Merge branch 'develop' into web3signer-tls

Do not check signatures when packing BLS changes (#12021 )
* Do not check signatures when packing BLS changes * gaz * fix test --------- Co-authored-by: terencechain <terence@prysmaticlabs.com>
2026-01-10 05:47:59 -05:00 · 2023-02-21 17:00:46 -06:00 · 2023-02-21 22:18:54 +00:00 · 2023-02-21 13:42:32 -08:00 · 2023-02-21 15:45:20 +00:00 · 2023-02-20 17:20:59 -06:00
3626 changed files with 409421 additions and 177903 deletions
--- a/.bazelrc
+++ b/.bazelrc
@@ -13,7 +13,6 @@ coverage --define=coverage_enabled=1

 # Fix for rules_docker. See: https://github.com/bazelbuild/rules_docker/issues/842
 build --host_force_python=PY2
-test --host_force_python=PY2
 run --host_force_python=PY2

 # Networking is blocked for tests by default, add "requires-network" tag to your test if networking
@@ -21,44 +20,31 @@ run --host_force_python=PY2
 build --sandbox_default_allow_network=false

 # Stamp binaries with git information
-build --workspace_status_command=./scripts/workspace_status.sh
-build --stamp
-
-# Use mainnet protobufs at runtime
-run --define ssz=mainnet
-test --define ssz=mainnet
-build --define ssz=mainnet
+build --workspace_status_command=./hack/workspace_status.sh

 # Prevent PATH changes from rebuilding when switching from IDE to command line.
 build --incompatible_strict_action_env
-test --incompatible_strict_action_env
 run --incompatible_strict_action_env

-# Disable kafka by default, it takes a long time to build...
-build --define kafka_enabled=false
-test --define kafka_enabled=false
-run --define kafka_enabled=false
+build --define blst_disabled=false
+run --define blst_disabled=false

-# Enable blst by default, we use a config so that our fuzzer stops complaining.
-build --config=blst_enabled
-test --config=blst_enabled
-run --config=blst_enabled
+build:blst_disabled --define blst_disabled=true
+build:blst_disabled --define gotags=blst_disabled

-build:kafka_enabled --define kafka_enabled=true
-build:kafka_enabled --define gotags=kafka_enabled
-
-build:blst_enabled --define blst_enabled=true
-build:blst_enabled --define gotags=blst_enabled
+build:minimal --//proto:network=minimal
+build:minimal --@io_bazel_rules_go//go/config:tags=minimal

 # Release flags
 build:release --compilation_mode=opt
-build:release --config=llvm
+build:release --stamp

 # LLVM compiler for building C/C++ dependencies.
-build:llvm --crosstool_top=@llvm_toolchain//:toolchain
 build:llvm --define compiler=llvm
 build:llvm --copt -fno-sanitize=vptr,function
 build:llvm --linkopt -fno-sanitize=vptr,function
+# --incompatible_enable_cc_toolchain_resolution not needed after this issue is closed https://github.com/bazelbuild/bazel/issues/7260
+build:llvm --incompatible_enable_cc_toolchain_resolution

 build:asan --copt -fsanitize=address,undefined
 build:asan --copt -fno-omit-frame-pointer
@@ -73,20 +59,7 @@ build:llvm-asan --config=llvm
 build:llvm-asan --config=asan
 build:llvm-asan --linkopt -fuse-ld=ld.lld

-build:fuzz --define=gotags=libfuzzer
-build:fuzz --config=llvm-asan
-build:fuzz --copt=-fsanitize=fuzzer-no-link
-build:fuzz --linkopt=-fsanitize=fuzzer
-build:fuzz --copt=-fno-omit-frame-pointer
-build:fuzz --define=FUZZING_ENGINE=libfuzzer
-build:fuzz --copt=-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
-build:fuzz --linkopt -Wl,--no-as-needed
-build:fuzz --define=gc_goopts=-d=libfuzzer,checkptr
-build:fuzz --run_under=//tools:fuzz_wrapper
-build:fuzz --compilation_mode=opt
-build:fuzz --define=blst_enabled=false
-
-test:fuzz --local_test_jobs="HOST_CPUS*.5"
+build:fuzz --@io_bazel_rules_go//go/config:tags=fuzz

 # Build binary with cgo symbolizer for debugging / profiling.
 build:cgo_symbolizer --config=llvm
@@ -109,6 +82,12 @@ build:osx_amd64 --config=cross
 build:osx_amd64 --platforms=@io_bazel_rules_go//go/toolchain:darwin_amd64_cgo
 build:osx_amd64 --compiler=osxcross

+# osx_arm64 config for cross compiler toolchain
+build:osx_arm64 --config=cross
+build:osx_arm64 --platforms=@io_bazel_rules_go//go/toolchain:darwin_arm64_cgo
+build:osx_arm64 --compiler=osxcross
+build:osx_arm64 --cpu=aarch64
+
 # windows
 build:windows_amd64 --config=cross
 build:windows_amd64  --platforms=@io_bazel_rules_go//go/toolchain:windows_amd64_cgo
@@ -140,6 +119,10 @@ build:windows_amd64_debug --config=debug
 build:osx_amd64_debug --config=debug
 build:osx_amd64_debug --config=osx_amd64

+# osx_arm64 debug config
+build:osx_arm64_debug --config=debug
+build:osx_arm64_debug --config=osx_arm64
+
 # linux_arm64_debug
 build:linux_arm64_debug --config=linux_arm64
 build:linux_arm64_debug --config=debug
@@ -175,6 +158,10 @@ build:windows_amd64_docker_debug --config=windows_amd64_docker --config=debug
 build:osx_amd64_docker --config=docker-sandbox --config=osx_amd64
 build:osx_amd64_docker_debug --config=osx_amd64_docker --config=debug

+# osx_arm64 docker sandbox build config
+build:osx_arm64_docker --config=docker-sandbox --config=osx_arm64
+build:osx_arm64_docker_debug --config=osx_arm64_docker --config=debug
+
 # linux_arm64 docker sandbox build config
 build:linux_arm64_docker --config=docker-sandbox --config=linux_arm64
 build:linux_arm64_docker_debug --config=linux_arm64_docker --config=debug
@@ -241,3 +228,6 @@ build:remote --remote_local_fallback

 # Ignore GoStdLib with remote caching
 build --modify_execution_info='GoStdlib.*=+no-remote-cache'
+
+# Set bazel gotag
+build --define gotags=bazel
--- a/.bazelversion
+++ b/.bazelversion
@@ -1 +1 @@
-3.7.0
+5.3.0
--- a/.buildkite-bazelrc
+++ b/.buildkite-bazelrc
@@ -2,7 +2,7 @@
 # across machines, developers, and workspaces.
 # 
 # This config is loaded from https://github.com/bazelbuild/bazel-toolchains/blob/master/bazelrc/latest.bazelrc
-build:remote-cache --remote_timeout=3600
+#build:remote-cache --remote_timeout=3600
 #build:remote-cache --spawn_strategy=standalone
 #build:remote-cache --strategy=Javac=standalone
 #build:remote-cache --strategy=Closure=standalone
@@ -10,29 +10,37 @@ build:remote-cache --remote_timeout=3600

 # Prysm specific remote-cache properties.
 #build:remote-cache --disk_cache=
-build:remote-cache --remote_download_minimal
+build:remote-cache --remote_download_toplevel
+build:remote-cache --remote_cache=grpc://bazel-remote-cache:9092
+build:remote-cache --experimental_remote_downloader=grpc://bazel-remote-cache:9092
+build:remote-cache --remote_local_fallback
+build:remote-cache --experimental_remote_cache_async
+build:remote-cache --experimental_remote_merkle_tree_cache
+build:remote-cache --experimental_action_cache_store_output_metadata
+build:remote-cache --experimental_remote_cache_compression
+# Enforce stricter environment rules, which eliminates some non-hermetic
+# behavior and therefore improves both the remote cache hit rate and the
+# correctness and repeatability of the build.
+build:remote-cache --incompatible_strict_action_env=true
+
+build --experimental_use_hermetic_linux_sandbox

 # Import workspace options.
 import %workspace%/.bazelrc

-startup --host_jvm_args=-Xmx1000m --host_jvm_args=-Xms1000m
-query --repository_cache=/tmp/repositorycache
-query --experimental_repository_cache_hardlinks
-build --repository_cache=/tmp/repositorycache
-build --experimental_repository_cache_hardlinks
+startup --host_jvm_args=-Xmx4g --host_jvm_args=-Xms2g
 build --experimental_strict_action_env
-build --disk_cache=/tmp/bazelbuilds
-build --experimental_multi_threaded_digest
 build --sandbox_tmpfs_path=/tmp
 build --verbose_failures
 build --announce_rc
 build --show_progress_rate_limit=5
-build --curses=yes --color=no
+build --curses=no --color=no
 build --keep_going
 build --test_output=errors
 build --flaky_test_attempts=5
 # Disabled race detection due to unstable test results under constrained environment build kite
 # build --features=race

-# Disable flaky test detection for fuzzing.
-test:fuzz --flaky_test_attempts=1
+# Better caching
+build:nostamp --nostamp
+build:nostamp --workspace_status_command=./hack/workspace_status_ci.sh
--- a/.codecov.yml
+++ b/.codecov.yml
@@ -30,4 +30,4 @@ comment:

 ignore:
  - "**/*.pb.go"
-  - "**/*_mock.go"
+  - "**/testing/**/*"
--- a/.deepsource.toml
+++ b/.deepsource.toml
@@ -1,13 +1,17 @@
 version = 1

-exclude_patterns = ["tools/analyzers/**"]
+exclude_patterns = [
+  "tools/analyzers/**",
+  "validator/keymanager/remote/keymanager_test.go",
+  "validator/web/site_data.go"
+]

 [[analyzers]]
 name = "go"
 enabled = true

 [analyzers.meta]
-import_paths = ["github.com/prysmaticlabs/prysm"]
+import_paths = ["github.com/prysmaticlabs/prysm/v3"]

 [[analyzers]]
 name = "test-coverage"
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -5,4 +5,4 @@
 *.bzl @prestonvanloon

 # Anyone on prylabs team can approve dependency updates.
-deps.bzl @prysmaticlabs/core-team
+deps.bzl @prysmaticlabs/core-team
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -16,12 +16,12 @@ Existing issues often contain information about workarounds, resolution, or prog

 ### Description

-<!-- ✍️--> A clear and concise description of the problem or missing capability...
+<!-- ✍️ A clear and concise description of the problem or missing capability... --> 

 ### Describe the solution you'd like

-<!-- ✍️--> If you have a solution in mind, please describe it.
+<!-- ✍️ If you have a solution in mind, please describe it. --> 

