great post! I completely agree with the analysis of the problem as well as the proposed solution. I actually wanted to implement something similar some time ago, during BitShares times, but then BitShares 2.0 happened and there were a lot more urgent things to do, so this got sidetracked. See here for the same analysis, where those nodes were called "backbone nodes" as they were intended to be shared between witnesses. Witnesses were paid a lot less during that time so I intended to have this as a public service, although that would mean that witnesses had to trust the operator of the backbone. Having your own personal line of defense is obviously much better. I still believe that this is an extremely important issue that should be tackled as soon as possible, and was planning to reboot this proposal as soon as I got some free time (haha good one!). In all seriousness, I believe that this is not too much work, but there will be some features that need to be added to the network code of the steemd client, in order to limit the nodes the client can connect too, as well as ensuring that your backbone nodes do not share the IP of your witness node (was in bts 0.9.x, but not in 2.0 nor steem I believe). This can probably also be implemented with some sort of VPN I guess, but I'm a coder, not a sysadmin, so I can't tell for sure. I even thought (fantasized) about how to make these nodes replace themselves autonomously when attacked via DDoS using messages on the blockchain, in order to simulate a resilient, living organism. Now you see where part of the "overmind" idea came from, too :) That is a discussion for a bit later, though...