Yes but guix goes further in this field, for example with the guix challenge subcommand which enables to compare build hashes against various build farms. guix also does outstanding R&D around bootstrappability which is key to defeating trusting trust attack. guix also enforces PGP signatures on all source recipes, and provides an easy-to-use guix git-authenticate command to validate the entire history of a repo from a given commit.
These three points are what makes guix apart from all other distros (so far) in terms of secure/reproducible software.
Yes but guix goes further in this field, for example with the guix challenge subcommand which enables to compare build hashes against various build farms. guix also does outstanding R&D around bootstrappability which is key to defeating trusting trust attack. guix also enforces PGP signatures on all source recipes, and provides an easy-to-use guix git-authenticate command to validate the entire history of a repo from a given commit.
These three points are what makes guix apart from all other distros (so far) in terms of secure/reproducible software.