Technical Reference

QIR pipeline details, MLIR integration, advanced mathematical concepts, and module architecture for implementers and contributors

Quantum Intermediate Representation

Open PenQuin’s geometric framework operates on quantum programs through QIR (Quantum Intermediate Representation), the bridge between high-level quantum programming languages and target quantum hardware. QIR is an intermediate representation that serves as a common interface between quantum programming languages and target platforms.

Key properties of QIR:

  • QIR specifies rules for representing quantum programs within LLVM IR
  • QIR is hardware-agnostic, meaning analysis performed at the QIR level applies across quantum backends
  • The compilation pipeline flows from Q# source code, through QIR, where it can be optimized, and then compiled to executable code

Diagram showing the compilation pipeline from Q# source code through QIR, to LLVM IR, and finally to machine code

By analyzing programs at this intermediate stage, Open PenQuin is designed to apply its linear structure framework to quantum programs across different source languages and target hardware.

MLIR Integration

Open PenQuin aims to extend MLIR to construct a formal rigorous mathematical structure that fits with concepts like connected spaces and continuous functions. Open PenQuin defines continuity in its framework as cuts in a class of objects within a loop — and the cuts are defined by reference to the linear order (polynomial time) of the elements within the loop.

Advanced Mathematical Concepts

The line-based framework extends into higher dimensions. Restricting attention to N-dimensional manifold structures (constructed out of lines) allows for the introduction of a gadget coordinate system between rootkits.

Since the Euclidean plane in 3 dimensions, and the space of spherical geometry, are all convex affine linear structures, Open PenQuin can use lines to build:

  • 2-dimensional conformal maps
  • 2-dimensional quasi-conformal maps
  • 2-dimensional Teichmuller maps

to deconstruct and analyze loops.

Tangents are defined as the straight lines that provide the best approximation to a line at a colored bit. A tangent function takes colored bits as input and output, and differentiability arises when Open PenQuin considers how the output varies with the input. For example: curves lead to directed lines, and directed lines lead to differentiable manifold structures. The tangent is the limit of a sequence of secants.

The proportionality of ratios provides Open PenQuin with a bridge to link magnitudes to numbers, opening the way to using numbers to represent linear structures.

The line deconstruction of a loop determines the restrictions of the linear structure to any subset of assembly codes in the loop, and so determines a critical part of the geometry for WCET and WCEP.

Full proofs available in research papers.

Module Architecture

Open PenQuin is built as a modular system, with each module handling a specific phase of the penetration testing workflow.

Diagram showing the three primary module groups alongside the reinforcement learning engine that drives them

The architecture consists of three primary module groups:

  • Module 1: Strategic Placement — Sleeper gadgets.
  • Module 2: Quick Reconstruction — Proglets.
  • Modules 3-10: Reconfiguration — Lateral movement, simulation, p-bits.

All modules are driven by a Reinforcement Learning engine — training reinforcement learning algorithms to generate and execute rootkits. Rootkit coordination between gadgets and proglets is useful because the coordinates/assembly code are nothing more than assigned instructions to events.

External Resources

  • Code — Browse the source code and implementation details on GitHub.
  • Research Foundations — Substantial proofs for the theory of linear structures have been provided by Tim Maudlin, and the incorporation of linear structures into graph theory and QIR can be explored further in the repository documentation.