What guarantees do signatures by binary caches give?

I have two questions about what it means to obtain a store path with a valid signature from a binary cache.

  1. Does the signature relate the store path (input address) and the contents by signing both of them together, or is it just a signature of the content?

  2. Is it a design goal of the signature to identify who originally built the package (so that if I set up my own binary cache which obtained some store paths from https://cache.nixos.org it will only contain that original signature and I can attribute the build process to https://cache.nixos.org in that way)?

  1. both. At least I think so. I’m lazy to look for evidence.
  2. I’m not sure if I misunderstand you. When you verify a signature, you know which key you use. And surely you know where that key came from. Example like from .narinfo:
    Sig: cache.nixos.org-1:5p4rJZA7peW79kmsna4JN8TQ986qexRRubaYiI8y+tkuX3Qn2me7kgDWcSQEOz0gfS46+tTILllz9cZZueCwCA==
1 Like
  1. Both, plus its references, evidence path-info.cc
  2. Nope, just that the owner of the key trusts the path by some means (either it builds the path itself, or feeling lucky and sign it whatsoever, see nix store sign)
1 Like

Thanks for helping me with this.

I created a feature request for some additions that address the second point: trusting substituters, but not *their* subsituters (non-transitively) · Issue #9644 · NixOS/nix · GitHub