorityDiscoveryApi, AuxStore, BabeApi, Block, Error, HeaderBackend, OverseerGen,
-		OverseerGenArgs, ParachainHost, ProvideRuntimeApi, SpawnNamed,
-	},
-	Cli,
-};
-
-// Import extra types relevant to the particular
-// subsystem.
-use polkadot_node_core_candidate_validation::CandidateValidationSubsystem;
-use polkadot_node_subsystem::{
-	messages::{AllMessages, CandidateValidationMessage},
-	overseer::{self, Overseer, OverseerConnector, OverseerHandle},
-	FromOverseer,
-};
-
-use malus::*;
-
-// Filter wrapping related types.
-use std::sync::{
-	atomic::{AtomicUsize, Ordering},
-	Arc,
-};
-
-use structopt::StructOpt;
-
-/// Silly example, just drop every second outgoing message.
-#[derive(Clone, Default, Debug)]
-struct Skippy(Arc<AtomicUsize>);
-
-impl<Sender> MessageInterceptor<Sender> for Skippy
-where
-	Sender: overseer::SubsystemSender<AllMessages>
-		+ overseer::SubsystemSender<CandidateValidationMessage>
-		+ Clone
-		+ 'static,
-{
-	type Message = CandidateValidationMessage;
-
-	fn intercept_incoming(
-		&self,
-		_sender: &mut Sender,
-		msg: FromOverseer<Self::Message>,
-	) -> Option<FromOverseer<Self::Message>> {
-		if self.0.fetch_add(1, Ordering::Relaxed) % 2 == 0 {
-			Some(msg)
-		} else {
-			None
-		}
-	}
-	fn intercept_outgoing(&self, msg: AllMessages) -> Option<AllMessages> {
-		Some(msg)
-	}
-}
-
-/// Generates an overseer that exposes bad behavior.
-struct BehaveMaleficient;
-
-impl OverseerGen for BehaveMaleficient {
-	fn generate<'a, Spawner, RuntimeClient>(
-		&self,
-		connector: OverseerConnector,
-		args: OverseerGenArgs<'a, Spawner, RuntimeClient>,
-	) -> Result<(Overseer<Spawner, Arc<RuntimeClient>>, OverseerHandle), Error>
-	where
-		RuntimeClient: 'static + ProvideRuntimeApi<Block> + HeaderBackend<Block> + AuxStore,
-		RuntimeClient::Api: ParachainHost<Block> + BabeApi<Block> + AuthorityDiscoveryApi<Block>,
-		Spawner: 'static + SpawnNamed + Clone + Unpin,
-	{
-		let candidate_validation_config = args.candidate_validation_config.clone();
-
-		prepared_overseer_builder(args)?
-			.replace_candidate_validation(|orig: CandidateValidationSubsystem| {
-				InterceptedSubsystem::new(
-					CandidateValidationSubsystem::with_config(
-						candidate_validation_config,
-						orig.metrics,
-						orig.pvf_metrics,
-					),
-					Skippy::default(),
-				)
-			})
-			.build_with_connector(connector)
-			.map_err(|e| e.into())
-	}
-}
-
-fn main() -> eyre::Result<()> {
-	color_eyre::install()?;
-	let cli = Cli::from_args();
-	assert_matches::assert_matches!(cli.subcommand, None);
-	polkadot_cli::run_node(cli, BehaveMaleficient)?;
-	Ok(())
-}

