might be nice to record the signature for the collected hashes, so they can be used to independently verify things.

Might make sense to record this in the same format as in the narinfo's in the binary cache, so those can be easily imported - e.g. https://cache.nixos.org/5lrsc92ci8mk4bm2g08x00lqb5siw26j.narinfo :

StorePath: /nix/store/5lrsc92ci8mk4bm2g08x00lqb5siw26j-linux-5.10.105
URL: nar/0pspdjxc0milrndyli2q0avd7xyb4va89ppl5yy2yvibzgqa6hgn.nar.xz
Compression: xz
FileHash: sha256:0pspdjxc0milrndyli2q0avd7xyb4va89ppl5yy2yvibzgqa6hgn
FileSize: 72738596
NarHash: sha256:0k16qm8j5np49idnq3g0js2brarwjbvqcl9mpn84qzky2hrb861h
NarSize: 83173784
References: 
Deriver: f82ng23ql4840mb66dr480wbiln2ckir-linux-5.10.105.drv
Sig: cache.nixos.org-1:rXoVjXzZxG8AfXEjnkZg0mRTjkw4phcVTnGaxd8cAfqNQ0+uw2lz9NXpfjow0A0FXbsaC3hgL/ZXYBteV1jXDA==

You can use nix key generate-secret to generate a key, but I'm not sure wheter nix store sign can sign a rebuild that's not in your store, and how to extract the signature.

If this works out we might want to provide the API to support nix store copy sigs, though.

The signature is a signed fingerprint of the 1;<storepath>;<narHash>;<narSize>;<references>, where the references are comma-separated. The signature consists of the key name, a :, and the base64-encoded detached ed25519 signature.