[lytedev]

I think you're looking for Nix flakes proper! This is one of the promises!

Given so, this means many tools based on nix provide this too, though it's not as easily surfaced.

[danhudlow]

Unfortunately, neither nix flakes nor tools based on nix that don’t “easily surface” this feature provide the security guarantees I’m seeking, since security guarantees are a function of cryptographic proofs and abstractions that are comprehensible to an end user.