 ### Describe alternatives you've considered

-<!-- ✍️--> Have you considered any alternative solutions or workarounds?
+<!-- ✍️ Have you considered any alternative solutions or workarounds? --> 
--- a/.github/actions/gofmt/Dockerfile
+++ b/.github/actions/gofmt/Dockerfile
@@ -1,5 +0,0 @@
-FROM cytopia/gofmt
-
-COPY entrypoint.sh /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]
--- a/.github/actions/gofmt/action.yml
+++ b/.github/actions/gofmt/action.yml
@@ -1,12 +0,0 @@
-name: 'Gofmt checker'
-description: 'Checks that all project files have been properly formatted.'
-inputs:
-  path:
-    description: 'Path to check'
-    required: true
-    default: './'
-runs:
-  using: 'docker'
-  image: 'Dockerfile'
-  args:
-    - ${{ inputs.path }}
--- a/.github/actions/gofmt/entrypoint.sh
+++ b/.github/actions/gofmt/entrypoint.sh
@@ -1,15 +0,0 @@
-#!/bin/sh -l
-set -e
-
-cd $GITHUB_WORKSPACE
-
-# Check if any files are not formatted.
-nonformatted="$(gofmt -l $1 2>&1)"
-
-# Return if `go fmt` passes.
-[ -z "$nonformatted" ] && exit 0
-
-# Notify of issues with formatting.
-echo "Following files need to be properly formatted:"
-echo "$nonformatted"
-exit 1
--- a/.github/actions/gomodtidy/entrypoint.sh
+++ b/.github/actions/gomodtidy/entrypoint.sh
@@ -1,13 +1,13 @@
 #!/bin/sh -l
 set -e
-export PATH=$PATH:/usr/local/go/bin
+export PATH="$PATH:/usr/local/go/bin"

-cd $GITHUB_WORKSPACE
+cd "$GITHUB_WORKSPACE"

 cp go.mod go.mod.orig
 cp go.sum go.sum.orig

-go mod tidy
+go mod tidy -compat=1.17

 echo "Checking go.mod and go.sum:"
 checks=0
--- a/.github/workflows/dappnode-release-trigger.yml
+++ b/.github/workflows/dappnode-release-trigger.yml
@@ -1,41 +0,0 @@
-name: Update DAppNodePackages
-
-on:
-  push:
-    tags:
-    - '*'
-
-jobs:
-  dappnode-update-beacon-chain:
-    name: Trigger a beacon-chain release
-    runs-on: ubuntu-latest
-    steps:
-    - name: Get latest tag
-      id: get_tag
-      run: echo ::set-output name=TAG::${GITHUB_REF/refs\/tags\//}
-    - name: Send dispatch event to DAppNodePackage-prysm-beacon-chain
-      env: 
-        DISPATCH_REPO: dappnode/DAppNodePackage-prysm-beacon-chain
-      run: |
-        curl -v -X POST -u "${{ secrets.PAT_GITHUB }}" \
-        -H "Accept: application/vnd.github.everest-preview+json" \
-        -H "Content-Type: application/json" \
-        --data '{"event_type":"new_release", "client_payload": { "tag":"${{ steps.get_tag.outputs.TAG }}"}}' \
-        https://api.github.com/repos/$DISPATCH_REPO/dispatches
-        
-  dappnode-update-validator:
-    name: Trigger a validator release
-    runs-on: ubuntu-latest
-    steps:
-    - name: Get latest tag
-      id: get_tag
-      run: echo ::set-output name=TAG::${GITHUB_REF/refs\/tags\//}
-    - name: Send dispatch event to DAppNodePackage validator repository
-      env: 
-        DISPATCH_REPO: dappnode/DAppNodePackage-prysm-validator
-      run: |
-        curl -v -X POST -u "${{ secrets.PAT_GITHUB }}" \
-        -H "Accept: application/vnd.github.everest-preview+json" \
-        -H "Content-Type: application/json" \
-        --data '{"event_type":"new_release", "client_payload": { "tag":"${{ steps.get_tag.outputs.TAG }}"}}' \
-        https://api.github.com/repos/$DISPATCH_REPO/dispatches
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -7,23 +7,53 @@ on:
    branches: [ '*' ]

 jobs:
-
-  check:
-    name: Check
+  formatting:
+    name: Formatting
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2

      - name: Go mod tidy checker
        id: gomodtidy
        uses: ./.github/actions/gomodtidy

-      - name: Gofmt checker
-        id: gofmt
-        uses: ./.github/actions/gofmt
+  gosec:
+    name: Gosec scan
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Go 1.19
+        uses: actions/setup-go@v3
        with:
-          path: ./
+          go-version: 1.19
+      - name: Run Gosec Security Scanner
+        run: | # https://github.com/securego/gosec/issues/469
+          export PATH=$PATH:$(go env GOPATH)/bin
+          go install github.com/securego/gosec/v2/cmd/gosec@v2.12.0
+          gosec -exclude=G307 -exclude-dir=crypto/bls/herumi ./...
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Go 1.19
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.19
+          id: go
+
+      - name: Golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.50.1
+          args: --config=.golangci.yml --out-${NO_FUTURE}format colored-line-number

  build:
    name: Build
@@ -32,7 +62,7 @@ jobs:
      - name: Set up Go 1.x
        uses: actions/setup-go@v2
        with:
-          go-version: ^1.14
+          go-version: 1.19
        id: go

      - name: Check out code into the Go module directory
@@ -44,7 +74,15 @@ jobs:

      - name: Build
        # Use blst tag to allow go and bazel builds for blst.
-        run: go build -v --tags=blst_enabled ./...
+        run: go build -v ./...
+        env: 
+           CGO_CFLAGS: "-O -D__BLST_PORTABLE__"
+        # fuzz leverage go tag based stubs at compile time.
+        # Building and testing with these tags should be checked and enforced at pre-submit.
+      - name: Test for fuzzing
+        run: go test  -tags=fuzz,develop ./...  -test.run=^Fuzz
+        env: 
+           CGO_CFLAGS: "-O -D__BLST_PORTABLE__"

 # Tests run via Bazel for now...
 #      - name: Test
--- a/.github/workflows/horusec.yaml
+++ b/.github/workflows/horusec.yaml
@@ -0,0 +1,22 @@
+name: Horusec Security Scan
+
+on:
+  schedule:
+    # Runs cron at 16.00 UTC on
+    - cron: '0 0 * * SUN'
+
+jobs:
+  Horusec_Scan:
+    name: horusec-Scan
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/develop'
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v2
+      with: # Required when commit authors is enabled
+        fetch-depth: 0
+        
+    - name: Running Security Scan
+      run: |
+        curl -fsSL https://raw.githubusercontent.com/ZupIT/horusec/main/deployments/scripts/install.sh | bash -s latest
+        horusec start -t="10000" -p="./" -e="true" -i="**/crypto/bls/herumi/**, **/**/*_test.go, **/third_party/afl/**, **/crypto/keystore/key.go"
--- a/.gitignore
+++ b/.gitignore
@@ -30,9 +30,14 @@ password.txt
 # Dist files
 dist

-# libfuzzer
-oom-*
-crash-*
-
 # deepsource cli
 bin
+
+# p2p metaData
+metaData
+
+# execution API authentication
+jwt.hex
+
+# manual testing
+tmp
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,69 +1,28 @@
-linters-settings:
-  govet:
-    check-shadowing: true
-    settings:
-      printf:
-        funcs:
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf
-          - (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf
-  golint:
-    min-confidence: 0
-  gocyclo:
-    min-complexity: 10
-  maligned:
-    suggest-new: true
-  dupl:
-    threshold: 100
-  goconst:
-    min-len: 2
-    min-occurrences: 2
-  depguard:
-    list-type: blacklist
-    packages:
-      # logging is allowed only by logutils.Log, logrus
-      # is allowed to use only in logutils package
-      - github.com/sirupsen/logrus
-  misspell:
-    locale: US
-  lll:
-    line-length: 140
-  goimports:
-    local-prefixes: github.com/golangci/golangci-lint
-  gocritic:
-    enabled-tags:
-      - performance
-      - style
-      - experimental
-    disabled-checks:
-      - wrapperFunc
+run:
+  skip-files:
+    - validator/web/site_data.go
+    - .*_test.go
+  skip-dirs:
+    - proto
+    - tools/analyzers
+  timeout: 10m
+  go: '1.19'

 linters:
-  enable:
-    - deadcode
-    - goconst
-    - goimports
-    - golint
-    - gosec
-    - misspell
-    - structcheck
-    - typecheck
-    - unparam
-    - varcheck
-    - gofmt
-    - unused
  disable-all: true
+  enable:
+    - gofmt
+    - goimports
+    - unused
+    - errcheck
+    - gosimple
+    - gocognit

-run:
-  skip-dirs:
-    - proto/
-    - ^contracts/
-  deadline: 10m
+linters-settings:
+  gocognit:
+    # TODO: We should target for < 50
+    min-complexity: 65

-# golangci.com configuration
-# https://github.com/golangci/golangci/wiki/Configuration
-service:
-  golangci-lint-version: 1.15.0 # use the fixed version to not introduce new linters unexpectedly
-  prepare:
-    - echo "here I can run custom commands, but no preparation needed for this repo"
+output:
+  print-issued-lines: true
+  sort-results: true
--- a/.well-known/security.txt
+++ b/.well-known/security.txt
@@ -5,21 +5,22 @@ Contact: mailto:security@prysmaticlabs.com
 Encryption: openpgp4fpr:0AE0051D647BA3C1A917AF4072E33E4DF1A5036E
 Encryption: openpgp4fpr:CD08DE68C60B82D3EE2A3F7D95452A701810FEDB
 Encryption: openpgp4fpr:317D6E91058F8F3C2303BA7756313E44581297A6
+Encryption: openpgp4fpr:79C59A585E3FD3AFFA00F5C22940A6479DA7C9EC
 Preferred-Languages: en
 Canonical: https://github.com/prysmaticlabs/prysm/tree/master/.well-known/security.txt
 -----BEGIN PGP SIGNATURE-----

