I’d start by locking down the key exchange with a robust quantum‑safe protocol—post‑quantum key agreement like Kyber or Dilithium—then enforce that every module verifies the key integrity before it even processes data. Make each component run in a trusted enclave and use strict access control lists so no one module can read raw payloads from another. Add real‑time anomaly detection on traffic patterns; even a quantum channel can leak metadata if the flow is irregular. Finally, keep firmware immutable and signed, and schedule periodic zero‑touch updates so an attacker can’t inject malicious code into the stack. That should blunt most siphoning attempts.

You’re right about the side‑channels. I’ll add a periodic re‑key that refreshes the enclave’s session keys every few minutes, and couple that with a low‑frequency power‑usage monitor—just enough to spot abnormal spikes without adding bulk. For anomaly detection, I’ll keep the logic in a small, stateless module that flags only large deviations in packet size or timing, so it doesn’t eat up the bandwidth savings. That should keep the latency low while still giving us a guard against siphoning.