flwr-nightly 1.15.0.dev20250121__py3-none-any.whl → 1.15.0.dev20250122__py3-none-any.whl

flwr/cli/config_utils.py

@@ -15,53 +15,13 @@
 """Utility to validate the `pyproject.toml` file."""
 
 
-import zipfile
-from io import BytesIO
 from pathlib import Path
-from typing import IO, Any, Optional, Union, get_args
+from typing import Any, Optional, Union
 
 import tomli
 import typer
 
-from flwr.common import object_ref
-from flwr.common.typing import UserConfigValue
-
-
-def get_fab_config(fab_file: Union[Path, bytes]) -> dict[str, Any]:
-    """Extract the config from a FAB file or path.
-
-    Parameters
-    ----------
-    fab_file : Union[Path, bytes]
-        The Flower App Bundle file to validate and extract the metadata from.
-        It can either be a path to the file or the file itself as bytes.
-
-    Returns
-    -------
-    Dict[str, Any]
-        The `config` of the given Flower App Bundle.
-    """
-    fab_file_archive: Union[Path, IO[bytes]]
-    if isinstance(fab_file, bytes):
-        fab_file_archive = BytesIO(fab_file)
-    elif isinstance(fab_file, Path):
-        fab_file_archive = fab_file
-    else:
-        raise ValueError("fab_file must be either a Path or bytes")
-
-    with zipfile.ZipFile(fab_file_archive, "r") as zipf:
-        with zipf.open("pyproject.toml") as file:
-            toml_content = file.read().decode("utf-8")
-
-        conf = load_from_string(toml_content)
-        if conf is None:
-            raise ValueError("Invalid TOML content in pyproject.toml")
-
-        is_valid, errors, _ = validate(conf, check_module=False)
-        if not is_valid:
-            raise ValueError(errors)
-
-        return conf
+from flwr.common.config import get_fab_config, get_metadata_from_config, validate_config
 
 
 def get_fab_metadata(fab_file: Union[Path, bytes]) -> tuple[str, str]:
@@ -78,12 +38,7 @@ def get_fab_metadata(fab_file: Union[Path, bytes]) -> tuple[str, str]:
     Tuple[str, str]
         The `fab_id` and `fab_version` of the given Flower App Bundle.
     """
-    conf = get_fab_config(fab_file)
-
-    return (
-        f"{conf['tool']['flwr']['app']['publisher']}/{conf['project']['name']}",
-        conf["project"]["version"],
-    )
+    return get_metadata_from_config(get_fab_config(fab_file))
 
 
 def load_and_validate(
@@ -120,7 +75,7 @@ def load_and_validate(
         ]
         return (None, errors, [])
 
-    is_valid, errors, warnings = validate(config, check_module, path.parent)
+    is_valid, errors, warnings = validate_config(config, check_module, path.parent)
 
     if not is_valid:
         return (None, errors, warnings)
@@ -133,102 +88,11 @@ def load(toml_path: Path) -> Optional[dict[str, Any]]:
     if not toml_path.is_file():
         return None
 
-    with toml_path.open(encoding="utf-8") as toml_file:
-        return load_from_string(toml_file.read())
-
-
-def _validate_run_config(config_dict: dict[str, Any], errors: list[str]) -> None:
-    for key, value in config_dict.items():
-        if isinstance(value, dict):
-            _validate_run_config(config_dict[key], errors)
-        elif not isinstance(value, get_args(UserConfigValue)):
-            raise ValueError(
-                f"The value for key {key} needs to be of type `int`, `float`, "
-                "`bool, `str`, or  a `dict` of those.",
-            )
-
-
-# pylint: disable=too-many-branches
-def validate_fields(config: dict[str, Any]) -> tuple[bool, list[str], list[str]]:
-    """Validate pyproject.toml fields."""
-    errors = []
-    warnings = []
-
-    if "project" not in config:
-        errors.append("Missing [project] section")
-    else:
-        if "name" not in config["project"]:
-            errors.append('Property "name" missing in [project]')
-        if "version" not in config["project"]:
-            errors.append('Property "version" missing in [project]')
-        if "description" not in config["project"]:
-            warnings.append('Recommended property "description" missing in [project]')
-        if "license" not in config["project"]:
-            warnings.append('Recommended property "license" missing in [project]')
-        if "authors" not in config["project"]:
-            warnings.append('Recommended property "authors" missing in [project]')
-
-    if (
-        "tool" not in config
-        or "flwr" not in config["tool"]
-        or "app" not in config["tool"]["flwr"]
-    ):
-        errors.append("Missing [tool.flwr.app] section")
-    else:
-        if "publisher" not in config["tool"]["flwr"]["app"]:
-            errors.append('Property "publisher" missing in [tool.flwr.app]')
-        if "config" in config["tool"]["flwr"]["app"]:
-            _validate_run_config(config["tool"]["flwr"]["app"]["config"], errors)
-        if "components" not in config["tool"]["flwr"]["app"]:
-            errors.append("Missing [tool.flwr.app.components] section")
-        else:
-            if "serverapp" not in config["tool"]["flwr"]["app"]["components"]:
-                errors.append(
-                    'Property "serverapp" missing in [tool.flwr.app.components]'
-                )
-            if "clientapp" not in config["tool"]["flwr"]["app"]["components"]:
-                errors.append(
-                    'Property "clientapp" missing in [tool.flwr.app.components]'
-                )
-
-    return len(errors) == 0, errors, warnings
-
-
-def validate(
-    config: dict[str, Any],
-    check_module: bool = True,
-    project_dir: Optional[Union[str, Path]] = None,
-) -> tuple[bool, list[str], list[str]]:
-    """Validate pyproject.toml."""
-    is_valid, errors, warnings = validate_fields(config)
-
-    if not is_valid:
-        return False, errors, warnings
-
-    # Validate serverapp
-    serverapp_ref = config["tool"]["flwr"]["app"]["components"]["serverapp"]
-    is_valid, reason = object_ref.validate(serverapp_ref, check_module, project_dir)
-
-    if not is_valid and isinstance(reason, str):
-        return False, [reason], []
-
-    # Validate clientapp
-    clientapp_ref = config["tool"]["flwr"]["app"]["components"]["clientapp"]
-    is_valid, reason = object_ref.validate(clientapp_ref, check_module, project_dir)
-
-    if not is_valid and isinstance(reason, str):
-        return False, [reason], []
-
-    return True, [], []
-
-
-def load_from_string(toml_content: str) -> Optional[dict[str, Any]]:
-    """Load TOML content from a string and return as dict."""
-    try:
-        data = tomli.loads(toml_content)
-        return data
-    except tomli.TOMLDecodeError:
-        return None
+    with toml_path.open("rb") as toml_file:
+        try:
+            return tomli.load(toml_file)
+        except tomli.TOMLDecodeError:
+            return None
 
 
 def process_loaded_project_config(

flwr/cli/install.py

@@ -154,7 +154,7 @@ def validate_and_install(
         )
         raise typer.Exit(code=1)
 
-    version, fab_id = get_metadata_from_config(config)
+    fab_id, version = get_metadata_from_config(config)
     publisher, project_name = fab_id.split("/")
     config_metadata = (publisher, project_name, version, fab_hash)
 

flwr/client/clientapp/utils.py

@@ -66,7 +66,7 @@ def get_load_client_app_fn(
         # `fab_hash` is not required since the app is loaded from `runtime_app_dir`.
         elif app_path is not None:
             config = get_project_config(runtime_app_dir)
-            this_fab_version, this_fab_id = get_metadata_from_config(config)
+            this_fab_id, this_fab_version = get_metadata_from_config(config)
 
             if this_fab_version != fab_version or this_fab_id != fab_id:
                 raise LoadClientAppError(

flwr/client/grpc_rere_client/client_interceptor.py

@@ -15,71 +15,18 @@
 """Flower client interceptor."""
 