polkadot/node/malus/src/variants/back_garbage_candidate.rs

@@ -0,0 +1,230 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+//! A malicious overseer backing a particular candidate with a
+//! malicious proof of validity that is received.
+
+#![allow(missing_docs)]
+
+use polkadot_cli::{
+	prepared_overseer_builder,
+	service::{
+		AuthorityDiscoveryApi, AuxStore, BabeApi, Block, Error, HeaderBackend, Overseer,
+		OverseerConnector, OverseerGen, OverseerGenArgs, OverseerHandle, ParachainHost,
+		ProvideRuntimeApi, SpawnNamed,
+	},
+};
+
+// Import extra types relevant to the particular
+// subsystem.
+use polkadot_node_core_candidate_validation::CandidateValidationSubsystem;
+use polkadot_node_subsystem::messages::{
+	AvailabilityRecoveryMessage, CandidateValidationMessage, ValidationFailed,
+};
+use polkadot_node_subsystem_util as util;
+
+// Filter wrapping related types.
+use crate::{interceptor::*, shared::*};
+use polkadot_node_primitives::{PoV, ValidationResult};
+
+use polkadot_primitives::v1::{
+	CandidateCommitments, CandidateDescriptor, CandidateReceipt, PersistedValidationData,
+	ValidationCode,
+};
+
+use futures::channel::oneshot;
+use std::{
+	collections::HashMap,
+	sync::{Arc, Mutex},
+};
+
+#[derive(Clone, Debug)]
+struct BribedPassageInner<Spawner> {
+	spawner: Spawner,
+	cache: HashMap<CandidateDescriptor, CandidateReceipt>,
+}
+
+#[derive(Clone, Debug)]
+struct BribedPassage<Spawner> {
+	inner: Arc<Mutex<BribedPassageInner<Spawner>>>,
+}
+
+impl<Spawner> BribedPassage<Spawner>
+where
+	Spawner: SpawnNamed,
+{
+	fn let_pass(
+		persisted_validation_data: PersistedValidationData,
+		validation_code: Option<ValidationCode>,
+		_candidate_descriptor: CandidateDescriptor,
+		_pov: Arc<PoV>,
+		response_sender: oneshot::Sender<Result<ValidationResult, ValidationFailed>>,
+	) {
+		let candidate_commitmentments = CandidateCommitments {
+			head_data: persisted_validation_data.parent_head.clone(),
+			new_validation_code: validation_code,
+			..Default::default()
+		};
+
+		response_sender
+			.send(Ok(ValidationResult::Valid(candidate_commitmentments, persisted_validation_data)))
+			.unwrap();
+	}
+}
+
+impl<Sender, Spawner> MessageInterceptor<Sender> for BribedPassage<Spawner>
+where
+	Sender: overseer::SubsystemSender<CandidateValidationMessage>
+		+ overseer::SubsystemSender<AllMessages>
+		+ Clone
+		+ Send
+		+ 'static,
+	Spawner: SpawnNamed + Send + Clone + 'static,
+{
+	type Message = CandidateValidationMessage;
+
+	fn intercept_incoming(
+		&self,
+		sender: &mut Sender,
+		msg: FromOverseer<Self::Message>,
+	) -> Option<FromOverseer<Self::Message>> {
+		match msg {
+			FromOverseer::Communication {
+				msg:
+					CandidateValidationMessage::ValidateFromExhaustive(
+						persisted_validation_data,
+						validation_code,
+						candidate_descriptor,
+						pov,
+						_duration,
+						response_sender,
+					),
+			} if pov.block_data.0.as_slice() == MALICIOUS_POV => {
+				Self::let_pass(
+					persisted_validation_data,
+					Some(validation_code),
+					candidate_descriptor,
+					pov,
