What is NØNOS?

NØNOS is a zero-trust operating system that implements cryptographic verification at every layer of the system stack. It's built from scratch in Rust with a singular focus: ensuring that only authenticated, verified code ever executes on your hardware.

The Vision

Traditional operating systems were designed in an era of trusted computing environments. They assume the bootloader is honest, the kernel is uncompromised and software access controls are sufficient. These assumptions are increasingly dangerous.

NØNOS reimagines the operating system with a cryptographic-first approach:

Traditional OS                    NØNOS
─────────────────────────────────────────────────────────
Trust the bootloader       →      Verify bootloader cryptographically
Trust the kernel           →      Verify kernel signature before load
Software access controls   →      Hardware-enforced capability tokens
Hope for the best          →      Prove correctness with ZK proofs
Classical crypto only      →      Post-quantum algorithms built-in

Core Components

`1. UEFI Bootloader (~300KB)`

The first code that runs after firmware. It:

Loads Ed25519 public keys compiled into its binary
Computes BLAKE3 hash of the kernel
Verifies kernel signature against trusted keys
Optionally verifies Groth16 ZK proofs
Only boots if all verification passes

`2. Kernel (~221KB)`

The core operating system. It provides:

Memory Management. Paging, allocation, W^X enforcement
Process Scheduling. Async executor with ~500ns context switches
Capability System. Unforgeable access tokens
Cryptographic Primitives. Ed25519, BLAKE3, AES-GCM, ML-KEM
ZK Engine. Groth16 proof verification
Drivers. PCI, GPU, storage, network

`3. Security Layer`

Pervasive throughout the system:

Capability Tokens. No operation without a valid token
Memory Isolation. Per-process address spaces
Control Flow Integrity. Hardware CET support
Encrypted Storage. AES-256-GCM filesystem

What Makes NØNOS Different?

Verified Boot Chain

Every boot follows the same verification path:

UEFI Firmware (Secure Boot)
         │
         ▼
    Verify BOOTX64.EFI signature
         │
         ▼
    NØNOS Bootloader runs
         │
         ▼
    Hash kernel with BLAKE3
         │
         ▼
    Verify Ed25519 signature
         │
         ▼
    (Optional) Verify ZK proof
         │
         ▼
    Kernel executes ONLY if all pass

There's no "bypass" mode. No "recovery without verification." Either verification passes, or the system doesn't boot.

Capability-Based Security

Traditional access control:

Process has UID/GID
Kernel checks permissions
Root bypasses everything

NØNOS access control:

Process has capability tokens
Each token grants specific permissions
Tokens are cryptographically unforgeable
No "root" that bypasses the system

Post-Quantum Ready

Classical cryptography (RSA, ECDSA, ECDH) will be broken by quantum computers. NØNOS implements:

Algorithm

Standard

Purpose

ML-KEM-768

FIPS 203

Key encapsulation

ML-DSA-65

FIPS 204

Digital signatures

These algorithms are secure against both classical and quantum attacks.

Zero-Knowledge Attestation

NØNOS can prove facts about its state without revealing the state itself:

Prove the kernel is unmodified without revealing the kernel
Prove a user is authorized without revealing identity
Prove a computation was correct without revealing inputs

Use Cases

High-Security Environments

Air-gapped systems
Cryptographic key management
Secure enclaves

Privacy-Preserving Systems

Anonymous authentication
Confidential computing
Zero-knowledge applications

Research & Development

OS security research
Cryptographic protocol development
Formal verification targets

Technical Specifications

Metric

Value

Architecture

x86_64

Language

Rust (100%)

Total Binary Size

~521KB

Unsafe Code in Crypto

0 lines

Boot Time

~2.5 seconds

Memory Footprint

~46MB

PreviousNØNOS Operating System NextWhy Zero-Trust Matters

Last updated 4 days ago

Was this helpful?