I understand in considerable detail what's happening here, having written a conforming implementation of `nix` myself.

Silently smuggling environment variables into a builder means the build is not reproducible, nor is it possible to know a-priori whether the build is reproducible. Nix reverts to the same level of guarantee you get from Ubuntu or whatever without the convenience of Ubuntu: Docker is dramatically more principled!

The galaxy brain people who do real mathematics of whom I am merely a humble fan worked this one out. The credential is a "coffect", which is a generalization of this sort of thing that is tracked ("graded") and accounted for ("discharged"), a process that allows you to reason about your system (to for example know that a massive build is going to be useless before you do it since you don't have the credential for the model you were trying to run with the thing you built).

Punching random holes in Nix is worse than just disabling the sandbox or whatever other BDSM thing, because if you aren't going to get correct you might as well get easy.

Why put up with Nix's bullshit if it's still going to be less correct than Docker anyways? Most people agree (c.f. Docker as opposed to Nix winning too hard in the market).

My approach is different: unfuck Nix.