-iQIzBAEBCgAdFiEECuAFHWR7o8GpF69AcuM+TfGlA24FAl++klgACgkQcuM+TfGl
-A27rQw/6A29p1W20J0v+h218p8XWLSUpTIGLnZTxw6KqdyVXMzlsQK0YG4G2s2AB
-0LKh7Ae/Di5E0U+Z4AjUW5nc5eaCxK36GMscH9Ah0rgJwNYxEJw7/2o8ZqVT/Ip2
-+56rFihRqxFZfaCNKFVuZFaL9jKewV9FKYP38ID6/SnTcrOHiu2AoAlyZGmB03p+
-iT57SPRHatygeY4xb/gwcfREFWEv+VHGyBTv8A+6ABZDxyurboCFMERHzFICrbmk
-8UdHxxlWZDnHAbAUyAwpERC5znx6IHXQJwF8TMtu6XY6a6axT2XBOyJDF9/mZOz+
-kdkz6loX5uxaQBGLtTv6Kqf1yUGANOZ16VhHvWwL209LmHmigIVQ+qSM6c79PsW/
-vrsqdz3GBsiMC5Fq2vYgnbgzpfE8Atjn0y7E+j4R7IvwOAE/Ro/b++nqnc4YqhME
-P/yTcfGftaCrdSNnQCXeoV9JxpFM5Xy8KV3eexvNKbcgA/9DtgxL5i+s5ZJkUT9A
-+qJvoRrRyIym32ghkHgtFJKB3PLCdobeoOVRk6EnMo9zKSiSK2rZEJW8Ccbo515D
-W9qUOn3GF7lNVuUFAU/YKEdmDp/AVaViZ7vH+8aq0LC0HBkZ8XlzWnWoArS8sMhw
-fX0R9g/HMgrwNte/d0mwim5lJ2Plgv60Bh4grJqwZJeWbU0zi1U=
-=uW+X
+iQIzBAEBCgAdFiEECuAFHWR7o8GpF69AcuM+TfGlA24FAmGOfiYACgkQcuM+TfGl
+A24YwRAAiQk3w6yzqSEggrOlNoNn04iu/rWZdn5ihkQgzACXy8XH2D1gdKLChE/X
+7e5bUtgE2aCuHryQjwoKxqZakviBJFstVmHgF64rXv2zKhpqA30Mj4fI+T3zn8I+
+FpFV0TTsxNLDx+AcR1eQ1nSayO7ImUDIfOQNDDnSZZy42Bc+F+QIGKB3aH/8bpG
+kT+bDTZrXvX+TE1gZTbAtZG8sH8g/zadoWEHIhfXUuYb0kTz+DRzAxoqU4j4Z4ee
+1zSfFAgfJwxJP4kWD7s4xkE1sBbCgGBeD6cW/C2lbcfIei+XSizLpHW3jD9dNqh4
+fLkmEspSa/LV/iXFq8nFzu/GLww4q+sQZDzzDKZyws54CrATinRitZMhzoIL0bTn
+yFZVOGHosFAMEVZ36dl1Aw2+B2W6tr2CVr9c5zfV+kup5/KZH1EmT5nYY/zFwfg2
+jYCFB5wmYeiyWZvuprgJXRArgVZLZaJxwWazlPVk4i/4vPvRgvfHqOwHCBe8DXy0
+VHPhpewwb/ECYek1KoaNQflgR8iH2GMHkC5RjhGDAt1S0AQDtite5m4ZYt1kvO9E
+k/znkv89dduhL9CKDvZvnI+DICwsTrf//4KJ8PM/qaPAJa4GvtiUU/eS/jKBivtv
+OP5dZQtX6KPc9ewqqZgn622uHSezoBidgeTkdZsJ6tw2eIu0lsY=
+=V7L0
 -----END PGP SIGNATURE-----
--- a/BUILD.bazel
+++ b/BUILD.bazel
@@ -3,7 +3,7 @@ load("@com_github_atlassian_bazel_tools//gometalinter:def.bzl", "gometalinter")
 load("@com_github_atlassian_bazel_tools//goimports:def.bzl", "goimports")
 load("@io_kubernetes_build//defs:run_in_workspace.bzl", "workspace_binary")
 load("@io_bazel_rules_go//go:def.bzl", "nogo")
-load("@graknlabs_bazel_distribution//common:rules.bzl", "assemble_targz", "assemble_versioned")
+load("@vaticle_bazel_distribution//common:rules.bzl", "assemble_targz", "assemble_versioned")
 load("@bazel_skylib//rules:common_settings.bzl", "string_setting")

 prefix = "github.com/prysmaticlabs/prysm"
@@ -12,9 +12,12 @@ exports_files([
    "LICENSE.md",
 ])

-# gazelle:prefix github.com/prysmaticlabs/prysm
+# gazelle:prefix github.com/prysmaticlabs/prysm/v3
 # gazelle:map_kind go_library go_library @prysm//tools/go:def.bzl
+# gazelle:map_kind go_test go_test @prysm//tools/go:def.bzl
 # gazelle:map_kind go_repository go_repository @prysm//tools/go:def.bzl
+# gazelle:build_tags bazel
+# gazelle:exclude tools/analyzers/**/testdata/**
 gazelle(
    name = "gazelle",
    prefix = prefix,
@@ -23,7 +26,16 @@ gazelle(
 # Protobuf compiler (non-gRPC)
 alias(
    name = "proto_compiler",
-    actual = "@io_bazel_rules_go//proto:gogofast_proto",
+    actual = "@io_bazel_rules_go//proto:go_proto",
+    visibility = [
+        "//proto:__subpackages__",
+    ],
+)
+
+# Cast protobuf compiler (non-gRPC)
+alias(
+    name = "cast_proto_compiler",
+    actual = "@com_github_prysmaticlabs_protoc_gen_go_cast//:go_cast",
    visibility = [
        "//proto:__subpackages__",
    ],
@@ -32,21 +44,21 @@ alias(
 # Protobuf compiler (gRPC)
 alias(
    name = "grpc_proto_compiler",
-    actual = "@io_bazel_rules_go//proto:gogofast_grpc",
+    actual = "@io_bazel_rules_go//proto:go_grpc",
    visibility = ["//visibility:public"],
 )

-# Protobuf gRPC compiler without gogoproto. Required for gRPC gateway.
+# Cast protobuf compiler (gRPC)
 alias(
-    name = "grpc_nogogo_proto_compiler",
-    actual = "@io_bazel_rules_go//proto:go_grpc",
+    name = "cast_grpc_proto_compiler",
+    actual = "@com_github_prysmaticlabs_protoc_gen_go_cast//:go_cast_grpc",
    visibility = ["//visibility:public"],
 )

 # Protobuf gRPC gateway compiler
 alias(
    name = "grpc_gateway_proto_compiler",
-    actual = "@com_github_grpc_ecosystem_grpc_gateway//protoc-gen-grpc-gateway:go_gen_grpc_gateway",
+    actual = "@com_github_grpc_ecosystem_grpc_gateway_v2//protoc-gen-grpc-gateway:go_gen_grpc_gateway",
    visibility = ["//visibility:public"],
 )

@@ -76,49 +88,54 @@ nogo(
    config = "nogo_config.json",
    visibility = ["//visibility:public"],
    deps = [
-        "@org_golang_x_tools//go/analysis/passes/unsafeptr:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/unreachable:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/unmarshal:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/tests:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/structtag:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/stdmethods:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/shift:go_tool_library",
-        # "@org_golang_x_tools//go/analysis/passes/shadow:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/printf:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/pkgfact:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/nilness:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/nilfunc:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/loopclosure:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/httpresponse:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/findcall:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/deepequalerrors:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/ctrlflow:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/copylock:go_tool_library",
-        #  "@org_golang_x_tools//go/analysis/passes/cgocall:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/buildtag:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/buildssa:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/bools:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/atomicalign:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/atomic:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/assign:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/inspect:go_tool_library",
-        "@org_golang_x_tools//go/analysis/passes/asmdecl:go_tool_library",
-        "//tools/analyzers/maligned:go_tool_library",
-        "//tools/analyzers/cryptorand:go_tool_library",
-        "//tools/analyzers/errcheck:go_tool_library",
-        "//tools/analyzers/featureconfig:go_tool_library",
-        "//tools/analyzers/comparesame:go_tool_library",
-        "//tools/analyzers/shadowpredecl:go_tool_library",
-        "//tools/analyzers/nop:go_tool_library",
-        "//tools/analyzers/slicedirect:go_tool_library",
-        "//tools/analyzers/ineffassign:go_tool_library",
-        "//tools/analyzers/properpermissions:go_tool_library",
+        "@org_golang_x_tools//go/analysis/passes/unsafeptr:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/unreachable:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/unmarshal:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/tests:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/structtag:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/stdmethods:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/shift:go_default_library",
+        # "@org_golang_x_tools//go/analysis/passes/shadow:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/printf:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/pkgfact:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/nilness:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/nilfunc:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/loopclosure:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/httpresponse:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/findcall:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/deepequalerrors:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/ctrlflow:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/copylock:go_default_library",
+        #  "@org_golang_x_tools//go/analysis/passes/cgocall:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/buildtag:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/buildssa:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/bools:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/atomicalign:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/atomic:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/assign:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/inspect:go_default_library",
+        "@org_golang_x_tools//go/analysis/passes/asmdecl:go_default_library",
+        "//tools/analyzers/comparesame:go_default_library",
+        "//tools/analyzers/cryptorand:go_default_library",
+        "//tools/analyzers/errcheck:go_default_library",
+        "//tools/analyzers/featureconfig:go_default_library",
+        "//tools/analyzers/gocognit:go_default_library",
+        "//tools/analyzers/ineffassign:go_default_library",
+        "//tools/analyzers/interfacechecker:go_default_library",
+        "//tools/analyzers/logruswitherror:go_default_library",
+        "//tools/analyzers/maligned:go_default_library",
+        "//tools/analyzers/nop:go_default_library",
+        "//tools/analyzers/properpermissions:go_default_library",
+        "//tools/analyzers/recursivelock:go_default_library",
+        "//tools/analyzers/shadowpredecl:go_default_library",
+        "//tools/analyzers/slicedirect:go_default_library",
+        "//tools/analyzers/uintcast:go_default_library",
    ] + select({
        # nogo checks that fail with coverage enabled.
        ":coverage_enabled": [],
        "//conditions:default": [
-            "@org_golang_x_tools//go/analysis/passes/lostcancel:go_tool_library",
-            "@org_golang_x_tools//go/analysis/passes/composite:go_tool_library",
+            "@org_golang_x_tools//go/analysis/passes/lostcancel:go_default_library",
+            "@org_golang_x_tools//go/analysis/passes/composite:go_default_library",
        ],
    }),
 )
@@ -133,17 +150,8 @@ common_files = {
    "//:README.md": "README.md",
 }

-toolchain(
-    name = "built_cmake_toolchain",
-    toolchain = "@rules_foreign_cc//tools/build_defs/native_tools:built_cmake",
-    toolchain_type = "@rules_foreign_cc//tools/build_defs:cmake_toolchain",
-)
-
-string_setting(
-    name = "gotags",
-    build_setting_default = "",
-    values = [
-        "",
-        "libfuzzer",
-    ],
+sh_binary(
+    name = "prysm_sh",
+    srcs = ["prysm.sh"],
+    visibility = ["//visibility:public"],
 )
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -175,7 +175,7 @@ We consider two types of contributions to our repo and categorize them as follow

 ### Part-Time Contributors

-Anyone can become a part-time contributor and help out on implementing eth2. The responsibilities of a part-time contributor include:
+Anyone can become a part-time contributor and help out on implementing Ethereum consensus. The responsibilities of a part-time contributor include:

 -   Engaging in Gitter conversations, asking the questions on how to begin contributing to the project
 -   Opening up github issues to express interest in code to implement
@@ -190,7 +190,7 @@ Anyone can become a part-time contributor and help out on implementing eth2. The

 Core contributors are remote contractors of Prysmatic Labs, LLC. and are considered critical team members of our organization. Core devs have all of the responsibilities of part-time contributors plus the majority of the following:

-   Stay up to date on the latest beacon chain sepcification
+-   Stay up to date on the latest beacon chain specification
 -   Monitor github issues and PR’s to make sure owner, labels, descriptions are correct
 -   Formulate independent ideas, suggest new work to do, point out improvements to existing approaches
 -   Participate in code review, ensure code quality is excellent, and have ensure high code coverage
--- a/DEPENDENCIES.md
+++ b/DEPENDENCIES.md
@@ -1,4 +1,4 @@
-# Dependency Managagement in Prysm
+# Dependency Management in Prysm

 Prysm is go project with many complicated dependencies, including some c++ based libraries. There
 are two parts to Prysm's dependency management. Go modules and bazel managed dependencies. Be sure 
@@ -28,13 +28,13 @@ including complicated c++ dependencies.
 One key advantage of Bazel over vanilla `go build` is that Bazel automatically (re)builds generated
 pb.go files at build time when file changes are present in any protobuf definition file or after
 any updates to the protobuf compiler or other relevant dependencies. Vanilla go users should run
-the following scripts often to ensure their generated files are up to date. Further more, Prysm
+the following scripts often to ensure their generated files are up to date. Furthermore, Prysm
 generates SSZ marshal related code based on defined data structures. These generated files must
 also be updated and checked in as frequently.

 ```bash
-./scripts/update-go-pbs.sh
-./scripts/update-go-ssz.sh
+./hack/update-go-pbs.sh
+./hack/update-go-ssz.sh
 ```

 *Recommendation: Use go build only for local development and use bazel build for production.*
--- a/INTEROP.md
+++ b/INTEROP.md
@@ -1,6 +1,6 @@
 # Prysm Client Interoperability Guide

-This README details how to setup Prysm for interop testing for usage with other Ethereum 2.0 clients.
+This README details how to setup Prysm for interop testing for usage with other Ethereum consensus clients.