 
-import base64
-import collections
-from collections.abc import Sequence
-from logging import WARNING
-from typing import Any, Callable, Optional, Union
+from typing import Any, Callable
 
 import grpc
 from cryptography.hazmat.primitives.asymmetric import ec
+from google.protobuf.message import Message as GrpcMessage
 
-from flwr.common.logger import log
+from flwr.common import now
+from flwr.common.constant import PUBLIC_KEY_HEADER, SIGNATURE_HEADER, TIMESTAMP_HEADER
 from flwr.common.secure_aggregation.crypto.symmetric_encryption import (
-    bytes_to_public_key,
-    compute_hmac,
-    generate_shared_key,
     public_key_to_bytes,
+    sign_message,
 )
-from flwr.proto.fab_pb2 import GetFabRequest  # pylint: disable=E0611
-from flwr.proto.fleet_pb2 import (  # pylint: disable=E0611
-    CreateNodeRequest,
-    DeleteNodeRequest,
-    PingRequest,
-    PullMessagesRequest,
-    PullTaskInsRequest,
-    PushMessagesRequest,
-    PushTaskResRequest,
-)
-from flwr.proto.run_pb2 import GetRunRequest  # pylint: disable=E0611
-
-_PUBLIC_KEY_HEADER = "public-key"
-_AUTH_TOKEN_HEADER = "auth-token"
-
-Request = Union[
-    CreateNodeRequest,
-    DeleteNodeRequest,
-    PullTaskInsRequest,
-    PushTaskResRequest,
-    GetRunRequest,
-    PingRequest,
-    GetFabRequest,
-    PullMessagesRequest,
-    PushMessagesRequest,
-]
-
-
-def _get_value_from_tuples(
-    key_string: str, tuples: Sequence[tuple[str, Union[str, bytes]]]
-) -> bytes:
-    value = next((value for key, value in tuples if key == key_string), "")
-    if isinstance(value, str):
-        return value.encode()
-
-    return value
-
-
-class _ClientCallDetails(
-    collections.namedtuple(
-        "_ClientCallDetails", ("method", "timeout", "metadata", "credentials")
-    ),
-    grpc.ClientCallDetails,  # type: ignore
-):
-    """Details for each client call.
-
-    The class will be passed on as the first argument in continuation function.
-    In our case, `AuthenticateClientInterceptor` adds new metadata to the construct.
-    """
 
 
 class AuthenticateClientInterceptor(grpc.UnaryUnaryClientInterceptor):  # type: ignore
@@ -91,86 +38,33 @@ class AuthenticateClientInterceptor(grpc.UnaryUnaryClientInterceptor):  # type:
         public_key: ec.EllipticCurvePublicKey,
     ):
         self.private_key = private_key
-        self.public_key = public_key
-        self.shared_secret: Optional[bytes] = None
-        self.server_public_key: Optional[ec.EllipticCurvePublicKey] = None
-        self.encoded_public_key = base64.urlsafe_b64encode(
-            public_key_to_bytes(self.public_key)
-        )
+        self.public_key_bytes = public_key_to_bytes(public_key)
 
     def intercept_unary_unary(
         self,
         continuation: Callable[[Any, Any], Any],
         client_call_details: grpc.ClientCallDetails,
-        request: Request,
+        request: GrpcMessage,
     ) -> grpc.Call:
         """Flower client interceptor.
 
         Intercept unary call from client and add necessary authentication header in the
         RPC metadata.
         """
-        metadata = []
-        postprocess = False
-        if client_call_details.metadata is not None:
-            metadata = list(client_call_details.metadata)
-
-        # Always add the public key header
-        metadata.append(
-            (
-                _PUBLIC_KEY_HEADER,
-                self.encoded_public_key,
-            )
-        )
-
-        if isinstance(request, CreateNodeRequest):
-            postprocess = True
-        elif isinstance(
-            request,
-            (
-                DeleteNodeRequest,
-                PullTaskInsRequest,
-                PushTaskResRequest,
-                GetRunRequest,
-                PingRequest,
-                GetFabRequest,
-                PullMessagesRequest,
-                PushMessagesRequest,
-            ),
-        ):
-            if self.shared_secret is None:
-                raise RuntimeError("Failure to compute hmac")
-
-            message_bytes = request.SerializeToString(deterministic=True)
-            metadata.append(
-                (
-                    _AUTH_TOKEN_HEADER,
-                    base64.urlsafe_b64encode(
-                        compute_hmac(self.shared_secret, message_bytes)
-                    ),
-                )
-            )
+        metadata = list(client_call_details.metadata or [])
 
-        client_call_details = _ClientCallDetails(
-            client_call_details.method,
-            client_call_details.timeout,
-            metadata,
-            client_call_details.credentials,
-        )
+        # Add the public key
+        metadata.append((PUBLIC_KEY_HEADER, self.public_key_bytes))
 
-        response = continuation(client_call_details, request)
-        if postprocess:
-            server_public_key_bytes = base64.urlsafe_b64decode(
-                _get_value_from_tuples(_PUBLIC_KEY_HEADER, response.initial_metadata())
-            )
+        # Add timestamp
+        timestamp = now().isoformat()
+        metadata.append((TIMESTAMP_HEADER, timestamp))
 
-            if server_public_key_bytes != b"":
-                self.server_public_key = bytes_to_public_key(server_public_key_bytes)
-            else:
-                log(WARNING, "Can't get server public key, SuperLink may be offline")
+        # Sign and add the signature
+        signature = sign_message(self.private_key, timestamp.encode("ascii"))
+        metadata.append((SIGNATURE_HEADER, signature))
 
-            if self.server_public_key is not None:
-                self.shared_secret = generate_shared_key(
-                    self.private_key, self.server_public_key
-                )
+        # Overwrite the metadata
+        details = client_call_details._replace(metadata=metadata)
 
-        return response
+        return continuation(details, request)

flwr/common/config.py

@@ -17,13 +17,13 @@
 
 import os
 import re
+import zipfile
+from io import BytesIO
 from pathlib import Path
-from typing import Any, Optional, Union, cast, get_args
+from typing import IO, Any, Optional, Union, cast, get_args
 
 import tomli
 
-from flwr.cli.config_utils import get_fab_config, validate_fields
-from flwr.common import ConfigsRecord
 from flwr.common.constant import (
     APP_DIR,
     FAB_CONFIG_FILE,
@@ -33,6 +33,8 @@ from flwr.common.constant import (
 )
 from flwr.common.typing import Run, UserConfig, UserConfigValue
 
