Is your feature request related to a problem? Please describe.

As a user, who trusts a given substituter, I can add its public key to trusted-public-keys inside nix.confand substitute any paths it already built from there. The detached signatures that make this possible already link a set of inputs with the corresponding output produced by the build step (https://discourse.nixos.org/t/what-guarantees-do-signatures-by-binary-caches-give/34802/3).
Such signatures could also link each of these input output pairs to the specific builder that produced the output, but this is currently only done on a human level by knowing how the involved hosts are configured. Working only with this implicit knowledge is possible in practice but not well suited for reproducibility tracking or other supply chain security purposes.

The main problem is that there is no way for us to tell how the substituter got the output.
It might have

1. built the output itself,
2. obtained the output from another builder or substituter that it trusts or
3. (as far as I can tell) the output might have also been added manually to the served store, without any traceable evidence about how it was produced.

This gap is especially bad for reproducibility tracking, because (2) looks exactly like (1) if the derivation in question was reproducible.

Describe the solution you'd like

The detached signatures obtained from substitutes should optionally also cover the extra information that "The signer has built this output itself." (and unmodified Nix binaries should enforce that they cannot lie about this).

A user should be able to configure Nix so that substitution only succeeds if the builder can be identified and is trusted.

When the builder and substituter are the same this clearly solves the problem. If the builder and substituer are different users need to configure/manage additional signing keys, and the substituter would need to appropriately forward along the signature of the builder. I have not verified if this is possible in Nix already.
EDIT: nix-serve can return multiple signatures already so it looks like that's supported.

Note that I expect this feature would not resist tampering (with modified versions of Nix, otherwise modified build hosts or a malicious dependency of the builder compromising the build sandbox), but in contrast to trusted-public-keys as-is non-malicious users should never stumble into bypassing it.

Describe alternatives you've considered

I am aware of Trustix, but perfect is the enemy of good, therefore I think any improvements to attribution of build steps to builders that are possible with the existing signing scheme should also be considered as a constructive addition.

Additional context

I'm currently doing research on these issues which I would like to continue and am looking for funding and collaborators.

Priorities

Add 👍 to issues you find important.