Social trust
Trust specific builders directly, scoped and revocable, and get a personalized cache that serves only what your own trust graph resolves.
Beyond the globally-trusted shared tier, Vega lets you trust individual builders. It is opt-in and scoped: you decide whose builds you accept and for which packages, and Vega serves you a personalized view signed with a key only you trust.
Trust a builder
With the vega CLI (after vega login):
vega trust add alice # trust alice for all her builds
vega trust add bob --package hello # limit bob to the 'hello' package
vega trust add carol --flake carol/app # only builds from the carol/app flake
vega trust add carol --org carol # any repo under the carol org
vega trust list
vega trust remove alice
The subject is a GitHub login (or numeric id). Trust edges are revocable and do not propagate: trusting alice does not trust whoever alice trusts. The scopes differ in what they match. --package matches the build's store-path name, which the builder chooses, so it is a blast-radius limit, not a hard barrier. --flake (owner/repo) and --org (owner) are stronger: they match only a build that carries verified provenance from that flake or org, that is, the builder's own github-hosted CI attestation for that exact output. A build without such an attestation is simply not covered by a flake or org scope, so these never rest on a builder-chosen name.
Requesting a build you trust but Vega has not yet reproduced also signals demand: it moves that output up Vega's reproduction queue (for builds with verified provenance), so the things people actually use get independently reproduced sooner. This only affects scheduling; promotion to the shared tier still requires the reproduction quorum.
One safety default: if Vega's own reproducer rebuilt an output and got a different hash than the builder, your view withholds that binding rather than serve something Vega's evidence contradicts; and if the trusted builders for a path disagree at all, it is withheld regardless. For a build you know is nondeterministic and still want from a specific builder, vega trust add <login> --accept-unreproducible opts that one edge into accepting it, at your own risk.
Your personalized substituter
vega view prints a nix.conf snippet for your own view:
vega view --format nix-conf
extra-substituters = https://vega-cache.dev/u/<token>
extra-trusted-public-keys = <your-view-key> <shared-key>
The /u/<token> substituter serves the globally-trusted shared cache, plus any binding your trust graph resolves. For a path not in the shared tier, Vega checks the builders you trust; if a trusted builder (in scope) attested it, and the trusted builders for that path do not disagree among themselves, Vega re-signs that one binding with your own per-consumer view key. That key signs only your view, so a binding resolved for you is never trusted by anyone else, and a builder you do not trust can never reach you. The token is opaque; rotate it any time from the dashboard (rotation instantly revokes the old one).
Finding builders to trust
You trust a GitHub identity, so trusting starts from a builder you can name. To discover and evaluate who built something you care about, Vega's public surfaces show who attested what:
- A path's status page (
/status/<hash>) lists the tenants that attested that exact output, so you can see who else built the thing you need. - The transparency log (
/log) is the append-only record of every attestation. - A builder's profile (
/builder/<id>) shows their standing: outputs attested, how many were independently corroborated, and how many diverged. - The Network Health page shows aggregate, privacy-preserving activity across the network.
Evaluate a builder by corroboration, not volume: standing in Vega is earned by independent agreement on outputs, never by how many builds someone pushes, which is what keeps the social layer spam-resistant. Once you decide, vega trust add <login> records the edge and your /u/<token> view begins resolving their in-scope builds for you.
The dashboard
vega dashboard opens your private dashboard in the browser. It exchanges the credential you already hold from vega login for a 60-second login code, so the long-lived credential never enters the browser, and the browser redeems the code for a 1-hour session. The dashboard shows your standing (outputs attested, independently corroborated, diverged), your trust edges, and your view-token substituter, with a button to rotate the token. Pass --no-open to print the sign-in URL instead of opening a browser.