lakr233/vphone-cli

vphone-cli is a command-line tool that starts a virtual iPhone on a Mac. It uses Apple's own Virtualization framework, the same underlying technology Apple uses internally for its Private Compute Cloud research environment, to run an actual iOS system inside a virtual machine on macOS. The project has been tested on Apple Silicon Macs running macOS 26 (Sequoia) and later. To use it, the Mac needs certain security restrictions relaxed. Apple's System Integrity Protection (SIP) and a security layer called AMFI normally prevent unsigned software and private framework access, so the setup instructions walk through either disabling them or working around them with helper tools. This is a prerequisite because the virtualization entitlements the project needs are not granted to third-party software by default. The project provides four firmware variants with different levels of modification to the iOS boot chain. The lightest variant, called Patchless, makes three patches to the firmware and goes through two setup phases. The most extensive, called Jailbreak, applies 112 patches across 14 phases and sets up a package manager (Sileo) and an app installer (TrollStore) automatically on first boot, allowing users to install additional software on the virtual iPhone. Setup involves downloading iOS firmware files, patching the boot chain using the provided scripts, and then booting the virtual machine. The restore process requires two terminal windows running simultaneously: one keeps the virtual device in DFU mode (a special restore state) while the other sends the firmware. After that, first boot goes through a normal iOS startup sequence inside the virtual machine. The README notes tested hardware and firmware combinations. The project is under active development and is aimed at researchers interested in iOS internals.