+					response_sender,
+				);
+				None
+			},
+			FromOverseer::Communication {
+				msg:
+					CandidateValidationMessage::ValidateFromChainState(
+						candidate_descriptor,
+						pov,
+						_duration,
+						response_sender,
+					),
+			} if pov.block_data.0.as_slice() == MALICIOUS_POV => {
+				if let Some(candidate_receipt) =
+					self.inner.lock().unwrap().cache.get(&candidate_descriptor).cloned()
+				{
+					let mut subsystem_sender = sender.clone();
+					let spawner = self.inner.lock().unwrap().spawner.clone();
+					spawner.spawn(
+						"malus-back-garbage-adhoc",
+						Some("malus"),
+						Box::pin(async move {
+							let relay_parent = candidate_descriptor.relay_parent;
+							let session_index = util::request_session_index_for_child(
+								relay_parent,
+								&mut subsystem_sender,
+							)
+							.await;
+							let session_index = session_index.await.unwrap().unwrap();
+
+							let (a_tx, a_rx) = oneshot::channel();
+
+							subsystem_sender
+								.send_message(AllMessages::from(
+									AvailabilityRecoveryMessage::RecoverAvailableData(
+										candidate_receipt,
+										session_index,
+										None,
+										a_tx,
+									),
+								))
+								.await;
+
+							if let Ok(Ok(availability_data)) = a_rx.await {
+								Self::let_pass(
+									availability_data.validation_data,
+									None,
+									candidate_descriptor,
+									pov,
+									response_sender,
+								);
+							} else {
+								tracing::info!(
+									target = MALUS,
+									"Could not get availability data, can't back"
+								);
+							}
+						}),
+					);
+				} else {
+					tracing::info!(target = MALUS, "No CandidateReceipt available to work with");
+				}
+				None
+			},
+			msg => Some(msg),
+		}
+	}
+
+	fn intercept_outgoing(&self, msg: AllMessages) -> Option<AllMessages> {
+		Some(msg)
+	}
+}
+
+/// Generates an overseer that exposes bad behavior.
+pub(crate) struct BackGarbageCandidate;
+
+impl OverseerGen for BackGarbageCandidate {
+	fn generate<'a, Spawner, RuntimeClient>(
+		&self,
+		connector: OverseerConnector,
+		args: OverseerGenArgs<'a, Spawner, RuntimeClient>,
+	) -> Result<(Overseer<Spawner, Arc<RuntimeClient>>, OverseerHandle), Error>
+	where
+		RuntimeClient: 'static + ProvideRuntimeApi<Block> + HeaderBackend<Block> + AuxStore,
+		RuntimeClient::Api: ParachainHost<Block> + BabeApi<Block> + AuthorityDiscoveryApi<Block>,
+		Spawner: 'static + SpawnNamed + Clone + Unpin,
+	{
+		let candidate_validation_config = args.candidate_validation_config.clone();
+		let spawner = args.spawner.clone();
+
+		prepared_overseer_builder(args)?
+			.replace_candidate_validation(|cv| {
+				InterceptedSubsystem::new(
+					CandidateValidationSubsystem::with_config(
+						candidate_validation_config,
+						cv.metrics,
+						cv.pvf_metrics,
+					),
+					BribedPassage::<Spawner> {
+						inner: Arc::new(Mutex::new(BribedPassageInner {
+							spawner,
+							cache: Default::default(),
+						})),
+					},
+				)
+			})
+			.build_with_connector(connector)
+			.map_err(|e| e.into())
+	}
+}