+from . import ConfigsRecord, object_ref
+
 
 def get_flwr_dir(provided_path: Optional[str] = None) -> Path:
     """Return the Flower home directory based on env variables."""
@@ -80,7 +82,7 @@ def get_project_config(project_dir: Union[str, Path]) -> dict[str, Any]:
         config = tomli.loads(toml_file.read())
 
     # Validate pyproject.toml fields
-    is_valid, errors, _ = validate_fields(config)
+    is_valid, errors, _ = validate_fields_in_config(config)
     if not is_valid:
         error_msg = "\n".join([f"  - {error}" for error in errors])
         raise ValueError(
@@ -227,10 +229,10 @@ def parse_config_args(
 
 
 def get_metadata_from_config(config: dict[str, Any]) -> tuple[str, str]:
-    """Extract `fab_version` and `fab_id` from a project config."""
+    """Extract `fab_id` and `fab_version` from a project config."""
     return (
-        config["project"]["version"],
         f"{config['tool']['flwr']['app']['publisher']}/{config['project']['name']}",
+        config["project"]["version"],
     )
 
 
@@ -241,3 +243,127 @@ def user_config_to_configsrecord(config: UserConfig) -> ConfigsRecord:
         c_record[k] = v
 
     return c_record
+
+
+def get_fab_config(fab_file: Union[Path, bytes]) -> dict[str, Any]:
+    """Extract the config from a FAB file or path.
+
+    Parameters
+    ----------
+    fab_file : Union[Path, bytes]
+        The Flower App Bundle file to validate and extract the metadata from.
+        It can either be a path to the file or the file itself as bytes.
+
+    Returns
+    -------
+    Dict[str, Any]
+        The `config` of the given Flower App Bundle.
+    """
+    fab_file_archive: Union[Path, IO[bytes]]
+    if isinstance(fab_file, bytes):
+        fab_file_archive = BytesIO(fab_file)
+    elif isinstance(fab_file, Path):
+        fab_file_archive = fab_file
+    else:
+        raise ValueError("fab_file must be either a Path or bytes")
+
+    with zipfile.ZipFile(fab_file_archive, "r") as zipf:
+        with zipf.open("pyproject.toml") as file:
+            toml_content = file.read().decode("utf-8")
+        try:
+            conf = tomli.loads(toml_content)
+        except tomli.TOMLDecodeError:
+            raise ValueError("Invalid TOML content in pyproject.toml") from None
+
+        is_valid, errors, _ = validate_config(conf, check_module=False)
+        if not is_valid:
+            raise ValueError(errors)
+
+        return conf
+
+
+def _validate_run_config(config_dict: dict[str, Any], errors: list[str]) -> None:
+    for key, value in config_dict.items():
+        if isinstance(value, dict):
+            _validate_run_config(config_dict[key], errors)
+        elif not isinstance(value, get_args(UserConfigValue)):
+            raise ValueError(
+                f"The value for key {key} needs to be of type `int`, `float`, "
+                "`bool, `str`, or  a `dict` of those.",
+            )
+
+
+# pylint: disable=too-many-branches
+def validate_fields_in_config(
+    config: dict[str, Any]
+) -> tuple[bool, list[str], list[str]]:
+    """Validate pyproject.toml fields."""
+    errors = []
+    warnings = []
+
+    if "project" not in config:
+        errors.append("Missing [project] section")
+    else:
+        if "name" not in config["project"]:
+            errors.append('Property "name" missing in [project]')
+        if "version" not in config["project"]:
+            errors.append('Property "version" missing in [project]')
+        if "description" not in config["project"]:
+            warnings.append('Recommended property "description" missing in [project]')
+        if "license" not in config["project"]:
+            warnings.append('Recommended property "license" missing in [project]')
+        if "authors" not in config["project"]:
+            warnings.append('Recommended property "authors" missing in [project]')
+
+    if (
+        "tool" not in config
+        or "flwr" not in config["tool"]
+        or "app" not in config["tool"]["flwr"]
+    ):
+        errors.append("Missing [tool.flwr.app] section")
+    else:
+        if "publisher" not in config["tool"]["flwr"]["app"]:
+            errors.append('Property "publisher" missing in [tool.flwr.app]')
+        if "config" in config["tool"]["flwr"]["app"]:
+            _validate_run_config(config["tool"]["flwr"]["app"]["config"], errors)
+        if "components" not in config["tool"]["flwr"]["app"]:
+            errors.append("Missing [tool.flwr.app.components] section")
+        else:
+            if "serverapp" not in config["tool"]["flwr"]["app"]["components"]:
+                errors.append(
+                    'Property "serverapp" missing in [tool.flwr.app.components]'
+                )
+            if "clientapp" not in config["tool"]["flwr"]["app"]["components"]:
+                errors.append(
+                    'Property "clientapp" missing in [tool.flwr.app.components]'
+                )
+
+    return len(errors) == 0, errors, warnings
+
+
+def validate_config(
+    config: dict[str, Any],
+    check_module: bool = True,
+    project_dir: Optional[Union[str, Path]] = None,
+) -> tuple[bool, list[str], list[str]]:
+    """Validate pyproject.toml."""
+    is_valid, errors, warnings = validate_fields_in_config(config)
+
+    if not is_valid:
+        return False, errors, warnings
+
+    # Validate serverapp
+    serverapp_ref = config["tool"]["flwr"]["app"]["components"]["serverapp"]
+    is_valid, reason = object_ref.validate(serverapp_ref, check_module, project_dir)
+
+    if not is_valid and isinstance(reason, str):
+        return False, [reason], []
+
+    # Validate clientapp
+    clientapp_ref = config["tool"]["flwr"]["app"]["components"]["clientapp"]
+    is_valid, reason = object_ref.validate(clientapp_ref, check_module, project_dir)
+
+    if not is_valid and isinstance(reason, str):
+        return False, [reason], []
+
+    return True, [], []

flwr/common/constant.py

@@ -112,6 +112,12 @@ AUTH_TYPE = "auth_type"
 ACCESS_TOKEN_KEY = "access_token"
 REFRESH_TOKEN_KEY = "refresh_token"
 
+# Constants for node authentication
+PUBLIC_KEY_HEADER = "public-key-bin"  # Must end with "-bin" for binary data
+SIGNATURE_HEADER = "signature-bin"  # Must end with "-bin" for binary data
+TIMESTAMP_HEADER = "timestamp"
+TIMESTAMP_TOLERANCE = 10  # Tolerance for timestamp verification
+
 
 class MessageType:
     """Message type."""

flwr/common/exit/exit_code.py

@@ -39,10 +39,12 @@ class ExitCode:
 
     # ClientApp-specific exit codes (400-499)
 
-    # Common exit codes (500-)
-    COMMON_ADDRESS_INVALID = 500
-    COMMON_MISSING_EXTRA_REST = 501
-    COMMON_TLS_NOT_SUPPORTED = 502
+    # Simulation-specific exit codes (500-599)
+
+    # Common exit codes (600-)
+    COMMON_ADDRESS_INVALID = 600
+    COMMON_MISSING_EXTRA_REST = 601
+    COMMON_TLS_NOT_SUPPORTED = 602
 
     def __new__(cls) -> ExitCode:
         """Prevent instantiation."""
@@ -75,7 +77,8 @@ EXIT_CODE_HELP = {
         "file and try again."
     ),
     # ClientApp-specific exit codes (400-499)
-    # Common exit codes (500-)
+    # Simulation-specific exit codes (500-599)
+    # Common exit codes (600-)
     ExitCode.COMMON_ADDRESS_INVALID: (
         "Please provide a valid URL, IPv4 or IPv6 address."
     ),

flwr/server/superlink/fleet/grpc_adapter/grpc_adapter_servicer.py

@@ -15,7 +15,7 @@
 """Fleet API gRPC adapter servicer."""
 