 ## Installation & Setup

@@ -26,15 +26,18 @@ You can use `bazel run //tools/genesis-state-gen` to create a deterministic gene
 ### Usage

 - **--genesis-time** uint: Unix timestamp used as the genesis time in the generated genesis state (defaults to now)
- **--mainnet-config** bool: Select whether genesis state should be generated with mainnet or minimal (default) params
 - **--num-validators** int: Number of validators to deterministically include in the generated genesis state
 - **--output-ssz** string: Output filename of the SSZ marshaling of the generated genesis state
+- **--config-name=interop** string: name of the beacon chain config to use when generating the state. ex mainnet|minimal|interop
+
+**deprecated flag: use --config-name instead**
+- **--mainnet-config** bool: Select whether genesis state should be generated with mainnet or minimal (default) params

 The example below creates 64 validator keys, instantiates a genesis state with those 64 validators and with genesis unix timestamp 1567542540,
-and finally writes a ssz encoded output to ~/Desktop/genesis.ssz. This file can be used to kickstart the beacon chain in the next section.
+and finally writes a ssz encoded output to ~/Desktop/genesis.ssz. This file can be used to kickstart the beacon chain in the next section. When using the `--interop-*` flags, the beacon node will assume the `interop` config should be used, unless a different config is specified on the command line.

 ```
-bazel run //tools/genesis-state-gen -- --output-ssz ~/Desktop/genesis.ssz --num-validators 64 --genesis-time 1567542540
+bazel run //tools/genesis-state-gen -- --config-name interop --output-ssz ~/Desktop/genesis.ssz --num-validators 64 --genesis-time 1567542540
 ```

 ## Launching a Beacon Node + Validator Client
@@ -46,8 +49,10 @@ Open up two terminal windows, run:
 ```
 bazel run //beacon-chain -- \
 --bootstrap-node= \
--deposit-contract $(curl -s https://prylabs.net/contract) \
+--deposit-contract 0x8A04d14125D0FDCDc742F4A05C051De07232EDa4 \
+--datadir=/tmp/beacon-chain-interop \
 --force-clear-db \
+--min-sync-peers=0 \
 --interop-num-validators 64 \
 --interop-eth1data-votes
 ```
@@ -69,8 +74,10 @@ Assuming you generated a `genesis.ssz` file with 64 validators, open up two term
 ```
 bazel run //beacon-chain -- \
 --bootstrap-node= \
--deposit-contract $(curl -s https://prylabs.net/contract) \
+--deposit-contract 0x8A04d14125D0FDCDc742F4A05C051De07232EDa4 \
+--datadir=/tmp/beacon-chain-interop \
 --force-clear-db \
+--min-sync-peers=0 \
 --interop-genesis-state /path/to/genesis.ssz \
 --interop-eth1data-votes
 ```
--- a/README.md
+++ b/README.md
@@ -1,11 +1,13 @@
-# Prysm: An Ethereum 2.0 Implementation Written in Go
+# Prysm: An Ethereum Consensus Implementation Written in Go

 [![Build status](https://badge.buildkite.com/b555891daf3614bae4284dcf365b2340cefc0089839526f096.svg?branch=master)](https://buildkite.com/prysmatic-labs/prysm)
 [![Go Report Card](https://goreportcard.com/badge/github.com/prysmaticlabs/prysm)](https://goreportcard.com/report/github.com/prysmaticlabs/prysm)
-[![ETH2.0_Spec_Version 1.0.0](https://img.shields.io/badge/ETH2.0%20Spec%20Version-v1.0.0-blue.svg)](https://github.com/ethereum/eth2.0-specs/tree/v1.0.0)
+[![Consensus_Spec_Version 1.2.0](https://img.shields.io/badge/Consensus%20Spec%20Version-v1.2.0-blue.svg)](https://github.com/ethereum/consensus-specs/tree/v1.2.0)
+[![Execution_API_Version 1.0.0-beta.1](https://img.shields.io/badge/Execution%20API%20Version-v1.0.0.beta.1-blue.svg)](https://github.com/ethereum/execution-apis/tree/v1.0.0-beta.1/src/engine)
 [![Discord](https://user-images.githubusercontent.com/7288322/34471967-1df7808a-efbb-11e7-9088-ed0b04151291.png)](https://discord.gg/CTYGPUJ)
+[![GitPOAP Badge](https://public-api.gitpoap.io/v1/repo/prysmaticlabs/prysm/badge)](https://www.gitpoap.io/gh/prysmaticlabs/prysm)

-This is the core repository for Prysm, a [Golang](https://golang.org/) implementation of the [Ethereum 2.0](https://ethereum.org/en/eth2/) specification, developed by [Prysmatic Labs](https://prysmaticlabs.com). See the [Changelog](https://github.com/prysmaticlabs/prysm/releases) for details of the latest releases and upcoming breaking changes.
+This is the core repository for Prysm, a [Golang](https://golang.org/) implementation of the [Ethereum Consensus](https://ethereum.org/en/eth2/) specification, developed by [Prysmatic Labs](https://prysmaticlabs.com). See the [Changelog](https://github.com/prysmaticlabs/prysm/releases) for details of the latest releases and upcoming breaking changes.

 ### Getting Started

--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+[Releases](https://github.com/prysmaticlabs/prysm/releases/) contains all available releases. We recommend using the [most recently released version](https://github.com/prysmaticlabs/prysm/releases/latest).
+
+## Reporting a Vulnerability
+
+Please see our signed [security.txt](https://github.com/prysmaticlabs/prysm/blob/develop/.well-known/security.txt) for preferred encryption and reporting destination.
+
+**Please do not file a public ticket** mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being used before a fix has been created, released and installed on the network.
--- a/TERMS_OF_SERVICE.md
+++ b/TERMS_OF_SERVICE.md
@@ -5,7 +5,7 @@ Effective as of Oct 14, 2020
 By downloading, accessing or using the Prysm implementation (“Prysm”), you (referenced herein as “you” or the “user”) certify that you have read and agreed to the terms and conditions below (the “Terms”) which form a binding contract between you and Prysmatic Labs (referenced herein as “we” or “us”). If you do not agree to the Terms, do not download or use Prysm.

 ### About Prysm
-Prysm is a client implementation for Ethereum 2.0 Phase 0 protocol for a proof-of-stake blockchain. To participate in the network, a user must send ETH from the Eth1.0 chain into a validator deposit contract, which will queue in the user as a validator in the system. Validators participate in proposing and voting on blocks in the protocol, and the network applies rewards/penalties based on their behavior. A detailed set of installation and usage instructions as well as breakdowns of each individual component are available in the official documentation portal, however, we do not warrant the accuracy, completeness or usefulness of this documentation. Any reliance you place on such information is strictly at your own risk.
+Prysm is a client implementation for Ethereum consensus protocol for a proof-of-stake blockchain. To participate in the network, a user must send ETH from the Eth1.0 chain into a validator deposit contract, which will queue in the user as a validator in the system. Validators participate in proposing and voting on blocks in the protocol, and the network applies rewards/penalties based on their behavior. A detailed set of installation and usage instructions as well as breakdowns of each individual component are available in the official documentation portal, however, we do not warrant the accuracy, completeness or usefulness of this documentation. Any reliance you place on such information is strictly at your own risk.

 ### Licensing Terms
 Prysm is a fully open-source software program licensed pursuant to the GNU General Public License v3.0.
@@ -13,7 +13,7 @@ Prysm is a fully open-source software program licensed pursuant to the GNU Gener
 The Prysmatic Labs name, the term “Prysm” and all related names, logos, product and service names, designs and slogans are trademarks of Prysmatic Labs or its affiliates and/or licensors. You must not use such marks without our prior written permission.

 ### Risks of Operating Prysm
-The use of Prysm and acting as a validator on the Ethereum 2.0 network can lead to loss of money. Ethereum is still an experimental system and ETH remains a risky investment. You alone are responsible for your actions on Prysm including the security of your ETH and meeting any applicable minimum system requirements.
+The use of Prysm and acting as a validator on the Ethereum network can lead to loss of money. Ethereum is still an experimental system and ETH remains a risky investment. You alone are responsible for your actions on Prysm including the security of your ETH and meeting any applicable minimum system requirements.

 Use of Prysm and the ability to receive rewards or penalties may be affected at any time by mistakes made by the user or other users, software problems such as bugs, errors, incorrectly constructed transactions, unsafe cryptographic libraries or malware affecting the network, technical failures in the hardware of a user, security problems experienced by a user and/or actions or inactions of third parties and/or events experienced by third parties, among other risks. We cannot and do not guarantee that any user of Prysm will make money, that the Prysm network will operate in accordance with the documentation or that transactions will be effective or secure.