polkadot/node/malus/src/variants/dispute_valid_candidates.rs

@@ -0,0 +1,121 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+//! A malicious node that replaces approvals with invalid disputes
+//! against valid candidates.
+//!
+//! Attention: For usage with `zombienet` only!
+
+#![allow(missing_docs)]
+
+use polkadot_cli::{
+	prepared_overseer_builder,
+	service::{
+		AuthorityDiscoveryApi, AuxStore, BabeApi, Block, Error, HeaderBackend, Overseer,
+		OverseerConnector, OverseerGen, OverseerGenArgs, OverseerHandle, ParachainHost,
+		ProvideRuntimeApi, SpawnNamed,
+	},
+};
+
+// Filter wrapping related types.
+use crate::interceptor::*;
+
+// Import extra types relevant to the particular
+// subsystem.
+use polkadot_node_core_backing::CandidateBackingSubsystem;
+use polkadot_node_subsystem::messages::{
+	ApprovalDistributionMessage, CandidateBackingMessage, DisputeCoordinatorMessage,
+};
+use sp_keystore::SyncCryptoStorePtr;
+
+use std::sync::Arc;
+
+/// Replace outgoing approval messages with disputes.
+#[derive(Clone, Debug)]
+struct ReplaceApprovalsWithDisputes;
+
+impl<Sender> MessageInterceptor<Sender> for ReplaceApprovalsWithDisputes
+where
+	Sender: overseer::SubsystemSender<CandidateBackingMessage> + Clone + Send + 'static,
+{
+	type Message = CandidateBackingMessage;
+
+	fn intercept_incoming(
+		&self,
+		_sender: &mut Sender,
+		msg: FromOverseer<Self::Message>,
+	) -> Option<FromOverseer<Self::Message>> {
+		Some(msg)
+	}
+
+	fn intercept_outgoing(&self, msg: AllMessages) -> Option<AllMessages> {
+		match msg {
+			AllMessages::ApprovalDistribution(ApprovalDistributionMessage::DistributeApproval(
+				_,
+			)) => {
+				// drop the message on the floor
+				None
+			},
+			AllMessages::DisputeCoordinator(DisputeCoordinatorMessage::ImportStatements {
+				candidate_hash,
+				candidate_receipt,
+				session,
+				..
+			}) => {
+				// this would also dispute candidates we were not assigned to approve
+				Some(AllMessages::DisputeCoordinator(
+					DisputeCoordinatorMessage::IssueLocalStatement(
+						session,
+						candidate_hash,
+						candidate_receipt,
+						false,
+					),
+				))
+			},
+			msg => Some(msg),
+		}
+	}
+}
+
+/// Generates an overseer that disputes instead of approving valid candidates.
+pub(crate) struct DisputeValidCandidates;
+
+impl OverseerGen for DisputeValidCandidates {
+	fn generate<'a, Spawner, RuntimeClient>(
+		&self,
+		connector: OverseerConnector,
+		args: OverseerGenArgs<'a, Spawner, RuntimeClient>,
+	) -> Result<(Overseer<Spawner, Arc<RuntimeClient>>, OverseerHandle), Error>
+	where
+		RuntimeClient: 'static + ProvideRuntimeApi<Block> + HeaderBackend<Block> + AuxStore,
+		RuntimeClient::Api: ParachainHost<Block> + BabeApi<Block> + AuthorityDiscoveryApi<Block>,
+		Spawner: 'static + SpawnNamed + Clone + Unpin,
+	{
+		let spawner = args.spawner.clone();
+		let crypto_store_ptr = args.keystore.clone() as SyncCryptoStorePtr;
+		let filter = ReplaceApprovalsWithDisputes;
+
+		prepared_overseer_builder(args)?
+			.replace_candidate_backing(move |cb| {
+				InterceptedSubsystem::new(
+					CandidateBackingSubsystem::new(spawner, crypto_store_ptr, cb.params.metrics),
+					filter,
+				)
+			})
+			.build_with_connector(connector)
+			.map_err(|e| e.into())
+	}
+}

polkadot/node/malus/src/variants/mod.rs

@@ -0,0 +1,26 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+//! Collection of behavior variants.
+
+mod back_garbage_candidate;
+mod dispute_valid_candidates;
+mod suggest_garbage_candidate;
+
+pub(crate) use self::{
+	back_garbage_candidate::BackGarbageCandidate, dispute_valid_candidates::DisputeValidCandidates,
+	suggest_garbage_candidate::SuggestGarbageCandidate,
+};