 
-from logging import DEBUG, INFO
+from logging import DEBUG
 from typing import Callable, TypeVar
 
 import grpc
@@ -31,35 +31,30 @@ from flwr.common.constant import (
 from flwr.common.logger import log
 from flwr.common.version import package_name, package_version
 from flwr.proto import grpcadapter_pb2_grpc  # pylint: disable=E0611
-from flwr.proto.fab_pb2 import GetFabRequest, GetFabResponse  # pylint: disable=E0611
+from flwr.proto.fab_pb2 import GetFabRequest  # pylint: disable=E0611
 from flwr.proto.fleet_pb2 import (  # pylint: disable=E0611
     CreateNodeRequest,
-    CreateNodeResponse,
     DeleteNodeRequest,
-    DeleteNodeResponse,
     PingRequest,
-    PingResponse,
-    PullTaskInsRequest,
-    PullTaskInsResponse,
-    PushTaskResRequest,
-    PushTaskResResponse,
+    PullMessagesRequest,
+    PushMessagesRequest,
 )
 from flwr.proto.grpcadapter_pb2 import MessageContainer  # pylint: disable=E0611
-from flwr.proto.run_pb2 import GetRunRequest, GetRunResponse  # pylint: disable=E0611
-from flwr.server.superlink.ffs.ffs_factory import FfsFactory
-from flwr.server.superlink.fleet.message_handler import message_handler
-from flwr.server.superlink.linkstate import LinkStateFactory
+from flwr.proto.run_pb2 import GetRunRequest  # pylint: disable=E0611
+
+from ..grpc_rere.fleet_servicer import FleetServicer
 
 T = TypeVar("T", bound=GrpcMessage)
 
 
 def _handle(
     msg_container: MessageContainer,
+    context: grpc.ServicerContext,
     request_type: type[T],
-    handler: Callable[[T], GrpcMessage],
+    handler: Callable[[T, grpc.ServicerContext], GrpcMessage],
 ) -> MessageContainer:
     req = request_type.FromString(msg_container.grpc_message_content)
-    res = handler(req)
+    res = handler(req, context)
     res_cls = res.__class__
     return MessageContainer(
         metadata={
@@ -74,89 +69,26 @@ def _handle(
     )
 
 
-class GrpcAdapterServicer(grpcadapter_pb2_grpc.GrpcAdapterServicer):
+class GrpcAdapterServicer(grpcadapter_pb2_grpc.GrpcAdapterServicer, FleetServicer):
     """Fleet API via GrpcAdapter servicer."""
 
-    def __init__(
-        self, state_factory: LinkStateFactory, ffs_factory: FfsFactory
-    ) -> None:
-        self.state_factory = state_factory
-        self.ffs_factory = ffs_factory
-
     def SendReceive(  # pylint: disable=too-many-return-statements
         self, request: MessageContainer, context: grpc.ServicerContext
     ) -> MessageContainer:
         """."""
         log(DEBUG, "GrpcAdapterServicer.SendReceive")
         if request.grpc_message_name == CreateNodeRequest.__qualname__:
-            return _handle(request, CreateNodeRequest, self._create_node)
+            return _handle(request, context, CreateNodeRequest, self.CreateNode)
         if request.grpc_message_name == DeleteNodeRequest.__qualname__:
-            return _handle(request, DeleteNodeRequest, self._delete_node)
+            return _handle(request, context, DeleteNodeRequest, self.DeleteNode)
         if request.grpc_message_name == PingRequest.__qualname__:
-            return _handle(request, PingRequest, self._ping)
-        if request.grpc_message_name == PullTaskInsRequest.__qualname__:
-            return _handle(request, PullTaskInsRequest, self._pull_task_ins)
-        if request.grpc_message_name == PushTaskResRequest.__qualname__:
-            return _handle(request, PushTaskResRequest, self._push_task_res)
+            return _handle(request, context, PingRequest, self.Ping)
         if request.grpc_message_name == GetRunRequest.__qualname__:
-            return _handle(request, GetRunRequest, self._get_run)
+            return _handle(request, context, GetRunRequest, self.GetRun)
         if request.grpc_message_name == GetFabRequest.__qualname__:
-            return _handle(request, GetFabRequest, self._get_fab)
+            return _handle(request, context, GetFabRequest, self.GetFab)
+        if request.grpc_message_name == PullMessagesRequest.__qualname__:
+            return _handle(request, context, PullMessagesRequest, self.PullMessages)
+        if request.grpc_message_name == PushMessagesRequest.__qualname__:
+            return _handle(request, context, PushMessagesRequest, self.PushMessages)
         raise ValueError(f"Invalid grpc_message_name: {request.grpc_message_name}")
-
-    def _create_node(self, request: CreateNodeRequest) -> CreateNodeResponse:
-        """."""
-        log(INFO, "GrpcAdapter.CreateNode")
-        return message_handler.create_node(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _delete_node(self, request: DeleteNodeRequest) -> DeleteNodeResponse:
-        """."""
-        log(INFO, "GrpcAdapter.DeleteNode")
-        return message_handler.delete_node(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _ping(self, request: PingRequest) -> PingResponse:
-        """."""
-        log(DEBUG, "GrpcAdapter.Ping")
-        return message_handler.ping(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _pull_task_ins(self, request: PullTaskInsRequest) -> PullTaskInsResponse:
-        """Pull TaskIns."""
-        log(INFO, "GrpcAdapter.PullTaskIns")
-        return message_handler.pull_task_ins(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _push_task_res(self, request: PushTaskResRequest) -> PushTaskResResponse:
-        """Push TaskRes."""
-        log(INFO, "GrpcAdapter.PushTaskRes")
-        return message_handler.push_task_res(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _get_run(self, request: GetRunRequest) -> GetRunResponse:
-        """Get run information."""
-        log(INFO, "GrpcAdapter.GetRun")
-        return message_handler.get_run(
-            request=request,
-            state=self.state_factory.state(),
-        )
-
-    def _get_fab(self, request: GetFabRequest) -> GetFabResponse:
-        """Get FAB."""
-        log(INFO, "GrpcAdapter.GetFab")
-        return message_handler.get_fab(
-            request=request,
-            ffs=self.ffs_factory.ffs(),
-            state=self.state_factory.state(),
-        )

flwr/server/superlink/fleet/grpc_rere/server_interceptor.py

@@ -15,91 +15,54 @@
 """Flower server interceptor."""
 