--- a/326
+++ b/326
@@ -15,9 +15,9 @@ http_archive(

 http_archive(
    name = "com_grail_bazel_toolchain",
-    sha256 = "b924b102adc0c3368d38a19bd971cb4fa75362a27bc363d0084b90ca6877d3f0",
-    strip_prefix = "bazel-toolchain-0.5.7",
-    urls = ["https://github.com/grailbio/bazel-toolchain/archive/0.5.7.tar.gz"],
+    sha256 = "b210fc8e58782ef171f428bfc850ed7179bdd805543ebd1aa144b9c93489134f",
+    strip_prefix = "bazel-toolchain-83e69ba9e4b4fdad0d1d057fcb87addf77c281c9",
+    urls = ["https://github.com/grailbio/bazel-toolchain/archive/83e69ba9e4b4fdad0d1d057fcb87addf77c281c9.tar.gz"],
 )

 load("@com_grail_bazel_toolchain//toolchain:deps.bzl", "bazel_toolchain_dependencies")
@@ -28,7 +28,7 @@ load("@com_grail_bazel_toolchain//toolchain:rules.bzl", "llvm_toolchain")

 llvm_toolchain(
    name = "llvm_toolchain",
-    llvm_version = "10.0.0",
+    llvm_version = "13.0.1",
 )

 load("@llvm_toolchain//:toolchains.bzl", "llvm_register_toolchains")
@@ -60,10 +60,10 @@ bazel_skylib_workspace()

 http_archive(
    name = "bazel_gazelle",
-    sha256 = "222e49f034ca7a1d1231422cdb67066b885819885c356673cb1f72f748a3c9d4",
+    sha256 = "5982e5463f171da99e3bdaeff8c0f48283a7a5f396ec5282910b9e8a49c0dd7e",
    urls = [
-        "https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.22.3/bazel-gazelle-v0.22.3.tar.gz",
-        "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.22.3/bazel-gazelle-v0.22.3.tar.gz",
+        "https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.25.0/bazel-gazelle-v0.25.0.tar.gz",
+        "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.25.0/bazel-gazelle-v0.25.0.tar.gz",
    ],
 )

@@ -76,23 +76,22 @@ http_archive(

 http_archive(
    name = "io_bazel_rules_docker",
-    sha256 = "1286175a94c0b1335efe1d75d22ea06e89742557d3fac2a0366f242a6eac6f5a",
-    strip_prefix = "rules_docker-ba4310833230294fa69b7d6ea1787ac684631a7d",
-    urls = ["https://github.com/bazelbuild/rules_docker/archive/ba4310833230294fa69b7d6ea1787ac684631a7d.tar.gz"],
+    sha256 = "1f4e59843b61981a96835dc4ac377ad4da9f8c334ebe5e0bb3f58f80c09735f4",
+    strip_prefix = "rules_docker-0.19.0",
+    urls = ["https://github.com/bazelbuild/rules_docker/releases/download/v0.19.0/rules_docker-v0.19.0.tar.gz"],
 )

 http_archive(
    name = "io_bazel_rules_go",
    patch_args = ["-p1"],
    patches = [
-        # Required until https://github.com/bazelbuild/rules_go/pull/2450 merges otherwise nilness
-        # nogo check fails for certain third_party dependencies.
-        "//third_party:io_bazel_rules_go.patch",
+        # Expose internals of go_test for custom build transitions.
+        "//third_party:io_bazel_rules_go_test.patch",
    ],
-    sha256 = "52d0a57ea12139d727883c2fef03597970b89f2cc2a05722c42d1d7d41ec065b",
+    sha256 = "ae013bf35bd23234d1dea46b079f1e05ba74ac0321423830119d3e787ec73483",
    urls = [
-        "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.24.13/rules_go-v0.24.13.tar.gz",
-        "https://github.com/bazelbuild/rules_go/releases/download/v0.24.13/rules_go-v0.24.13.tar.gz",
+        "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.36.0/rules_go-v0.36.0.zip",
+        "https://github.com/bazelbuild/rules_go/releases/download/v0.36.0/rules_go-v0.36.0.zip",
    ],
 )

@@ -111,20 +110,6 @@ git_repository(
    # gazelle args: -go_prefix github.com/gogo/protobuf -proto legacy
 )

-http_archive(
-    name = "fuzzit_linux",
-    build_file_content = "exports_files([\"fuzzit\"])",
-    sha256 = "9ca76ac1c22d9360936006efddf992977ebf8e4788ded8e5f9d511285c9ac774",
-    urls = ["https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.76/fuzzit_Linux_x86_64.zip"],
-)
-
-git_repository(
-    name = "graknlabs_bazel_distribution",
-    commit = "962f3a7e56942430c0ec120c24f9e9f2a9c2ce1a",
-    remote = "https://github.com/graknlabs/bazel-distribution",
-    shallow_since = "1569509514 +0300",
-)
-
 load(
    "@io_bazel_rules_docker//repositories:repositories.bzl",
    container_repositories = "repositories",
@@ -137,6 +122,34 @@ load(
    "container_pull",
 )

+container_pull(
+    name = "cc_image_base",
+    digest = "sha256:41036fc7ed8df0f6addc18484cef0c94a85867508967789f947e11ffd5ff0cc8",
+    registry = "gcr.io",
+    repository = "distroless/cc",
+)
+
+container_pull(
+    name = "cc_debug_image_base",
+    digest = "sha256:6865ad48467c89c3c3524d4c426f52ad12d9ab7dec31fad31fae69da40eb6445",
+    registry = "gcr.io",
+    repository = "distroless/cc",
+)
+
+container_pull(
+    name = "go_image_base",
+    digest = "sha256:b9b124f955961599e72630654107a0cf04e08e6fa777fa250b8f840728abd770",
+    registry = "gcr.io",
+    repository = "distroless/base",
+)
+
+container_pull(
+    name = "go_debug_image_base",
+    digest = "sha256:65668d2b78d25df3d8ccf5a778d017fcaba513b52078c700083eaeef212b9979",
+    registry = "gcr.io",
+    repository = "distroless/base",
+)
+
 container_pull(
    name = "alpine_cc_linux_amd64",
    digest = "sha256:752aa0c9a88461ffc50c5267bb7497ef03a303e38b2c8f7f2ded9bebe5f1f00e",
@@ -144,65 +157,15 @@ container_pull(
    repository = "pinglamb/alpine-glibc",
 )

-container_pull(
-    name = "fuzzit_base",
-    digest = "sha256:24a39a4360b07b8f0121eb55674a2e757ab09f0baff5569332fefd227ee4338f",
-    registry = "gcr.io",
-    repository = "fuzzit-public/stretch-llvm8",
-)
-
 load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")

 go_rules_dependencies()

 go_register_toolchains(
-    go_version = "1.16",
+    go_version = "1.19.4",
    nogo = "@//:nogo",
 )

-load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
-
-gazelle_dependencies()
-
-load("@io_bazel_rules_go//extras:embed_data_deps.bzl", "go_embed_data_dependencies")
-
-go_embed_data_dependencies()
-
-load("@com_github_atlassian_bazel_tools//gometalinter:deps.bzl", "gometalinter_dependencies")
-
-gometalinter_dependencies()
-
-load(
-    "@io_bazel_rules_docker//go:image.bzl",
-    _go_image_repos = "repositories",
-)
-
-# Golang images
-# This is using gcr.io/distroless/base
-_go_image_repos()
-
-# CC images
-# This is using gcr.io/distroless/base
-load(
-    "@io_bazel_rules_docker//cc:image.bzl",
-    _cc_image_repos = "repositories",
-)
-
-_cc_image_repos()
-
-http_archive(
-    name = "prysm_testnet_site",
-    build_file_content = """
-proto_library(
-  name = "faucet_proto",
-  srcs = ["src/proto/faucet.proto"],
-  visibility = ["//visibility:public"],
-)""",
-    sha256 = "29742136ff9faf47343073c4569a7cf21b8ed138f726929e09e3c38ab83544f7",
-    strip_prefix = "prysm-testnet-site-5c711600f0a77fc553b18cf37b880eaffef4afdb",
-    url = "https://github.com/prestonvanloon/prysm-testnet-site/archive/5c711600f0a77fc553b18cf37b880eaffef4afdb.tar.gz",
-)
-
 http_archive(
    name = "io_kubernetes_build",
    sha256 = "b84fbd1173acee9d02a7d3698ad269fdf4f7aa081e9cecd40e012ad0ad8cfa2a",
@@ -222,142 +185,129 @@ filegroup(
 )
    """,
    sha256 = "91434d5fd5e1c6eb7b0174fed2afe25e09bddf00e1e4c431db931b2cee4e7773",
-    url = "https://github.com/eth2-clients/slashing-protection-interchange-tests/archive/b8413ca42dc92308019d0d4db52c87e9e125c4e9.tar.gz",
+    url = "https://github.com/eth-clients/slashing-protection-interchange-tests/archive/b8413ca42dc92308019d0d4db52c87e9e125c4e9.tar.gz",
 )

+consensus_spec_version = "v1.3.0-rc.2"
+
+consensus_spec_test_version = "v1.3.0-rc.2-hotfix"
+
+bls_test_version = "v0.1.1"
+
 http_archive(
-    name = "eth2_spec_tests_general",
+    name = "consensus_spec_tests_general",
    build_file_content = """
 filegroup(
    name = "test_data",
    srcs = glob([
-        "**/*.ssz",
+        "**/*.ssz_snappy",
        "**/*.yaml",
    ]),
    visibility = ["//visibility:public"],
 )
    """,
-    sha256 = "ef5396e4b13995da9776eeb5ae346a2de90970c28da3c4f0dcaa4ab9f0ad1f93",
-    url = "https://github.com/ethereum/eth2.0-spec-tests/releases/download/v1.0.0/general.tar.gz",
+    sha256 = "11fed0121d7a79b6da3671ecbd8aa08bcd3fc2316450eeae2d0e065371910ef9",
+    url = "https://github.com/ethereum/consensus-spec-tests/releases/download/%s/general.tar.gz" % consensus_spec_test_version,
 )

 http_archive(
-    name = "eth2_spec_tests_minimal",
+    name = "consensus_spec_tests_minimal",
    build_file_content = """
 filegroup(
    name = "test_data",
    srcs = glob([
-        "**/*.ssz",
+        "**/*.ssz_snappy",
        "**/*.yaml",
    ]),
    visibility = ["//visibility:public"],
 )
    """,
-    sha256 = "170551b441e7d54b73248372ad9ce8cb6c148810b5f1364637117a63f4f1c085",
-    url = "https://github.com/ethereum/eth2.0-spec-tests/releases/download/v1.0.0/minimal.tar.gz",
+    sha256 = "8fbec5f1fa30fb1194b42230bf75f05690a72cf3c56af5b5ac8aafb94c60fc19",
+    url = "https://github.com/ethereum/consensus-spec-tests/releases/download/%s/minimal.tar.gz" % consensus_spec_test_version,
 )

 http_archive(
-    name = "eth2_spec_tests_mainnet",
+    name = "consensus_spec_tests_mainnet",
    build_file_content = """
 filegroup(
    name = "test_data",
    srcs = glob([
-        "**/*.ssz",
+        "**/*.ssz_snappy",
        "**/*.yaml",
    ]),
    visibility = ["//visibility:public"],
 )
    """,
-    sha256 = "b541a9979b4703fa5ee5d2182b0b5313c38efc54ae7eaec2eef793230a52ec83",
-    url = "https://github.com/ethereum/eth2.0-spec-tests/releases/download/v1.0.0/mainnet.tar.gz",
+    sha256 = "cb22875dbb67b12f577d12a5aa8074de4c8bd31d74fff45cc110be515c1df847",
+    url = "https://github.com/ethereum/consensus-spec-tests/releases/download/%s/mainnet.tar.gz" % consensus_spec_test_version,
+)
+
+http_archive(
+    name = "consensus_spec",
+    build_file_content = """
+filegroup(
+    name = "spec_data",
+    srcs = glob([
+        "**/*.yaml",
+    ]),
+    visibility = ["//visibility:public"],
+)
+    """,
+    sha256 = "c728947ccf8b628691c76cc92f2f59c02f1c7882a463f26365d32c098bb946b8",
+    strip_prefix = "consensus-specs-" + consensus_spec_version[1:],
+    url = "https://github.com/ethereum/consensus-specs/archive/refs/tags/%s.tar.gz" % consensus_spec_version,
+)
+
+http_archive(
+    name = "bls_spec_tests",
+    build_file_content = """
+filegroup(
+    name = "test_data",
+    srcs = glob([
+        "**/*.yaml",
+    ]),
+    visibility = ["//visibility:public"],
+)
+    """,
+    sha256 = "93c7d006e7c5b882cbd11dc9ec6c5d0e07f4a8c6b27a32f964eb17cf2db9763a",
+    url = "https://github.com/ethereum/bls12-381-tests/releases/download/%s/bls_tests_yaml.tar.gz" % bls_test_version,
+)
+
+http_archive(
+    name = "eth2_networks",
+    build_file_content = """
+filegroup(
+    name = "configs",
+    srcs = glob([
+        "shared/**/config.yaml",
+    ]),
+    visibility = ["//visibility:public"],
+)
+    """,
+    sha256 = "82b01a48b143fe0f2fb7fb5f5dd385c1f934335a12d7954f08b1d45d77427b5e",
+    strip_prefix = "eth2-networks-674f7a1d01d9c18345456eab76e3871b3df2126b",
+    url = "https://github.com/eth-clients/eth2-networks/archive/674f7a1d01d9c18345456eab76e3871b3df2126b.tar.gz",
 )

