Yea this is correct:
$ mount | grep /nix/store
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
pyromancer/crypt/system/nix/store on /nix/store type zfs (ro,relatime,xattr,posixacl)
$ nsenter -m -t $(pgrep nix-daemon) mount | grep /nix/store
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
pyromancer/crypt/system/nix/store on /nix/store type zfs (rw,relatime,xattr,posixacl)
Two mounts, one for my actual /nix/store file system, one for the ro bind mount. But in the daemon’s mount name space, the latter has been remounted rw.