 
-import base64
-from collections.abc import Sequence
-from logging import INFO, WARNING
-from typing import Any, Callable, Optional, Union
+import datetime
+from typing import Any, Callable, Optional, cast
 
 import grpc
-from cryptography.hazmat.primitives.asymmetric import ec
-
-from flwr.common.logger import log
+from google.protobuf.message import Message as GrpcMessage
+
+from flwr.common import now
+from flwr.common.constant import (
+    PUBLIC_KEY_HEADER,
+    SIGNATURE_HEADER,
+    TIMESTAMP_HEADER,
+    TIMESTAMP_TOLERANCE,
+)
 from flwr.common.secure_aggregation.crypto.symmetric_encryption import (
-    bytes_to_private_key,
     bytes_to_public_key,
-    generate_shared_key,
-    verify_hmac,
+    verify_signature,
 )
-from flwr.proto.fab_pb2 import GetFabRequest, GetFabResponse  # pylint: disable=E0611
 from flwr.proto.fleet_pb2 import (  # pylint: disable=E0611
     CreateNodeRequest,
     CreateNodeResponse,
-    DeleteNodeRequest,
-    DeleteNodeResponse,
-    PingRequest,
-    PingResponse,
-    PullTaskInsRequest,
-    PullTaskInsResponse,
-    PushTaskResRequest,
-    PushTaskResResponse,
 )
-from flwr.proto.node_pb2 import Node  # pylint: disable=E0611
-from flwr.proto.run_pb2 import GetRunRequest, GetRunResponse  # pylint: disable=E0611
 from flwr.server.superlink.linkstate import LinkStateFactory
 
-_PUBLIC_KEY_HEADER = "public-key"
-_AUTH_TOKEN_HEADER = "auth-token"
-
-Request = Union[
-    CreateNodeRequest,
-    DeleteNodeRequest,
-    PullTaskInsRequest,
-    PushTaskResRequest,
-    GetRunRequest,
-    PingRequest,
-    GetFabRequest,
-]
-
-Response = Union[
-    CreateNodeResponse,
-    DeleteNodeResponse,
-    PullTaskInsResponse,
-    PushTaskResResponse,
-    GetRunResponse,
-    PingResponse,
-    GetFabResponse,
-]
-
 
-def _get_value_from_tuples(
-    key_string: str, tuples: Sequence[tuple[str, Union[str, bytes]]]
-) -> bytes:
-    value = next((value for key, value in tuples if key == key_string), "")
-    if isinstance(value, str):
-        return value.encode()
+def _unary_unary_rpc_terminator(message: str) -> grpc.RpcMethodHandler:
+    def terminate(_request: GrpcMessage, context: grpc.ServicerContext) -> GrpcMessage:
+        context.abort(grpc.StatusCode.UNAUTHENTICATED, message)
+        raise RuntimeError("Should not reach this point")  # Make mypy happy
 
-    return value
+    return grpc.unary_unary_rpc_method_handler(terminate)
 
 
 class AuthenticateServerInterceptor(grpc.ServerInterceptor):  # type: ignore
-    """Server interceptor for node authentication."""
-
-    def __init__(self, state_factory: LinkStateFactory):
+    """Server interceptor for node authentication.
+
+    Parameters
+    ----------
+    state_factory : LinkStateFactory
+        A factory for creating new instances of LinkState.
+    auto_auth : bool (default: False)
+        If True, nodes are authenticated without requiring their public keys to be
+        pre-stored in the LinkState. If False, only nodes with pre-stored public keys
+        can be authenticated.
+    """
+
+    def __init__(self, state_factory: LinkStateFactory, auto_auth: bool = False):
         self.state_factory = state_factory
-        state = self.state_factory.state()
-
-        self.node_public_keys = state.get_node_public_keys()
-        if len(self.node_public_keys) == 0:
-            log(WARNING, "Authentication enabled, but no known public keys configured")
-
-        private_key = state.get_server_private_key()
-        public_key = state.get_server_public_key()
-
-        if private_key is None or public_key is None:
-            raise ValueError("Error loading authentication keys")
-
-        self.server_private_key = bytes_to_private_key(private_key)
-        self.encoded_server_public_key = base64.urlsafe_b64encode(public_key)
+        self.auto_auth = auto_auth
 
     def intercept_service(
         self,
@@ -112,117 +75,80 @@ class AuthenticateServerInterceptor(grpc.ServerInterceptor):  # type: ignore
         metadata sent by the node. Continue RPC call if node is authenticated, else,
         terminate RPC call by setting context to abort.
         """
+        state = self.state_factory.state()
+        metadata_dict = dict(handler_call_details.invocation_metadata)
+
+        # Retrieve info from the metadata
+        try:
+            node_pk_bytes = cast(bytes, metadata_dict[PUBLIC_KEY_HEADER])
+            timestamp_iso = cast(str, metadata_dict[TIMESTAMP_HEADER])
+            signature = cast(bytes, metadata_dict[SIGNATURE_HEADER])
+        except KeyError:
+            return _unary_unary_rpc_terminator("Missing authentication metadata")
+
+        if not self.auto_auth:
+            # Abort the RPC call if the node public key is not found
+            if node_pk_bytes not in state.get_node_public_keys():
+                return _unary_unary_rpc_terminator("Public key not recognized")
+
+        # Verify the signature
+        node_pk = bytes_to_public_key(node_pk_bytes)
+        if not verify_signature(node_pk, timestamp_iso.encode("ascii"), signature):
+            return _unary_unary_rpc_terminator("Invalid signature")
+
+        # Verify the timestamp
+        current = now()
+        time_diff = current - datetime.datetime.fromisoformat(timestamp_iso)
+        # Abort the RPC call if the timestamp is too old or in the future
+        if not 0 < time_diff.total_seconds() < TIMESTAMP_TOLERANCE:
+            return _unary_unary_rpc_terminator("Invalid timestamp")
+
+        # Continue the RPC call
+        expected_node_id = state.get_node_id(node_pk_bytes)
+        if not handler_call_details.method.endswith("CreateNode"):
+            if expected_node_id is None:
+                return _unary_unary_rpc_terminator("Invalid node ID")
         # One of the method handlers in
         # `flwr.server.superlink.fleet.grpc_rere.fleet_server.FleetServicer`
         method_handler: grpc.RpcMethodHandler = continuation(handler_call_details)
-        return self._generic_auth_unary_method_handler(method_handler)
+        return self._wrap_method_handler(
+            method_handler, expected_node_id, node_pk_bytes
+        )
 