 http_archive(
    name = "com_github_bazelbuild_buildtools",
-    sha256 = "b5d7dbc6832f11b6468328a376de05959a1a9e4e9f5622499d3bab509c26b46a",
-    strip_prefix = "buildtools-bf564b4925ab5876a3f64d8b90fab7f769013d42",
-    url = "https://github.com/bazelbuild/buildtools/archive/bf564b4925ab5876a3f64d8b90fab7f769013d42.zip",
+    sha256 = "7a182df18df1debabd9e36ae07c8edfa1378b8424a04561b674d933b965372b3",
+    strip_prefix = "buildtools-f2aed9ee205d62d45c55cfabbfd26342f8526862",
+    url = "https://github.com/bazelbuild/buildtools/archive/f2aed9ee205d62d45c55cfabbfd26342f8526862.zip",
 )

-load("@com_github_bazelbuild_buildtools//buildifier:deps.bzl", "buildifier_dependencies")
-
-buildifier_dependencies()
-
 git_repository(
    name = "com_google_protobuf",
-    commit = "fde7cf7358ec7cd69e8db9be4f1fa6a5c431386a",  # v3.13.0
+    commit = "436bd7880e458532901c58f4d9d1ea23fa7edd52",
    remote = "https://github.com/protocolbuffers/protobuf",
-    shallow_since = "1597443653 -0700",
+    shallow_since = "1617835118 -0700",
 )

-load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps")
-
-protobuf_deps()
-
 # Group the sources of the library so that CMake rule have access to it
 all_content = """filegroup(name = "all", srcs = glob(["**"]), visibility = ["//visibility:public"])"""

-http_archive(
-    name = "rules_foreign_cc",
-    sha256 = "b85ce66a3410f7370d1a9a61dfe3a29c7532b7637caeb2877d8d0dfd41d77abb",
-    strip_prefix = "rules_foreign_cc-3515b20a2417c4dd51c8a4a8cac1f6ecf3c6d934",
-    url = "https://github.com/bazelbuild/rules_foreign_cc/archive/3515b20a2417c4dd51c8a4a8cac1f6ecf3c6d934.zip",
-)
-
-load("@rules_foreign_cc//:workspace_definitions.bzl", "rules_foreign_cc_dependencies")
-
-rules_foreign_cc_dependencies([
-    "@prysm//:built_cmake_toolchain",
-])
-
-http_archive(
-    name = "librdkafka",
-    build_file_content = all_content,
-    sha256 = "3b99a36c082a67ef6295eabd4fb3e32ab0bff7c6b0d397d6352697335f4e57eb",
-    strip_prefix = "librdkafka-1.4.2",
-    urls = ["https://github.com/edenhill/librdkafka/archive/v1.4.2.tar.gz"],
-)
-
-http_archive(
-    name = "sigp_beacon_fuzz_corpora",
-    build_file = "//third_party:beacon-fuzz/corpora.BUILD",
-    sha256 = "42993d0901a316afda45b4ba6d53c7c21f30c551dcec290a4ca131c24453d1ef",
-    strip_prefix = "beacon-fuzz-corpora-bac24ad78d45cc3664c0172241feac969c1ac29b",
-    urls = [
-        "https://github.com/sigp/beacon-fuzz-corpora/archive/bac24ad78d45cc3664c0172241feac969c1ac29b.tar.gz",
-    ],
-)
-
 # External dependencies

-http_archive(
-    name = "sszgen",  # Hack because we don't want to build this binary with libfuzzer, but need it to build.
-    build_file_content = """
-load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_binary")
-
-go_library(
-    name = "go_default_library",
-    srcs = [
-        "sszgen/main.go",
-        "sszgen/marshal.go",
-        "sszgen/size.go",
-        "sszgen/unmarshal.go",
-    ],
-    importpath = "github.com/ferranbt/fastssz/sszgen",
-    visibility = ["//visibility:private"],
-)
-
-go_binary(
-    name = "sszgen",
-    embed = [":go_default_library"],
-    visibility = ["//visibility:public"],
-)
-    """,
-    strip_prefix = "fastssz-06015a5d84f9e4eefe2c21377ca678fa8f1a1b09",
-    urls = ["https://github.com/ferranbt/fastssz/archive/06015a5d84f9e4eefe2c21377ca678fa8f1a1b09.tar.gz"],
-)
-
 http_archive(
    name = "prysm_web_ui",
    build_file_content = """
@@ -367,9 +317,9 @@ filegroup(
    visibility = ["//visibility:public"],
 )
 """,
-    sha256 = "edb80f3a695d84f6000f0e05abf7a4bbf207c03abb91219780ec97e7d6ad21c8",
+    sha256 = "b2226874526805d64c29e5053fa28e511b57c0860585d6d59777ee81ff4859ca",
    urls = [
-        "https://github.com/prysmaticlabs/prysm-web-ui/releases/download/v1.0.0-beta.3/prysm-web-ui.tar.gz",
+        "https://github.com/prysmaticlabs/prysm-web-ui/releases/download/v2.0.2/prysm-web-ui.tar.gz",
    ],
 )

@@ -382,8 +332,46 @@ load("@prysm//third_party/herumi:herumi.bzl", "bls_dependencies")

 bls_dependencies()

-load("@com_github_ethereum_go_ethereum//:deps.bzl", "geth_dependencies")
+load("@prysm//testing/endtoend:deps.bzl", "e2e_deps")

-geth_dependencies()
+e2e_deps()
+
+load(
+    "@io_bazel_rules_docker//go:image.bzl",
+    _go_image_repos = "repositories",
+)
+
+# Golang images
+# This is using gcr.io/distroless/base
+_go_image_repos()
+
+# CC images
+# This is using gcr.io/distroless/base
+load(
+    "@io_bazel_rules_docker//cc:image.bzl",
+    _cc_image_repos = "repositories",
+)
+
+_cc_image_repos()
+
+load("@io_bazel_rules_go//extras:embed_data_deps.bzl", "go_embed_data_dependencies")
+
+go_embed_data_dependencies()
+
+load("@com_github_atlassian_bazel_tools//gometalinter:deps.bzl", "gometalinter_dependencies")
+
+gometalinter_dependencies()
+
+load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
+
+gazelle_dependencies()
+
+load("@com_github_bazelbuild_buildtools//buildifier:deps.bzl", "buildifier_dependencies")
+
+buildifier_dependencies()
+
+load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps")
+
+protobuf_deps()

