Current scheme:
1. Hydra notices a drv to build
2. Hydra sends the drv to builder B
3. B builds
4. Hydra copy-closures the product of B's build to Hydra
5. On a “main” server, nix signs the built derivations
6. Said main server pushes the built derivation to the cache
TCB: steps 2, 3, 4, 5 (because from the time the derivation is picked by hydra to the time it's signed all the steps have to be secure)
Breakage for unability to recover: main server being compromised
Scope of damage if B temporarily compromised: all builds that were sent to it
New scheme idea:
1. Hydra notices a drv to build
2. Hydra sends the drv to builder B
3. B builds and signs with builder-local key
4. B uploads the build to the cache
5. Hydra sends the drv to signer machine
6. Signer machine downloads the build from the cache
7. Signer machine verifies signature of B, re-signs
8. Signer machine re-uploads the build with the new key
TCB: steps 3 and 7 (because any step in-between is trustless)
Breakage for unability to recover: signer machine being compromised
Scope of damage if B temporarily compromised: all builds that were sent to it (assuming the signer machine verifies the signature of B and not only the signature of “any builder”)