-    def _generic_auth_unary_method_handler(
-        self, method_handler: grpc.RpcMethodHandler
+    def _wrap_method_handler(
+        self,
+        method_handler: grpc.RpcMethodHandler,
+        expected_node_id: Optional[int],
+        node_public_key: bytes,
     ) -> grpc.RpcMethodHandler:
         def _generic_method_handler(
-            request: Request,
+            request: GrpcMessage,
             context: grpc.ServicerContext,
-        ) -> Response:
-            node_public_key_bytes = base64.urlsafe_b64decode(
-                _get_value_from_tuples(
-                    _PUBLIC_KEY_HEADER, context.invocation_metadata()
-                )
-            )
-            if node_public_key_bytes not in self.node_public_keys:
-                context.abort(grpc.StatusCode.UNAUTHENTICATED, "Access denied")
-
-            if isinstance(request, CreateNodeRequest):
-                response = self._create_authenticated_node(
-                    node_public_key_bytes, request, context
-                )
-                log(
-                    INFO,
-                    "AuthenticateServerInterceptor: Created node_id=%s",
-                    response.node.node_id,
-                )
-                return response
-
-            # Verify hmac value
-            hmac_value = base64.urlsafe_b64decode(
-                _get_value_from_tuples(
-                    _AUTH_TOKEN_HEADER, context.invocation_metadata()
-                )
-            )
-            public_key = bytes_to_public_key(node_public_key_bytes)
-
-            if not self._verify_hmac(public_key, request, hmac_value):
-                context.abort(grpc.StatusCode.UNAUTHENTICATED, "Access denied")
-
-            # Verify node_id
-            node_id = self.state_factory.state().get_node_id(node_public_key_bytes)
-
-            if not self._verify_node_id(node_id, request):
-                context.abort(grpc.StatusCode.UNAUTHENTICATED, "Access denied")
-
-            return method_handler.unary_unary(request, context)  # type: ignore
+        ) -> GrpcMessage:
+            # Verify the node ID
+            if not isinstance(request, CreateNodeRequest):
+                try:
+                    if request.node.node_id != expected_node_id:  # type: ignore
+                        raise ValueError
+                except (AttributeError, ValueError):
+                    context.abort(grpc.StatusCode.UNAUTHENTICATED, "Invalid node ID")
+
+            response: GrpcMessage = method_handler.unary_unary(request, context)
+
+            # Set the public key after a successful CreateNode request
+            if isinstance(response, CreateNodeResponse):
+                state = self.state_factory.state()
+                try:
+                    state.set_node_public_key(response.node.node_id, node_public_key)
+                except ValueError as e:
+                    # Remove newly created node if setting the public key fails
+                    state.delete_node(response.node.node_id)
+                    context.abort(grpc.StatusCode.UNAUTHENTICATED, str(e))
+
+            return response
 
         return grpc.unary_unary_rpc_method_handler(
             _generic_method_handler,
             request_deserializer=method_handler.request_deserializer,
             response_serializer=method_handler.response_serializer,
         )
-
-    def _verify_node_id(
-        self,
-        node_id: Optional[int],
-        request: Union[
-            DeleteNodeRequest,
-            PullTaskInsRequest,
-            PushTaskResRequest,
-            GetRunRequest,
-            PingRequest,
-            GetFabRequest,
-        ],
-    ) -> bool:
-        if node_id is None:
-            return False
-        if isinstance(request, PushTaskResRequest):
-            if len(request.task_res_list) == 0:
-                return False
-            return request.task_res_list[0].task.producer.node_id == node_id
-        if isinstance(request, GetRunRequest):
-            return node_id in self.state_factory.state().get_nodes(request.run_id)
-        return request.node.node_id == node_id
-
-    def _verify_hmac(
-        self, public_key: ec.EllipticCurvePublicKey, request: Request, hmac_value: bytes
-    ) -> bool:
-        shared_secret = generate_shared_key(self.server_private_key, public_key)
-        message_bytes = request.SerializeToString(deterministic=True)
-        return verify_hmac(shared_secret, message_bytes, hmac_value)
-
-    def _create_authenticated_node(
-        self,
-        public_key_bytes: bytes,
-        request: CreateNodeRequest,
-        context: grpc.ServicerContext,
-    ) -> CreateNodeResponse:
-        context.send_initial_metadata(
-            (
-                (
-                    _PUBLIC_KEY_HEADER,
-                    self.encoded_server_public_key,
-                ),
-            )
-        )
-        state = self.state_factory.state()
-        node_id = state.get_node_id(public_key_bytes)
-
-        # Handle `CreateNode` here instead of calling the default method handler
-        # Return previously assigned `node_id` for the provided `public_key`
-        if node_id is not None:
-            state.acknowledge_ping(node_id, request.ping_interval)
-            return CreateNodeResponse(node=Node(node_id=node_id))
-
-        # No `node_id` exists for the provided `public_key`
-        # Handle `CreateNode` here instead of calling the default method handler
-        # Note: the innermost `CreateNode` method will never be called
-        node_id = state.create_node(request.ping_interval)
-        state.set_node_public_key(node_id, public_key_bytes)
-        return CreateNodeResponse(node=Node(node_id=node_id))

flwr/simulation/app.py

@@ -16,7 +16,6 @@
 
 
 import argparse
-import sys
 from logging import DEBUG, ERROR, INFO
 from queue import Queue
 from time import sleep
@@ -39,6 +38,7 @@ from flwr.common.constant import (
     Status,
     SubStatus,
 )
+from flwr.common.exit import ExitCode, flwr_exit
 from flwr.common.logger import (
     log,
     mirror_output_to_queue,
@@ -81,12 +81,10 @@ def flwr_simulation() -> None:
     log(INFO, "Starting Flower Simulation")
 
     if not args.insecure:
-        log(
-            ERROR,
-            "`flwr-simulation` does not support TLS yet. "
-            "Please use the '--insecure' flag.",
+        flwr_exit(
+            ExitCode.COMMON_TLS_NOT_SUPPORTED,
+            "`flwr-simulation` does not support TLS yet. ",
         )
-        sys.exit(1)
 
     log(
         DEBUG,

{flwr_nightly-1.15.0.dev20250121.dist-info → flwr_nightly-1.15.0.dev20250122.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: flwr-nightly
-Version: 1.15.0.dev20250121
+Version: 1.15.0.dev20250122
 Summary: Flower: A Friendly Federated AI Framework
 Home-page: https://flower.ai
 License: Apache-2.0

{flwr_nightly-1.15.0.dev20250121.dist-info → flwr_nightly-1.15.0.dev20250122.dist-info}/RECORD