 # Do NOT add new go dependencies here! Refer to DEPENDENCIES.md!
--- a/api/client/beacon/BUILD.bazel
+++ b/api/client/beacon/BUILD.bazel
@@ -0,0 +1,55 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "checkpoint.go",
+        "client.go",
+        "doc.go",
+        "errors.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/client/beacon",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//beacon-chain/core/helpers:go_default_library",
+        "//beacon-chain/rpc/apimiddleware:go_default_library",
+        "//beacon-chain/state:go_default_library",
+        "//consensus-types/interfaces:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//encoding/ssz/detect:go_default_library",
+        "//io/file:go_default_library",
+        "//network/forks:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//runtime/version:go_default_library",
+        "//time/slots:go_default_library",
+        "@com_github_ethereum_go_ethereum//common/hexutil:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@org_golang_x_mod//semver:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "checkpoint_test.go",
+        "client_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//beacon-chain/state:go_default_library",
+        "//config/params:go_default_library",
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/blocks/testing:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//encoding/ssz/detect:go_default_library",
+        "//network/forks:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//runtime/version:go_default_library",
+        "//testing/require:go_default_library",
+        "//testing/util:go_default_library",
+        "//time/slots:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+    ],
+)
--- a/api/client/beacon/checkpoint.go
+++ b/api/client/beacon/checkpoint.go
@@ -0,0 +1,263 @@
+package beacon
+
+import (
+	"context"
+	"fmt"
+	"path"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/helpers"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/ssz/detect"
+	"github.com/prysmaticlabs/prysm/v3/io/file"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
+	"github.com/prysmaticlabs/prysm/v3/time/slots"
+	log "github.com/sirupsen/logrus"
+	"golang.org/x/mod/semver"
+)
+
+// OriginData represents the BeaconState and ReadOnlySignedBeaconBlock necessary to start an empty Beacon Node
+// using Checkpoint Sync.
+type OriginData struct {
+	sb []byte
+	bb []byte
+	st state.BeaconState
+	b  interfaces.ReadOnlySignedBeaconBlock
+	vu *detect.VersionedUnmarshaler
+	br [32]byte
+	sr [32]byte
+}
+
+// SaveBlock saves the downloaded block to a unique file in the given path.
+// For readability and collision avoidance, the file name includes: type, config name, slot and root
+func (o *OriginData) SaveBlock(dir string) (string, error) {
+	blockPath := path.Join(dir, fname("block", o.vu, o.b.Block().Slot(), o.br))
+	return blockPath, file.WriteFile(blockPath, o.BlockBytes())
+}
+
+// SaveState saves the downloaded state to a unique file in the given path.
+// For readability and collision avoidance, the file name includes: type, config name, slot and root
+func (o *OriginData) SaveState(dir string) (string, error) {
+	statePath := path.Join(dir, fname("state", o.vu, o.st.Slot(), o.sr))
+	return statePath, file.WriteFile(statePath, o.StateBytes())
+}
+
+// StateBytes returns the ssz-encoded bytes of the downloaded BeaconState value.
+func (o *OriginData) StateBytes() []byte {
+	return o.sb
+}
+
+// BlockBytes returns the ssz-encoded bytes of the downloaded ReadOnlySignedBeaconBlock value.
+func (o *OriginData) BlockBytes() []byte {
+	return o.bb
+}
+
+func fname(prefix string, vu *detect.VersionedUnmarshaler, slot primitives.Slot, root [32]byte) string {
+	return fmt.Sprintf("%s_%s_%s_%d-%#x.ssz", prefix, vu.Config.ConfigName, version.String(vu.Fork), slot, root)
+}
+
+// DownloadFinalizedData downloads the most recently finalized state, and the block most recently applied to that state.
+// This pair can be used to initialize a new beacon node via checkpoint sync.
+func DownloadFinalizedData(ctx context.Context, client *Client) (*OriginData, error) {
+	sb, err := client.GetState(ctx, IdFinalized)
+	if err != nil {
+		return nil, err
+	}
+	vu, err := detect.FromState(sb)
+	if err != nil {
+		return nil, errors.Wrap(err, "error detecting chain config for finalized state")
+	}
+	log.Printf("detected supported config in remote finalized state, name=%s, fork=%s", vu.Config.ConfigName, version.String(vu.Fork))
+	s, err := vu.UnmarshalBeaconState(sb)
+	if err != nil {
+		return nil, errors.Wrap(err, "error unmarshaling finalized state to correct version")
+	}
+	if s.Slot() != s.LatestBlockHeader().Slot {
+		return nil, fmt.Errorf("finalized state slot does not match latest block header slot %d != %d", s.Slot(), s.LatestBlockHeader().Slot)
+	}
+
+	sr, err := s.HashTreeRoot(ctx)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to compute htr for finalized state at slot=%d", s.Slot())
+	}
+	header := s.LatestBlockHeader()
+	header.StateRoot = sr[:]
+	br, err := header.HashTreeRoot()
+	if err != nil {
+		return nil, errors.Wrap(err, "error while computing block root using state data")
+	}
+
+	bb, err := client.GetBlock(ctx, IdFromRoot(br))
+	if err != nil {
+		return nil, errors.Wrapf(err, "error requesting block by root = %#x", br)
+	}
+	b, err := vu.UnmarshalBeaconBlock(bb)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to unmarshal block to a supported type using the detected fork schedule")
+	}
+	realBlockRoot, err := b.Block().HashTreeRoot()
+	if err != nil {
+		return nil, errors.Wrap(err, "error computing hash_tree_root of retrieved block")
+	}
+
+	log.Printf("BeaconState slot=%d, Block slot=%d", s.Slot(), b.Block().Slot())
+	log.Printf("BeaconState htr=%#xd, Block state_root=%#x", sr, b.Block().StateRoot())
+	log.Printf("BeaconState latest_block_header htr=%#xd, block htr=%#x", br, realBlockRoot)
+	return &OriginData{
+		st: s,
+		b:  b,
+		sb: sb,
+		bb: bb,
+		vu: vu,
+		br: br,
+		sr: sr,
+	}, nil
+}
+
+// WeakSubjectivityData represents the state root, block root and epoch of the BeaconState + ReadOnlySignedBeaconBlock
+// that falls at the beginning of the current weak subjectivity period. These values can be used to construct
+// a weak subjectivity checkpoint beacon node flag to be used for validation.
+type WeakSubjectivityData struct {
+	BlockRoot [32]byte
+	StateRoot [32]byte
+	Epoch     primitives.Epoch
+}
+
+// CheckpointString returns the standard string representation of a Checkpoint.
+// The format is a a hex-encoded block root, followed by the epoch of the block, separated by a colon. For example:
+// "0x1c35540cac127315fabb6bf29181f2ae0de1a3fc909d2e76ba771e61312cc49a:74888"
+func (wsd *WeakSubjectivityData) CheckpointString() string {
+	return fmt.Sprintf("%#x:%d", wsd.BlockRoot, wsd.Epoch)
+}
+
+// ComputeWeakSubjectivityCheckpoint attempts to use the prysm weak_subjectivity api
+// to obtain the current weak_subjectivity checkpoint.
+// For non-prysm nodes, the same computation will be performed with extra steps,
+// using the head state downloaded from the beacon node api.
+func ComputeWeakSubjectivityCheckpoint(ctx context.Context, client *Client) (*WeakSubjectivityData, error) {
+	ws, err := client.GetWeakSubjectivity(ctx)
+	if err != nil {
+		// a 404/405 is expected if querying an endpoint that doesn't support the weak subjectivity checkpoint api
+		if !errors.Is(err, ErrNotOK) {
+			return nil, errors.Wrap(err, "unexpected API response for prysm-only weak subjectivity checkpoint API")
+		}
+		// fall back to vanilla Beacon Node API method
+		return computeBackwardsCompatible(ctx, client)
+	}
+	log.Printf("server weak subjectivity checkpoint response - epoch=%d, block_root=%#x, state_root=%#x", ws.Epoch, ws.BlockRoot, ws.StateRoot)
+	return ws, nil
+}
+
+const (
+	prysmMinimumVersion     = "v2.0.7"
+	prysmImplementationName = "Prysm"
+)
+
+// errUnsupportedPrysmCheckpointVersion indicates remote beacon node can't be used for checkpoint retrieval.
+var errUnsupportedPrysmCheckpointVersion = errors.New("node does not meet minimum version requirements for checkpoint retrieval")
+
+// for older endpoints or clients that do not support the weak_subjectivity api method
+// we gather the necessary data for a checkpoint sync by:
+// - inspecting the remote server's head state and computing the weak subjectivity epoch locally
+// - requesting the state at the first slot of the epoch
+// - using hash_tree_root(state.latest_block_header) to compute the block the state integrates
+// - requesting that block by its root
+func computeBackwardsCompatible(ctx context.Context, client *Client) (*WeakSubjectivityData, error) {
+	log.Print("falling back to generic checkpoint derivation, weak_subjectivity API not supported by server")
+	nv, err := client.GetNodeVersion(ctx)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to proceed with fallback method without confirming node version")
+	}
+	if nv.implementation == prysmImplementationName && semver.Compare(nv.semver, prysmMinimumVersion) < 0 {
+		return nil, errors.Wrapf(errUnsupportedPrysmCheckpointVersion, "%s < minimum (%s)", nv.semver, prysmMinimumVersion)
+	}
+	epoch, err := getWeakSubjectivityEpochFromHead(ctx, client)
+	if err != nil {
+		return nil, errors.Wrap(err, "error computing weak subjectivity epoch via head state inspection")
+	}
+
+	// use first slot of the epoch for the state slot
+	slot, err := slots.EpochStart(epoch)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error computing first slot of epoch=%d", epoch)
+	}
+
+	log.Printf("requesting checkpoint state at slot %d", slot)
+	// get the state at the first slot of the epoch
+	sb, err := client.GetState(ctx, IdFromSlot(slot))
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to request state by slot from api, slot=%d", slot)
+	}
+
+	// ConfigFork is used to unmarshal the BeaconState so we can read the block root in latest_block_header
+	vu, err := detect.FromState(sb)
+	if err != nil {
+		return nil, errors.Wrap(err, "error detecting chain config for beacon state")
+	}
+	log.Printf("detected supported config in checkpoint state, name=%s, fork=%s", vu.Config.ConfigName, version.String(vu.Fork))
+
+	s, err := vu.UnmarshalBeaconState(sb)
+	if err != nil {
+		return nil, errors.Wrap(err, "error using detected config fork to unmarshal state bytes")
+	}
+
+	// compute state and block roots
+	sr, err := s.HashTreeRoot(ctx)
+	if err != nil {
+		return nil, errors.Wrap(err, "error computing hash_tree_root of state")
+	}
+
+	h := s.LatestBlockHeader()
+	h.StateRoot = sr[:]
+	br, err := h.HashTreeRoot()
+	if err != nil {
+		return nil, errors.Wrap(err, "error while computing block root using state data")
+	}
+
+	bb, err := client.GetBlock(ctx, IdFromRoot(br))
+	if err != nil {
+		return nil, errors.Wrapf(err, "error requesting block by root = %d", br)
+	}
+	b, err := vu.UnmarshalBeaconBlock(bb)
+	if err != nil {
+		return nil, errors.Wrap(err, "unable to unmarshal block to a supported type using the detected fork schedule")
+	}
+	br, err = b.Block().HashTreeRoot()
+	if err != nil {
+		return nil, errors.Wrap(err, "error computing hash_tree_root for block obtained via root")
+	}
+
+	return &WeakSubjectivityData{
+		Epoch:     epoch,
+		BlockRoot: br,
+		StateRoot: sr,
+	}, nil
+}
+
+// this method downloads the head state, which can be used to find the correct chain config
+// and use prysm's helper methods to compute the latest weak subjectivity epoch.
+func getWeakSubjectivityEpochFromHead(ctx context.Context, client *Client) (primitives.Epoch, error) {
+	headBytes, err := client.GetState(ctx, IdHead)
+	if err != nil {
+		return 0, err
+	}
+	vu, err := detect.FromState(headBytes)
+	if err != nil {
+		return 0, errors.Wrap(err, "error detecting chain config for beacon state")
+	}
+	log.Printf("detected supported config in remote head state, name=%s, fork=%s", vu.Config.ConfigName, version.String(vu.Fork))
