Consider enabling debug namespace by default

[nflaig]

Vouch requires debug api to be enabled as it uses the state to determine the validators statuses. This means it is required to pass --rest.namespace flag to work with Lodestar. All other clients have debug apis enabled by default.

[nflaig]

I've seen it several times as well that people run into issues using ethdo with Lodestar, as it also relies on state api to retrieve validator information.

Considering this, and the fact that the validators api is also enabled by default which has the same implications in terms of being a potential DoS vector, I think there is no real downside enabling debug by default. The beacon api is generally assumed to be a trusted api, protected by either not exposing it at all (only to validator client) or via proxy which adds additional access control.

For public beacon nodes, we need to consider another strategy, e.g. disabling some apis, or at least do not allow JSON responses for validators and state api.

[philknows]

We should discuss this if there’s enough people at #6809 . We were previously hesitant about having it enabled but can see the value it brings.

[nflaig]

To add to what we already discussed, our public nodes already have debug namespace enabled explicitly, so we really only negatively affect Vouch users and solo stakers using ethdo with Lodestar.

For stakers, we already make it pretty clear that the beacon api should not be exposed publicly (via warning log) and by default we bind the rest.address to localhost only. Imo there are more sensitive apis that need to be protected than the debug api, e.g. prepareBeaconProposer which would allow an attacker to steal execution rewards by changing the fee recipient.