@@ -3,9 +3,9 @@ flwr/cli/__init__.py,sha256=cZJVgozlkC6Ni2Hd_FAIrqefrkCGOV18fikToq-6iLw,720
 flwr/cli/app.py,sha256=UeXrW5gxrUnFViDjAMIxGNZZKwu3a1oAj83v53IWIWM,1382
 flwr/cli/build.py,sha256=4P70i_FnUs0P21aTwjTXtFQSAfY-C04hUDF-2npfJdo,6345
 flwr/cli/cli_user_auth_interceptor.py,sha256=aZepPA298s-HjGmkJGMvI_uZe72O5aLC3jri-ilG53o,3126
-flwr/cli/config_utils.py,sha256=I4_EMv2f68mfrL_QuOYoAG--yDfKisE7tGiIg09G2YQ,12079
+flwr/cli/config_utils.py,sha256=u4VMNgNTj1mGgCVzV4KfBz3Nyn0j46KJ-Ii8dUgZ4OM,7196
 flwr/cli/example.py,sha256=uk5CoD0ZITgpY_ffsTbEKf8XOOCSUzByjHPcMSPqV18,2216
-flwr/cli/install.py,sha256=0AD0qJD79SKgBnWOQlphcubfr4zHk8jTpFgwZbJBI_g,8180
+flwr/cli/install.py,sha256=-RnrYGejN_zyXXp_CoddSQwoQfRTWWyt9WYlxphJzyU,8180
 flwr/cli/log.py,sha256=O7MBpsJp114PIZb-7Cru-KM6fqyneFQkqoQbQsqQmZU,6121
 flwr/cli/login/__init__.py,sha256=6_9zOzbPOAH72K2wX3-9dXTAbS7Mjpa5sEn2lA6eHHI,800
 flwr/cli/login/login.py,sha256=VaBPQBdLYmSfxXEJWVyu8U5dXztQgIv6rfTJkvz3zV8,3025
@@ -75,14 +75,14 @@ flwr/client/client_app.py,sha256=cTig-N00YzTucbo9zNi6I21J8PlbflU_8J_f5CI-Wpw,103
 flwr/client/clientapp/__init__.py,sha256=kZqChGnTChQ1WGSUkIlW2S5bc0d0mzDubCAmZUGRpEY,800
 flwr/client/clientapp/app.py,sha256=O2dghU6PBXeU6kK5Ihj2-8cKAzXIC1efyZv4aulqHU4,8952
 flwr/client/clientapp/clientappio_servicer.py,sha256=5L6bjw_j3Mnx9kRFwYwxDNABKurBO5q1jZOWE_X11wQ,8522
-flwr/client/clientapp/utils.py,sha256=TTihPRO_AUhA3ZCszPsLyLZ30D_tnhTfe1ndMNVOBPg,4344
+flwr/client/clientapp/utils.py,sha256=qqTw9PKPCldGnnbAbMhtS-Qs_GcqADE1eOtVPXeKYAo,4344
 flwr/client/dpfedavg_numpy_client.py,sha256=4KsEvzavDKyVDU1V0kMqffTwu1lNdUCYQN-i0DTYVN8,7404
 flwr/client/grpc_adapter_client/__init__.py,sha256=QyNWIbsq9DpyMk7oemiO1P3TBFfkfkctnJ1JoAkTl3s,742
 flwr/client/grpc_adapter_client/connection.py,sha256=nV-hPd5q5Eblg6PgUrGGYj74mbE1a0qjfN8G3wzJVAc,4006
 flwr/client/grpc_client/__init__.py,sha256=LsnbqXiJhgQcB0XzAlUQgPx011Uf7Y7yabIC1HxivJ8,735
 flwr/client/grpc_client/connection.py,sha256=Y6VDDDEHCPlGxSf-bEyBua_khnY_F1OoXD-8gpIcYhE,9171
 flwr/client/grpc_rere_client/__init__.py,sha256=MK-oSoV3kwUEQnIwl0GN4OpiHR7eLOrMA8ikunET130,752
-flwr/client/grpc_rere_client/client_interceptor.py,sha256=9BEZNOHxNJFxIuXc9KzBF0ZkXECtOm7RgnZ9yHVUxCQ,5554
+flwr/client/grpc_rere_client/client_interceptor.py,sha256=8yX2jhwfX9r1PO76ZdME4tPefutnQqWPi7kELriBMUo,2451
 flwr/client/grpc_rere_client/connection.py,sha256=9XBcTn4myN_pgAGM6QFQ2Q35clSqxfgY8irrChQuF6I,11668
 flwr/client/grpc_rere_client/grpc_adapter.py,sha256=VrSqHosRcWv8xDLKEabuzyHpVnRhjAEJf_MUFQxhDh8,6155
 flwr/client/heartbeat.py,sha256=cx37mJBH8LyoIN4Lks85wtqT1mnU5GulQnr4pGCvAq0,2404
@@ -113,8 +113,8 @@ flwr/common/address.py,sha256=9KNYE69WW_QVcyumsux3Qn1wmn4J7f13Y9nHASpvzbA,3018
 flwr/common/args.py,sha256=bCvtG0hhh_hVjl9NoWsY_g7kLMIN3jCN7B883HvZ7hg,6223
 flwr/common/auth_plugin/__init__.py,sha256=1Y8Oj3iB49IHDu9tvDih1J74Ygu7k85V9s2A4WORPyA,887
 flwr/common/auth_plugin/auth_plugin.py,sha256=wgDorBUB4IkK6twQ8vNawRVz7BDPmKdXZBNLqhU9RSs,3871
-flwr/common/config.py,sha256=vmPwtRu7JIoGCke03pJlsyrA6zTlN43flzQx-4AX1mE,8099
-flwr/common/constant.py,sha256=-YIo0mQS-RExu1pEhWaQZllZxomIAjLYo7F3Zac7wEc,5917
+flwr/common/config.py,sha256=GEnOmW1vw-0IF-NkekyXQLYqstSqetZFEtT_SShyBgA,12693
+flwr/common/constant.py,sha256=FLqav6UCcdCG61XZr31fmAFqOu4WRFG8zcbnwUyYJ4w,6202
 flwr/common/context.py,sha256=uJ-mnoC_8y_udEb3kAX-r8CPphNTWM72z1AlsvQEu54,2403
 flwr/common/date.py,sha256=NHHpESce5wYqEwoDXf09gp9U9l_5Bmlh2BsOcwS-kDM,1554
 flwr/common/differential_privacy.py,sha256=XwcJ3rWr8S8BZUocc76vLSJAXIf6OHnWkBV6-xlIRuw,6106
@@ -122,7 +122,7 @@ flwr/common/differential_privacy_constants.py,sha256=c7b7tqgvT7yMK0XN9ndiTBs4mQf
 flwr/common/dp.py,sha256=vddkvyjV2FhRoN4VuU2LeAM1UBn7dQB8_W-Qdiveal8,1978
 flwr/common/exit/__init__.py,sha256=-ZOJYLaNnR729a7VzZiFsLiqngzKQh3xc27svYStZ_Q,826
 flwr/common/exit/exit.py,sha256=DmZFyksp-w1sFDQekq5Z-qfnr-ivCAv78aQkqj-TDps,3458
-flwr/common/exit/exit_code.py,sha256=ffz81LCfi5BCZwifnqZKa-2Eg3VaYpPHZBlKwv5GBUo,3375
+flwr/common/exit/exit_code.py,sha256=PNEnCrZfOILjfDAFu5m-2YWEJBrk97xglq4zCUlqV7E,3470
 flwr/common/exit_handlers.py,sha256=Dke87CC6d6b6kqkC2mF0I4JsP4mHhlQTFxkS4sKKgyw,3308
 flwr/common/grpc.py,sha256=GCdiTCppW-clhzOo7OIJbsKIWKnJ9pqNTsAKhj7y4So,9646