polkadot/node/malus/src/variants/suggest_garbage_candidate.rs

@@ -0,0 +1,172 @@
+// Copyright 2021 Parity Technologies (UK) Ltd.
+// This file is part of Polkadot.
+
+// Polkadot is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Polkadot is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
+
+//! A malicious overseer proposing a garbage block.
+//!
+//! Supposed to be used with regular nodes or in conjunction
+//! with [`malus-back-garbage-candidate.rs`](./malus-back-garbage-candidate.rs)
+//! to simulate a coordinated attack.
+
+#![allow(missing_docs)]
+
+use polkadot_cli::{
+	prepared_overseer_builder,
+	service::{
+		AuthorityDiscoveryApi, AuxStore, BabeApi, Block, Error, HeaderBackend, Overseer,
+		OverseerConnector, OverseerGen, OverseerGenArgs, OverseerHandle, ParachainHost,
+		ProvideRuntimeApi, SpawnNamed,
+	},
+};
+
+// Import extra types relevant to the particular
+// subsystem.
+use polkadot_node_core_backing::CandidateBackingSubsystem;
+use polkadot_node_primitives::Statement;
+use polkadot_node_subsystem::{
+	messages::{CandidateBackingMessage, StatementDistributionMessage},
+	overseer::{self, SubsystemSender},
+};
+use polkadot_node_subsystem_util as util;
+// Filter wrapping related types.
+use crate::interceptor::*;
+use polkadot_primitives::v1::{
+	CandidateCommitments, CandidateReceipt, CommittedCandidateReceipt, CompactStatement, Hash,
+	Signed,
+};
+use sp_keystore::SyncCryptoStorePtr;
+use util::metered;
+
+use std::sync::Arc;
+
+use crate::shared::*;
+
+/// Replaces the seconded PoV data
+/// of outgoing messages by some garbage data.
+#[derive(Clone)]
+struct ReplacePoVBytes<Sender>
+where
+	Sender: Send,
+{
+	keystore: SyncCryptoStorePtr,
+	queue: metered::UnboundedMeteredSender<(Sender, Hash, CandidateReceipt)>,
+}
+
+impl<Sender> MessageInterceptor<Sender> for ReplacePoVBytes<Sender>
+where
+	Sender: overseer::SubsystemSender<CandidateBackingMessage> + Clone + Send + 'static,
+{
+	type Message = CandidateBackingMessage;
+
+	fn intercept_incoming(
+		&self,
+		sender: &mut Sender,
+		msg: FromOverseer<Self::Message>,
+	) -> Option<FromOverseer<Self::Message>> {
+		match msg {
+			FromOverseer::Communication {
+				msg: CandidateBackingMessage::Second(hash, candidate_receipt, _pov),
+			} => {
+				self.queue
+					.unbounded_send((sender.clone(), hash, candidate_receipt.clone()))
+					.unwrap();
+
+				None
+			},
+			other => Some(other),
+		}
+	}
+
+	fn intercept_outgoing(&self, msg: AllMessages) -> Option<AllMessages> {
+		Some(msg)
+	}
+}
+
+/// Generates an overseer that exposes bad behavior.
+pub(crate) struct SuggestGarbageCandidate;
+
+impl OverseerGen for SuggestGarbageCandidate {
+	fn generate<'a, Spawner, RuntimeClient>(
+		&self,
+		connector: OverseerConnector,
+		args: OverseerGenArgs<'a, Spawner, RuntimeClient>,
+	) -> Result<(Overseer<Spawner, Arc<RuntimeClient>>, OverseerHandle), Error>
+	where
+		RuntimeClient: 'static + ProvideRuntimeApi<Block> + HeaderBackend<Block> + AuxStore,
+		RuntimeClient::Api: ParachainHost<Block> + BabeApi<Block> + AuthorityDiscoveryApi<Block>,
+		Spawner: 'static + SpawnNamed + Clone + Unpin,
+	{
+		let spawner = args.spawner.clone();
+		let (sink, source) = metered::unbounded();
+		let keystore = args.keystore.clone() as SyncCryptoStorePtr;
+
+		let filter = ReplacePoVBytes { keystore: keystore.clone(), queue: sink };
+
+		let keystore2 = keystore.clone();
+		let spawner2 = spawner.clone();
+
+		let result = prepared_overseer_builder(args)?
+			.replace_candidate_backing(move |cb| {
+				InterceptedSubsystem::new(
+					CandidateBackingSubsystem::new(spawner2, keystore2, cb.params.metrics),
+					filter,
+				)
+			})
+			.build_with_connector(connector)
+			.map_err(|e| e.into());
+
+		launch_processing_task(
+			&spawner,
+			source,
+			move |(mut subsystem_sender, hash, candidate_receipt): (_, Hash, CandidateReceipt)| {
+				let keystore = keystore.clone();
+				async move {
+					tracing::info!(
+						target = MALUS,
+						"Replacing seconded candidate pov with something else"
+					);
+
+					let committed_candidate_receipt = CommittedCandidateReceipt {
+						descriptor: candidate_receipt.descriptor.clone(),
+						commitments: CandidateCommitments::default(),
+					};
+
+					let statement = Statement::Seconded(committed_candidate_receipt);
+
+					if let Ok(validator) =
+						util::Validator::new(hash, keystore.clone(), &mut subsystem_sender).await
+					{
+						let signed_statement: Signed<Statement, CompactStatement> = validator
+							.sign(keystore, statement)
+							.await
+							.expect("Signing works. qed")
+							.expect("Something must come out of this. qed");
+
+						subsystem_sender
+							.send_message(StatementDistributionMessage::Share(
+								hash,
+								signed_statement,
+							))
+							.await;
+					} else {
+						tracing::info!("We are not a validator. Not siging anything.");
+					}
+				}
+			},
+		);
+
+		result
+	}
+}

