ABSTRACT: Quantum key distribution (QKD) offers the promise of absolutely secure communications. However, proofs of absolute security often assume perfect implementation from theory to experiment. Thus, existing systems may be prone to insidious side-channel attacks that rely on flaws in experimental implementation. Here we replace all real channels with virtual channels in a QKD protocol, making the relevant detectors and settings inside private spaces inaccessible while simultaneously acting as a Hilbert space filter to eliminate side-channel attacks. By using a quantum memory we find that we are able to bound the secret-key rate below by the entanglement-distillation rate computed over the distributed states.