 flwr/common/logger.py,sha256=UPyI_98EDibqgf3epgWxFHxdXgYReSWtaKFf9Mj0hd0,12306
@@ -269,7 +269,7 @@ flwr/server/superlink/ffs/ffs.py,sha256=qLI1UfosJugu2BKOJWqHIhafTm-YiuKqGf3OGWPH
 flwr/server/superlink/ffs/ffs_factory.py,sha256=N_eMuUZggotdGiDQ5r_Tf21xsu_ob0e3jyM6ag7d3kk,1490
 flwr/server/superlink/fleet/__init__.py,sha256=76od-HhYjOUoZFLFDFCFnNHI4JLAmaXQEAyp7LWlQpc,711
 flwr/server/superlink/fleet/grpc_adapter/__init__.py,sha256=spBQQJeYz8zPOBOfyMLv87kqWPASGB73AymcLXdFaYA,742
-flwr/server/superlink/fleet/grpc_adapter/grpc_adapter_servicer.py,sha256=u3CR2oeNRBIINksenwcZREurIPqKds3JBEAVBhJjRS8,6413
+flwr/server/superlink/fleet/grpc_adapter/grpc_adapter_servicer.py,sha256=RLYHmuNBtv7DUyxrUu6hmjqkum_WEsTP3RMpbqnVGic,4160
 flwr/server/superlink/fleet/grpc_bidi/__init__.py,sha256=dkSKQMuMTYh1qSnuN87cAPv_mcdLg3f0PqTABHs8gUE,735
 flwr/server/superlink/fleet/grpc_bidi/flower_service_servicer.py,sha256=ud08wi9j8OYRYVTIioL1xenOgrEbtS7afyr8MnQEk4I,6021
 flwr/server/superlink/fleet/grpc_bidi/grpc_bridge.py,sha256=JkAH_nIZaqe_9kntrg26od_jaz5XdLFuvNMgGu8xk9Q,6485
@@ -277,7 +277,7 @@ flwr/server/superlink/fleet/grpc_bidi/grpc_client_proxy.py,sha256=h3EhqgelegVC4E
 flwr/server/superlink/fleet/grpc_bidi/grpc_server.py,sha256=mxPxyEF0IW0vV41Bqk1zfKOdRDEvXPwzJyMiRMg7nTI,5173
 flwr/server/superlink/fleet/grpc_rere/__init__.py,sha256=j2hyC342am-_Hgp1g80Y3fGDzfTI6n8QOOn2PyWf4eg,758
 flwr/server/superlink/fleet/grpc_rere/fleet_servicer.py,sha256=EVx3rHX8WjUXVX7Svki5ihsA1aIZkpOMLv0aQv9Rjjw,6656
-flwr/server/superlink/fleet/grpc_rere/server_interceptor.py,sha256=NXih_xTErEp13CaeQKKPoM38vcXAQl7mXZgps4no9l4,8308
+flwr/server/superlink/fleet/grpc_rere/server_interceptor.py,sha256=zf58FXJ4S-k4kUh-LWcz6O6AWRcxs_ZGNQtUDDM7FVw,6307
 flwr/server/superlink/fleet/message_handler/__init__.py,sha256=h8oLD7uo5lKICPy0rRdKRjTYe62u8PKkT_fA4xF5JPA,731
 flwr/server/superlink/fleet/message_handler/message_handler.py,sha256=5QRqE0w8Kb-M2cEiPNIdKkPc17CEGHvNYjMpGOfgOlE,6886
 flwr/server/superlink/fleet/rest_rere/__init__.py,sha256=5jbYbAn75sGv-gBwOPDySE0kz96F6dTYLeMrGqNi4lM,735
@@ -308,7 +308,7 @@ flwr/server/workflow/secure_aggregation/__init__.py,sha256=3XlgDOjD_hcukTGl6Bc1B
 flwr/server/workflow/secure_aggregation/secagg_workflow.py,sha256=l2IdMdJjs1bgHs5vQgLSOVzar7v2oxUn46oCrnVE1rM,5839
 flwr/server/workflow/secure_aggregation/secaggplus_workflow.py,sha256=rfn2etO1nb7u-1oRl-H9q3enJZz3shMINZaBB7rPsC4,29671
 flwr/simulation/__init__.py,sha256=5UcDVJNjFoSwWqHbGM1hKfTTUUNdwAtuoNvNrfvdkUY,1556
-flwr/simulation/app.py,sha256=cQgIJJujFUpBCcydxgakNygibf3Iww6OAWRo7Sq6y8w,9754
+flwr/simulation/app.py,sha256=xRVSJBnTXQUqWIYOzENfTnJlZ24CSNhWkhVEFxIu4I0,9758
 flwr/simulation/legacy_app.py,sha256=qpZI4Vvzr5TyWSLTRrMP-jN4rH2C25JI9nVSSjhFwSQ,15861
 flwr/simulation/ray_transport/__init__.py,sha256=wzcEEwUUlulnXsg6raCA1nGpP3LlAQDtJ8zNkCXcVbA,734
 flwr/simulation/ray_transport/ray_actor.py,sha256=k11yoAPQzFGQU-KnCCP0ZrfPPdUPXXrBe-1DKM5VdW4,18997
@@ -324,8 +324,8 @@ flwr/superexec/exec_servicer.py,sha256=X10ILT-AoGMrB3IgI2mBe9i-QcIVUAl9bucuqVOPY
 flwr/superexec/exec_user_auth_interceptor.py,sha256=K06OU-l4LnYhTDg071hGJuOaQWEJbZsYi5qxUmmtiG0,3704
 flwr/superexec/executor.py,sha256=_B55WW2TD1fBINpabSSDRenVHXYmvlfhv-k8hJKU4lQ,3115
 flwr/superexec/simulation.py,sha256=WQDon15oqpMopAZnwRZoTICYCfHqtkvFSqiTQ2hLD_g,4088
-flwr_nightly-1.15.0.dev20250121.dist-info/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358
-flwr_nightly-1.15.0.dev20250121.dist-info/METADATA,sha256=9z7GO8QtxbYq17Qoi-p9GfTm9O9x01Vl0T5EYpKydi4,15864
-flwr_nightly-1.15.0.dev20250121.dist-info/WHEEL,sha256=FMvqSimYX_P7y0a7UY-_Mc83r5zkBZsCYPm7Lr0Bsq4,88
-flwr_nightly-1.15.0.dev20250121.dist-info/entry_points.txt,sha256=JlNxX3qhaV18_2yj5a3kJW1ESxm31cal9iS_N_pf1Rk,538
-flwr_nightly-1.15.0.dev20250121.dist-info/RECORD,,
+flwr_nightly-1.15.0.dev20250122.dist-info/LICENSE,sha256=z8d0m5b2O9McPEK1xHG_dWgUBT6EfBDz6wA0F7xSPTA,11358
+flwr_nightly-1.15.0.dev20250122.dist-info/METADATA,sha256=HNrdO4R0GWS2WA5_9eQjJrKDJhObz0BZJKPsVYErnso,15864
+flwr_nightly-1.15.0.dev20250122.dist-info/WHEEL,sha256=FMvqSimYX_P7y0a7UY-_Mc83r5zkBZsCYPm7Lr0Bsq4,88
+flwr_nightly-1.15.0.dev20250122.dist-info/entry_points.txt,sha256=JlNxX3qhaV18_2yj5a3kJW1ESxm31cal9iS_N_pf1Rk,538
+flwr_nightly-1.15.0.dev20250122.dist-info/RECORD,,