diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 2f7b12e..ad538e1 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -19,6 +19,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@main
+        with:
+          extra-conf: |
+            extra-substituters = https://bonsol.cachix.org
+            extra-trusted-public-keys = bonsol.cachix.org-1:yz7vi1rCPW1BpqoszdJvf08HZxQ/5gPTPxft4NnT74A=
       - uses: DeterminateSystems/magic-nix-cache-action@main
       - uses: DeterminateSystems/flake-checker-action@main
       - run: nix flake check --all-systems -L
@@ -32,6 +36,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@main
+        with:
+          extra-conf: |
+            extra-substituters = https://bonsol.cachix.org
+            extra-trusted-public-keys = bonsol.cachix.org-1:yz7vi1rCPW1BpqoszdJvf08HZxQ/5gPTPxft4NnT74A=
       - uses: DeterminateSystems/magic-nix-cache-action@main
       - run: nix develop
 
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a43173a..6bd352f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## Unreleased
 
+### Fixed
+* `risc0-groth16-prover` binaries (rapidsnark & stark-verify) are available to the nix store, partially unblocking NixOS support.
+
 ## [0.2.1] - 2024-10-13
 
 ### Changed
diff --git a/docs/docs/contributing/contributing.md b/docs/docs/contributing/contributing.md
index 50b9943..fd4323f 100644
--- a/docs/docs/contributing/contributing.md
+++ b/docs/docs/contributing/contributing.md
@@ -20,7 +20,7 @@ that avoids unecessary downloading, rebuilding and patching. With one command yo
 
 The following link will install nix with the above features and include the bonsol binary cache as a trusted substitutor. Without the substitutor many dependencies will build from source, which could take a the first time they are built!
 ```bash
-curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --extra-conf "extra-substitutors = https://bonsol.cachix.org" --extra-conf "extra-trusted-public-keys = bonsol.cachix.org-1:yz7vi1rCPW1BpqoszdJvf08HZxQ/5gPTPxft4NnT74A="
+curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --extra-conf "extra-substituters = https://bonsol.cachix.org" --extra-conf "extra-trusted-public-keys = bonsol.cachix.org-1:yz7vi1rCPW1BpqoszdJvf08HZxQ/5gPTPxft4NnT74A="
 ```
 
 - `docker` ([see why](https://nixos.wiki/wiki/Docker#Running_the_docker_daemon_from_nix-the-package-manager_-_not_NixOS))
diff --git a/flake.nix b/flake.nix
index a8e3df0..78631c4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -171,6 +171,11 @@
           r0vm = pkgs.callPackage ./nixos/pkgs/risc0/r0vm {
             inherit risc0CircuitRecursionPatch;
           };
+          risc0-groth16-prover = pkgs.callPackage ./nixos/pkgs/risc0/groth16-prover {
+            imageDigest = "sha256:5a862bac2c5c070ec50ff615572a05d870c1372818cf0f5d8bb9effc101590c8";
+            sha256 = "sha256-SV8nUjtq6TheYW+vQltyApOa7/gxnBrWx4Y6fQ71LFg=";
+            finalImageTag = "v2024-05-17.1";
+          };
           solana-platform-tools = pkgs.callPackage ./nixos/pkgs/solana/platform-tools { };
           solana-cli = pkgs.callPackage ./nixos/pkgs/solana { inherit solana-platform-tools; };
         in
@@ -263,6 +268,7 @@
 
               cargo-risczero
               r0vm
+              risc0-groth16-prover
               solana-cli
               solana-platform-tools;
 
@@ -345,6 +351,7 @@
               run-node
               r0vm
               cargo-risczero
+              risc0-groth16-prover
               solana-cli
             ];
 
diff --git a/nixos/pkgs/risc0/groth16-prover/default.nix b/nixos/pkgs/risc0/groth16-prover/default.nix
new file mode 100644
index 0000000..2b16384
--- /dev/null
+++ b/nixos/pkgs/risc0/groth16-prover/default.nix
@@ -0,0 +1,79 @@
+{ lib
+, dockerTools
+, stdenv
+, autoPatchelfHook
+, libclang
+, libsodium
+, gmp
+, fetchurl
+
+, imageDigest
+, sha256
+, finalImageTag
+}:
+
+let
+  owner = "risczero";
+  pname = "risc0-groth16-prover";
+  imageName = "${owner}/${pname}";
+  # Pulls the image from docker hub and builds the layered image
+  # producing a tarball.
+  src = dockerTools.exportImage {
+    name = imageName;
+    fromImage = dockerTools.pullImage {
+      inherit
+        imageName
+        imageDigest
+        sha256
+        finalImageTag;
+    };
+    diskSize = 10240; # 10G is necessary to build the layered image.
+  };
+in
+stdenv.mkDerivation {
+  inherit pname src;
+  version = finalImageTag;
+
+  nativeBuildInputs = [ autoPatchelfHook ];
+
+  buildInputs = [
+    libclang
+    # This just overrides the version of libsodium from the current one
+    # available in nixpkgs to use the version required by the version
+    # of rapidsnark.
+    (libsodium.overrideAttrs (old: rec {
+      version = "1.0.18";
+      src = fetchurl {
+        url = "https://download.libsodium.org/libsodium/releases/libsodium-${version}.tar.gz";
+        hash = "sha256-b1BEkLNCpPikxKAvybhmy++GItXfTlRStGvhIeRmNsE=";
+      };
+    }))
+    gmp
+  ];
+
+  # Unpack the layered image into the source directory.
+  unpackPhase = ''
+    tar -xf $src
+  '';
+
+  # Create the output directory where the prover is expected to be by bonsol binaries
+  # and copy the files from the prover image into it.
+  buildPhase = ''
+    mkdir -p $out/stark
+    cp app/stark_verify $out/stark/
+    cp app/stark_verify.dat $out/stark/
+    cp app/stark_verify_final.zkey $out/stark/
+    cp usr/local/sbin/rapidsnark $out/stark/
+  '';
+
+  meta = with lib; {
+    description = ''
+      Utilities for performing a "stark2snark" workflow, useful for transforming a RISC Zero
+      STARK proof into a Groth16 SNARK proof which is suitable for publishing on-chain.
+    '';
+    homepage = "https://hub.docker.com/r/risczero/risc0-groth16-prover";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ eureka-cpu ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
index 99f11ac..e162a29 100644
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -4,4 +4,4 @@ packages:
   - "vkey"
   - "docs"
   - "examples/bonsol-pow-example"
-  
\ No newline at end of file
+
diff --git a/setup.dockerfile b/setup.dockerfile
index 374ebbe..f438474 100644
--- a/setup.dockerfile
+++ b/setup.dockerfile
@@ -1,5 +1,5 @@
 # syntax = docker/dockerfile:1.2
-FROM scratch as chef  
+FROM scratch as chef
 WORKDIR /app
 COPY --from=risczero/risc0-groth16-prover:v2024-05-17.1 /app/stark_verify /stark/stark_verify
 COPY --from=risczero/risc0-groth16-prover:v2024-05-17.1 /app/stark_verify.dat /stark/stark_verify.dat