Add Support For Sentry Nodes In Prysm

[nisdas]

🚀 Feature Request

Description

Currently there is a tightly coupled relationship between the validator and a singular beacon node. This means any validator that is actively connected to a beacon node, will send all attestations/sync committee messages and blocks to that particular beacon node each time. While this is fine for the average case( attestations), this brings up an attack vector during the block proposal slot for a particular validator. Validators constantly hop between attestation subnets across epochs. By observing messages in a particular subnet, you can determine which node IPs are participating in that subnet. Once you continue recording this data across different subnets in future epochs, it is possible to have stronger guarantees of which validator IPs map to which particular public keys.

This is problematic as validators' participating in block proposals are vulnerable to DOS attacks since their IP address is leaked. Since proposal schedules are known in advance( 1 epoch - 1 slot), this gives a fair bit of time for a targeted DOS attack on a validator who has had their IP leaked.

Describe the solution you'd like

Prysm should be able to support sentry nodes which would be used only for block proposals. These sentry nodes would never participate in the subscription of subnets and would only subscribe to the default pubsub topics. Along with that the validator client would have to be modified to send the block proposal to the sentry node instead of the actively connected beacon node.

Describe alternatives you've considered

N.A

[asn-d6]

FWIW here is the corresponding ticket for lighthouse: https://github.com/sigp/lighthouse/pull/3328

I'm mentioning it in case you want to copy the UI, so that the UX is similar across clients.

Good luck!