Current scheme:
1. Hydra notices a drv to build
2. Hydra sends the drv to builder B
3. B builds
4. The product of B's build gets copy-closure'd to Hydra
5. On a “main” server, nix signs the built derivations
6. Said main server pushes the built derivation to the cache
TCB: steps 2, 3, 4, 5 (because from the time the derivation is picked by hydra to the time it's signed all the steps have to be secure)
Breakage for unability to recover: main server being compromised
Scope of damage if B temporarily compromised: all builds that were sent to it
New scheme idea:
1. Hydra notices a drv to build
2. Hydra sends the drv to builder B
3. B builds and signs with builder-local key
4. B uploads the build to the cache
5. Hydra sends the drv to signer machine
6. Signer machine downloads the build from the cache, verifies signature of B, re-signs
7. Signer machine re-uploads the build with the new key
TCB: steps 3 and 6 (because any step in-between is trustless)
Breakage for unability to recover: signer machine being compromised
Scope of damage if B temporarily compromised: all builds that were sent to it (assuming the signer machine verifies the signature of B and not only the signature of “any builder”)