Get Started
README

Compute units that live inside KVM — built for consumer-scale agent fleets and the largest enterprise platforms.

shell
npx @platinum/cli init
Features
01
Real isolation.
One CH microVM per compute unit. KVM is the boundary — kernel-CVE blast radius stops at the VM.
02
vsock-only guest.
In-VM agent listens on AF_VSOCK only. No TCP, no shared L2 between compute units.
03
No kernel mods.
Stock distro kernel. No DKMS, no out-of-tree drivers. Secure Boot on works fine.
04
Cross-host by default.
Pause in PAR1, resume in PAR2. S3 CAS for memory + rootfs. 4 ms pause window.
05
API parity.
Drop-in for the E2B and Daytona SDKs. Same templateID body, /pause, /resume, /files/watch.
06
Agent-native.
MCP server, llms.txt, OpenAPI 3.1, agent skill. One line into Claude Code, Cursor, Windsurf.
07
virtio-fs share.
Every compute unit gets /mnt/dnah-share. Bulk file transfer through host page cache, not JSON.
08
Signed snapshots.
Ed25519 over (sandbox_id, snapshot_id, manifest_hash, size, ts). Restore rejects tampered.
09
Add hosts in 5 seconds.
Mint a bootstrap token, run curl /install.sh | sudo bash on Ubuntu. Self-registers. No Ansible.
Benchmarks
PathWhat's happeningP50P95
Warm allocationPool claim — Postgres row flip, no spawn14 ms24 ms
Cold spawnReflink rootfs · TAP · CH boot · vsock RPC up98 ms313 ms
First exec (warm)create → exec returning exit 022 ms39 ms
/exec roundtripFramed-JSON RPC over vsock4 ms5 ms
Resume from stop-snapMemory + disk restore, identity preserved309 ms
Restore signed snapshotEd25519 verify · CH --restore · resume1.0 s
ForkSnapshot + clone in one call~2.5 s
Sequential throughput100× create+delete, pool refills26.3 /s
Lifecycle
typeauto-stopauto-archiveauto-deleteuse for
persistent (default)000Long-lived dev workspaces — never auto-anything.
ephemeral15 min7 d30 dAgent runs, CI jobs, throwaway compute.
Architecture
CLIENTSDK · CLI · MCPcurl · @platinum/sdk · skillCONTROL PLANECP BOXCaddy:443Bun:3000scheduler · warm pool · reconcilerbilling · audit · webhook retrysnapshot signer (Ed25519)Postgres— orgs · compute units · audit · billingsingle source of truthHTTPS · Bearer · cookie sessionCOMPUTE HOSTBARE METAL · KVM · STOCK KERNELedge-proxy:80<port>-<sbx>.<host>.nip.ioHMAC token · auto-resumevirtiofsdper compute unit · exports<jail>/share via virtio-fshost-agent(Go, root)▸ spawns cloud-hypervisor per compute unit▸ TAP/IP allocator on dnah-br0 (10.42/16)▸ XFS reflink rootfs · KSM dedup · S3 archive▸ vsock-rpc proxy :18048 (TLS+mTLS+bearer)▸ /v1/share/* — direct host FS ops, no vsock▸ GPU VFIO passthrough · hot volume attachCH microVMper compute unitinvm-agent(Go, 2.8 MB)listens on AF_VSOCK :18047/mnt/dnah-sharevirtio-fs/dev/vdavirtio-blk · rootfseth0virtio-net · 10.42.X.YmTLS · bearer · nft allowlistFOUR PLANES INTO THE GUESTcontrol RPCAF_VSOCK :18047 · framed-JSONexec · stat · sessions · snapshot~4 ms roundtrip · no TCPbulk filevirtio-fs · /mnt/dnah-sharehost page cache · zero JSONworks while VM is pausedblock storagevirtio-blk · /dev/vd{a,b,c…}XFS reflink · O(1) clonelive add-disk for hot volumesnetworkvirtio-net · dnah-br010.42.0.0/16 · nft egress per sbxcross-compute L2 drop
Open dashboard →
DocsOpenAPIDeployDashboardStatus