Type 1 bare-metal hypervisor with native post-quantum cryptographic acceleration. KVM-based with Intel VMX and AMD SVM support.
QuantaVirt runs directly on bare metal, with no host OS between the hypervisor and hardware. Every layer is secured with post-quantum cryptography.
| Ring | Layer | Detail |
|---|---|---|
| Ring 3 | Guest Applications | Unmodified applications running inside VMs |
| Ring 0 | Guest Kernels | Linux, Windows, FreeBSD guest operating systems |
| Ring -1 | QuantaVirt Hypervisor | KVM-based VMM with PQC subsystem |
| Hardware | CPU + QUAC-100 | Intel VMX / AMD SVM + PCIe crypto acceleration |
Hardware-assisted VM entry and exit with minimal overhead.
Extended Page Tables for Intel, Nested Page Tables for AMD.
VT-d and AMD-Vi for secure device passthrough and DMA isolation.
Direct interrupt delivery to guests without VM exits.
Every data path through QuantaVirt is protected with post-quantum cryptographic algorithms, from memory encryption to live migration.
All guest memory pages encrypted with ML-KEM-768 derived keys. Per-VM key isolation with hardware-enforced boundaries.
Virtual disk encryption using ML-KEM key wrapping with AES-256-GCM data encryption. Transparent to guest operating systems.
ML-DSA-65 signed boot chain from firmware through hypervisor to guest kernel. Tamper detection at every stage.
PQC-encrypted live migration between hosts. VM state and memory pages protected in transit with ML-KEM key exchange.
100+ Mbps quantum random number generation distributed to all guest VMs via virtio-rng device emulation.
Hardware-accelerated post-quantum TLS termination for guest network traffic. Transparent to applications.
| Category | Emulated Devices | Paravirtual |
|---|---|---|
| Storage | NVMe, AHCI, IDE | VirtIO-blk, VirtIO-scsi |
| Network | e1000, e1000e | VirtIO-net with vhost |
| Interrupt | LAPIC, IOAPIC | MSI/MSI-X passthrough |
| USB | XHCI (USB 3.0) | VirtIO-input |
| Graphics | VGA, QXL | VFIO GPU passthrough |
| Crypto | Software fallback | QUAC-100 SR-IOV VF |
QuantaVirt integrates with CPU-level confidential computing technologies to provide defense-in-depth memory protection.
Secure Encrypted Virtualization. Guest memory encrypted with per-VM AES keys managed by the AMD Secure Processor.
Encrypted State. Guest register state protected during VM exits, preventing hypervisor inspection of CPU context.
Secure Nested Paging. Integrity protection against memory remapping attacks with hardware-enforced page validation.
Trust Domain Extensions. Hardware-isolated execution environments with cryptographic attestation and memory encryption.
| Component | Minimum | Recommended |
|---|---|---|
| CPU | Intel VT-x or AMD SVM | AMD EPYC with SEV-SNP or Intel Xeon with TDX |
| Memory | 4 GB | 64 GB+ (ECC recommended) |
| Storage | 20 GB | NVMe SSD, 500 GB+ |
| Firmware | UEFI recommended | UEFI with Secure Boot |
| Crypto | Software fallback | QUAC-100 PCIe accelerator |
| Network | 1 GbE | 10/25 GbE with SR-IOV |
Note: QuantaVirt operates in software-only mode without QUAC-100 hardware, using optimized AVX2 implementations of PQC algorithms. Hardware acceleration is recommended for production deployments.
Pilot program now accepting applications. Request evaluation hardware or talk to our engineering team.