For sure, you’d trade off granularity for reusing existing tools, to get something more Dockerfile-like. One advantage of separating the inputs as you mention is that you can get better caching, but you could also solve that by providing persistent storage to the trusted tool, and trusting the caching done by the tool, which ties to what was discussed in Nix *could* be a great build system
Doing everything in nix certainly gives you nice properties (be it with precomputed hash, IFD or import from derivation), but it means you need to adapt every tool to use nix as a backend. While that’s a great goal, having escape hatches would allow more intermediate solutions, basically simpler *2nix tools, that don’t require (much) nix specific logic.