The `hbbft` crate comes with a toolkit for testing its various algorithms in simulated network environments.
## Old vs new
The old testing code can be found inside the `network` module and `.rs` files in the `tests` subdirectory that are not prefixed with `net_`. The newer networking code is contained inside the `net` module and the remaining `.rs` files.
The new implementation offers many advantages, such as better abstractions for adversaries, easier implementations influencing the message delivery order, better reporting of failed tests, packet recording and more convenience functions. The old tests continue to work, but will be migrated step-by-step to take advantage of the newer features.
Core of most tests is the `net::VirtualNet` struct, which simulates a network of nodes all running an instance of a consensus protocol. Messages sent by these nodes are queued by the network and dispatched each time the network is advancing one iteration, commonly referred to as being "cranked". Each time the network is cranked, a buffered message is delivered to its destination node and processed.
The network advances through the `crank()` function, on every call
1. the adversary is given a chance to re-order<sup>1</sup> the message queue,
1. the next message in the queue is delivered to its destination node (if the node is non-faulty) or the adversary (if the node is faulty),
1. all messages from the resulting step are queued,
1. and the resulting step (or error) is returned.
If there were no messages to begin with, `None` is returned instead.
<sup>1</sup>: Due to some implementation deficiencies it is possible for an adversary to mutate any part of `VirtualNet` (i.e. to change things beyond the scope of our adversary model). While this will be addressed in future versions, it is currently up to the test implementor to ensure that adversaries are not more powerful than they are supposed to be.
Cranking can be done manually:
```rust
let step = net.crank()
.expect("expected at least one messages")
.expect("algorithm error");
// Shorthand:
let step = net.crank_expect();
```
For convenience, an iterator interface is also available:
```rust
for res in net {
let (node_id, step) = res.expect("algorithm error");
// ...
}
```
This has the drawback that access to the network is not available inside the loop, as it is borrowed. A common workaround is using a while loop instead:
```rust
while let Some(res) = net.crank() {
let (node_id, step) = res.expect("algorithm error");
// `net` can still be mutably borrowed here.
}
```
### Inspecting the network
In addition to the returned `Step`s, the network and nodes can be queried through various methods: `VirtualNet::{nodes, faulty_nodes, correct_nodes, get, get_mut}`.
### Adversaries
Adversaries can be introduced through the `.adversary` method on the constructor and are expected to implement the `net::adversary::Adversary` trait. Generic adversaries are available in the same module, while algorithm-specific ones should live next to each test case.
```rust
// Missing example.
```
### Tracing
By default, all network tests write traces of every network message into logfiles, named `net-trace_*.txt` in the current working directory. Each log stores one message per line, in the format of `[SENDER] -> [RECEIVER]: MSG`.
This behavior can be controlled using the `HBBFT_TEST_TRACE` environment variable; if set and equal to `1` or `true`, this functionality is enabled. Tracing is disabled by default.
The `NetBuilder` allows hard-coding the trace setting, any value passed will override environment settings:
```rust
let net = NetBuilder(0..10)
.trace(false) // Never log network messages.
// ...
```
### Checking outputs
As a convenience, all nodes capture any generated output during operation for inspection. The following code fragment demonstrates how to verify that all non-faulty nodes have output the same thing:
```rust
let first = net.correct_nodes().nth(0).unwrap().outputs();
The test framework supports deterministic randomness by allowing all random values to be dervied from a single random generator. By seeding this generator with a fixed value, tests can be reproduced precisely:
Many higher-level tests allow for a variety of different input parameters like the number of nodes in a network or the amount of faulty ones among them. Other possible parameters include transaction, batch or contribution sizes. To test a variety of randomized combinations of these, the [proptest](https://docs.rs/proptest) crate should be used.
The first step in using `proptest` is parametrizing a test, ensuring that all parameters are passed in and not hardcoded. The resulting function should be wrapped, due to the fact that `rustfmt` will not reformat code inside most macros:
```rust
proptest! {
#[test]
fn basic_operations(num_nodes in 3..10u32, num_tx in 40..60u32) {
Some helper structures and functions are available, e.g. the number of nodes should rarely be specified using a range, but with the `NetworkDimension` strategy instead:
```rust
use net::NetBuilder;
use net::proptest::NetworkDimension;
proptest! {
#[test]
fn basic_operations(dimension in NetworkDimension::range(3, 10), num_txs in 40..60u32) {
When specified this way, `dimension` will always be generated with a random valid number of faulty nodes, which is limited by the total amount of nodes. Additionally, `proptest` will automatically try to shrink the solution to a minimum if an error is found. The `NetworkDimension` is reduced in a way that tries to find a minimal combination of size and faulty nodes quicker than independently modified node counts would.
To cut down on the number of parameters passed to each function, a struct containing all parameters for a single test can be added for larger parameter sets:
