Add fixed node IP addresses to initial seed peer config

[teor2345]

Motivation

If a Zebra node is launched from a network where the Zcash DNS seeders are blocked, it won't be able to connect to any peers. If the network provides malicious DNS responses, the node could be compromised with bad peers.

Zebra's checkpoints and the Zcash proof of work help resist this attack.

Specifications

Both Bitcoin Core and BitcoinJ also include a hardcoded list of IP addresses and port numbers to several dozen nodes which were active around the time that particular version of the software was first released. Bitcoin Core will start attempting to connect to these nodes if none of the DNS seed servers have responded to a query within 60 seconds, providing an automatic fallback option.

https://developer.bitcoin.org/devguide/p2p_network.html#peer-discovery

Designs

zcashd has a fixed seed generation script:
https://github.com/zcash/zcash/tree/master/contrib/seeds

But it doesn't currently have any fixed seed peers:
https://github.com/zcash/zcash/blob/master/src/chainparamsseeds.h

Solution

• Select fixed seed peers using zcashd's scripts or a zebra-network-based tool
• Add them to Zebra's default mainnet and testnet configs

Alternatives

We might want to talk with the zcashd team before making this change, to understand why they don't have fixed seed peers.

Related Work

A persistent local list of peers would help resist this attack after first launch #1956

[teor2345]

We'll do this if it becomes a problem.

[teor2345]

This is related to the audit, but we decided not to do it at this time, because it's hard to choose good stable peer IP addresses, and we'd have to ask the operators for permission.