polkadot/node/service/src/lib.rs

@@ -948,7 +948,11 @@ where
 					chain_selection_config,
 					dispute_coordinator_config,
 				},
-			)?;
+			)
+			.map_err(|e| {
+				tracing::error!("Failed to init overseer: {}", e);
+				e
+			})?;
 		let handle = Handle::new(overseer_handle.clone());
 
 		{

polkadot/node/subsystem-util/src/lib.rs

@@ -630,13 +630,13 @@ where
 }
 
 /// Parameters to a job subsystem.
-struct JobSubsystemParams<Spawner, RunArgs, Metrics> {
+pub struct JobSubsystemParams<Spawner, RunArgs, Metrics> {
 	/// A spawner for sub-tasks.
 	spawner: Spawner,
 	/// Arguments to each job.
 	run_args: RunArgs,
 	/// Metrics for the subsystem.
-	metrics: Metrics,
+	pub metrics: Metrics,
 }
 
 /// A subsystem which wraps jobs.
@@ -648,7 +648,8 @@ struct JobSubsystemParams<Spawner, RunArgs, Metrics> {
 ///   include a hash, then they're forwarded to the appropriate individual job.
 /// - On outgoing messages from the jobs, it forwards them to the overseer.
 pub struct JobSubsystem<Job: JobTrait, Spawner> {
-	params: JobSubsystemParams<Spawner, Job::RunArgs, Job::Metrics>,
+	#[allow(missing_docs)]
+	pub params: JobSubsystemParams<Spawner, Job::RunArgs, Job::Metrics>,
 	_marker: std::marker::PhantomData<Job>,
 }
 

polkadot/node/test/polkadot-simnet/node/src/main.rs

@@ -15,10 +15,10 @@
 // along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
 
 //! Binary used for Simnet nodes, supports all runtimes, although only polkadot is implemented currently.
-//! This binary accepts all the CLI args the polkadot binary does, Only difference is it uses
+//! This binary accepts all the CLI args the polkadot binary does, with the only difference that it uses
 //! manual-seal™ and babe for block authorship, it has a no-op verifier, so all blocks received over the network
 //! are imported and executed straight away. Block authorship/Finalization maybe done by calling the
-//!  `engine_createBlock` & `engine_FinalizeBlock` rpc methods respectively.
+//! rpc methods `engine_createBlock` and `engine_FinalizeBlock` respectively.
 
 use std::error::Error;