+	headState, err := vu.UnmarshalBeaconState(headBytes)
+	if err != nil {
+		return 0, errors.Wrap(err, "error unmarshaling state to correct version")
+	}
+
+	epoch, err := helpers.LatestWeakSubjectivityEpoch(ctx, headState, vu.Config)
+	if err != nil {
+		return 0, errors.Wrap(err, "error computing the weak subjectivity epoch from head state")
+	}
+
+	log.Printf("(computed client-side) weak subjectivity epoch = %d", epoch)
+	return epoch, nil
+}
--- a/api/client/beacon/checkpoint_test.go
+++ b/api/client/beacon/checkpoint_test.go
@@ -0,0 +1,503 @@
+package beacon
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"testing"
+
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	blocktest "github.com/prysmaticlabs/prysm/v3/consensus-types/blocks/testing"
+	"github.com/prysmaticlabs/prysm/v3/network/forks"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/testing/util"
+	"github.com/prysmaticlabs/prysm/v3/time/slots"
+
+	"github.com/prysmaticlabs/prysm/v3/config/params"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/ssz/detect"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+)
+
+type testRT struct {
+	rt func(*http.Request) (*http.Response, error)
+}
+
+func (rt *testRT) RoundTrip(req *http.Request) (*http.Response, error) {
+	if rt.rt != nil {
+		return rt.rt(req)
+	}
+	return nil, errors.New("RoundTripper not implemented")
+}
+
+var _ http.RoundTripper = &testRT{}
+
+func marshalToEnvelope(val interface{}) ([]byte, error) {
+	raw, err := json.Marshal(val)
+	if err != nil {
+		return nil, errors.Wrap(err, "error marshaling value to place in data envelope")
+	}
+	env := struct {
+		Data json.RawMessage `json:"data"`
+	}{
+		Data: raw,
+	}
+	return json.Marshal(env)
+}
+
+func TestMarshalToEnvelope(t *testing.T) {
+	d := struct {
+		Version string `json:"version"`
+	}{
+		Version: "Prysm/v2.0.5 (linux amd64)",
+	}
+	encoded, err := marshalToEnvelope(d)
+	require.NoError(t, err)
+	expected := `{"data":{"version":"Prysm/v2.0.5 (linux amd64)"}}`
+	require.Equal(t, expected, string(encoded))
+}
+
+func TestFallbackVersionCheck(t *testing.T) {
+	c := &Client{
+		hc:      &http.Client{},
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+	c.hc.Transport = &testRT{rt: func(req *http.Request) (*http.Response, error) {
+		res := &http.Response{Request: req}
+		switch req.URL.Path {
+		case getNodeVersionPath:
+			res.StatusCode = http.StatusOK
+			b := bytes.NewBuffer(nil)
+			d := struct {
+				Version string `json:"version"`
+			}{
+				Version: "Prysm/v2.0.5 (linux amd64)",
+			}
+			encoded, err := marshalToEnvelope(d)
+			require.NoError(t, err)
+			b.Write(encoded)
+			res.Body = io.NopCloser(b)
+		case getWeakSubjectivityPath:
+			res.StatusCode = http.StatusNotFound
+		}
+
+		return res, nil
+	}}
+
+	ctx := context.Background()
+	_, err := ComputeWeakSubjectivityCheckpoint(ctx, c)
+	require.ErrorIs(t, err, errUnsupportedPrysmCheckpointVersion)
+}
+
+func TestFname(t *testing.T) {
+	vu := &detect.VersionedUnmarshaler{
+		Config: params.MainnetConfig(),
+		Fork:   version.Phase0,
+	}
+	slot := primitives.Slot(23)
+	prefix := "block"
+	var root [32]byte
+	copy(root[:], []byte{0x23, 0x23, 0x23})
+	expected := "block_mainnet_phase0_23-0x2323230000000000000000000000000000000000000000000000000000000000.ssz"
+	actual := fname(prefix, vu, slot, root)
+	require.Equal(t, expected, actual)
+
+	vu.Config = params.MinimalSpecConfig()
+	vu.Fork = version.Altair
+	slot = 17
+	prefix = "state"
+	copy(root[29:], []byte{0x17, 0x17, 0x17})
+	expected = "state_minimal_altair_17-0x2323230000000000000000000000000000000000000000000000000000171717.ssz"
+	actual = fname(prefix, vu, slot, root)
+	require.Equal(t, expected, actual)
+}
+
+func TestDownloadWeakSubjectivityCheckpoint(t *testing.T) {
+	ctx := context.Background()
+	cfg := params.MainnetConfig().Copy()
+
+	epoch := cfg.AltairForkEpoch - 1
+	// set up checkpoint state, using the epoch that will be computed as the ws checkpoint state based on the head state
+	wSlot, err := slots.EpochStart(epoch)
+	require.NoError(t, err)
+	wst, err := util.NewBeaconState()
+	require.NoError(t, err)
+	fork, err := forkForEpoch(cfg, epoch)
+	require.NoError(t, wst.SetFork(fork))
+
+	// set up checkpoint block
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockParentRoot(b, cfg.ZeroHash)
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockSlot(b, wSlot)
+	require.NoError(t, err)
+	b, err = blocktest.SetProposerIndex(b, 0)
+	require.NoError(t, err)
+
+	// set up state header pointing at checkpoint block - this is how the block is downloaded by root
+	header, err := b.Header()
+	require.NoError(t, err)
+	require.NoError(t, wst.SetLatestBlockHeader(header.Header))
+
+	// order of operations can be confusing here:
+	// - when computing the state root, make sure block header is complete, EXCEPT the state root should be zero-value
+	// - before computing the block root (to match the request route), the block should include the state root
+	//   *computed from the state with a header that does not have a state root set yet*
+	wRoot, err := wst.HashTreeRoot(ctx)
+	require.NoError(t, err)
+
+	b, err = blocktest.SetBlockStateRoot(b, wRoot)
+	require.NoError(t, err)
+	serBlock, err := b.MarshalSSZ()
+	require.NoError(t, err)
+	bRoot, err := b.Block().HashTreeRoot()
+	require.NoError(t, err)
+
+	wsSerialized, err := wst.MarshalSSZ()
+	require.NoError(t, err)
+	expectedWSD := WeakSubjectivityData{
+		BlockRoot: bRoot,
+		StateRoot: wRoot,
+		Epoch:     epoch,
+	}
+
+	hc := &http.Client{
+		Transport: &testRT{rt: func(req *http.Request) (*http.Response, error) {
+			res := &http.Response{Request: req}
+			switch req.URL.Path {
+			case getWeakSubjectivityPath:
+				res.StatusCode = http.StatusOK
+				cp := struct {
+					Epoch string `json:"epoch"`
+					Root  string `json:"root"`
+				}{
+					Epoch: fmt.Sprintf("%d", slots.ToEpoch(b.Block().Slot())),
+					Root:  fmt.Sprintf("%#x", bRoot),
+				}
+				wsr := struct {
+					Checkpoint interface{} `json:"ws_checkpoint"`
+					StateRoot  string      `json:"state_root"`
+				}{
+					Checkpoint: cp,
+					StateRoot:  fmt.Sprintf("%#x", wRoot),
+				}
+				rb, err := marshalToEnvelope(wsr)
+				require.NoError(t, err)
+				res.Body = io.NopCloser(bytes.NewBuffer(rb))
+			case renderGetStatePath(IdFromSlot(wSlot)):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(wsSerialized))
+			case renderGetBlockPath(IdFromRoot(bRoot)):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(serBlock))
+			}
+
+			return res, nil
+		}},
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+
+	wsd, err := ComputeWeakSubjectivityCheckpoint(ctx, c)
+	require.NoError(t, err)
+	require.Equal(t, expectedWSD.Epoch, wsd.Epoch)
+	require.Equal(t, expectedWSD.StateRoot, wsd.StateRoot)
+	require.Equal(t, expectedWSD.BlockRoot, wsd.BlockRoot)
+}
+
+// runs computeBackwardsCompatible directly
+// and via ComputeWeakSubjectivityCheckpoint with a round tripper that triggers the backwards compatible code path
+func TestDownloadBackwardsCompatibleCombined(t *testing.T) {
+	ctx := context.Background()
+	cfg := params.MainnetConfig()
+
+	st, expectedEpoch := defaultTestHeadState(t, cfg)
+	serialized, err := st.MarshalSSZ()
+	require.NoError(t, err)
+
+	// set up checkpoint state, using the epoch that will be computed as the ws checkpoint state based on the head state
+	wSlot, err := slots.EpochStart(expectedEpoch)
+	require.NoError(t, err)
+	wst, err := util.NewBeaconState()
+	require.NoError(t, err)
+	fork, err := forkForEpoch(cfg, cfg.GenesisEpoch)
+	require.NoError(t, wst.SetFork(fork))
+
+	// set up checkpoint block
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockParentRoot(b, cfg.ZeroHash)
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockSlot(b, wSlot)
+	require.NoError(t, err)
+	b, err = blocktest.SetProposerIndex(b, 0)
+	require.NoError(t, err)
+
+	// set up state header pointing at checkpoint block - this is how the block is downloaded by root
+	header, err := b.Header()
+	require.NoError(t, err)
+	require.NoError(t, wst.SetLatestBlockHeader(header.Header))
+
+	// order of operations can be confusing here:
+	// - when computing the state root, make sure block header is complete, EXCEPT the state root should be zero-value
+	// - before computing the block root (to match the request route), the block should include the state root
+	//   *computed from the state with a header that does not have a state root set yet*
+	wRoot, err := wst.HashTreeRoot(ctx)
+	require.NoError(t, err)
+
+	b, err = blocktest.SetBlockStateRoot(b, wRoot)
+	require.NoError(t, err)
+	serBlock, err := b.MarshalSSZ()
+	require.NoError(t, err)
+	bRoot, err := b.Block().HashTreeRoot()
+	require.NoError(t, err)
+
+	wsSerialized, err := wst.MarshalSSZ()
+	require.NoError(t, err)
+
+	hc := &http.Client{
+		Transport: &testRT{rt: func(req *http.Request) (*http.Response, error) {
+			res := &http.Response{Request: req}
+			switch req.URL.Path {
+			case getNodeVersionPath:
+				res.StatusCode = http.StatusOK
+				b := bytes.NewBuffer(nil)
+				d := struct {
+					Version string `json:"version"`
+				}{
+					Version: "Lighthouse/v0.1.5 (Linux x86_64)",
+				}
+				encoded, err := marshalToEnvelope(d)
+				require.NoError(t, err)
+				b.Write(encoded)
+				res.Body = io.NopCloser(b)
+			case getWeakSubjectivityPath:
+				res.StatusCode = http.StatusNotFound
+			case renderGetStatePath(IdHead):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(serialized))
+			case renderGetStatePath(IdFromSlot(wSlot)):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(wsSerialized))
+			case renderGetBlockPath(IdFromRoot(bRoot)):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(serBlock))
+			}
+
+			return res, nil
+		}},
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+
+	wsPub, err := ComputeWeakSubjectivityCheckpoint(ctx, c)
+	require.NoError(t, err)
+
+	wsPriv, err := computeBackwardsCompatible(ctx, c)
+	require.NoError(t, err)
+	require.DeepEqual(t, wsPriv, wsPub)
+}
+
+func TestGetWeakSubjectivityEpochFromHead(t *testing.T) {
+	st, expectedEpoch := defaultTestHeadState(t, params.MainnetConfig())
+	serialized, err := st.MarshalSSZ()
+	require.NoError(t, err)
+	hc := &http.Client{
+		Transport: &testRT{rt: func(req *http.Request) (*http.Response, error) {
+			res := &http.Response{Request: req}
+			switch req.URL.Path {
+			case renderGetStatePath(IdHead):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(serialized))
+			}
+			return res, nil
+		}},
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+	actualEpoch, err := getWeakSubjectivityEpochFromHead(context.Background(), c)
+	require.NoError(t, err)
+	require.Equal(t, expectedEpoch, actualEpoch)
+}
+
+func forkForEpoch(cfg *params.BeaconChainConfig, epoch primitives.Epoch) (*ethpb.Fork, error) {
+	os := forks.NewOrderedSchedule(cfg)
+	currentVersion, err := os.VersionForEpoch(epoch)
+	if err != nil {
+		return nil, err
+	}
+	prevVersion, err := os.Previous(currentVersion)
+	if err != nil {
+		if !errors.Is(err, forks.ErrNoPreviousVersion) {
+			return nil, err
+		}
+		// use same version for both in the case of genesis
+		prevVersion = currentVersion
+	}
+	forkEpoch := cfg.ForkVersionSchedule[currentVersion]
+	return &ethpb.Fork{
+		PreviousVersion: prevVersion[:],
+		CurrentVersion:  currentVersion[:],
+		Epoch:           forkEpoch,
+	}, nil
+}
+
+func defaultTestHeadState(t *testing.T, cfg *params.BeaconChainConfig) (state.BeaconState, primitives.Epoch) {
+	st, err := util.NewBeaconStateAltair()
+	require.NoError(t, err)
+
+	fork, err := forkForEpoch(cfg, cfg.AltairForkEpoch)
+	require.NoError(t, err)
+	require.NoError(t, st.SetFork(fork))
+
+	slot, err := slots.EpochStart(cfg.AltairForkEpoch)
+	require.NoError(t, err)
+	require.NoError(t, st.SetSlot(slot))
+
+	var validatorCount, avgBalance uint64 = 100, 35
+	require.NoError(t, populateValidators(cfg, st, validatorCount, avgBalance))
+	require.NoError(t, st.SetFinalizedCheckpoint(&ethpb.Checkpoint{
+		Epoch: fork.Epoch - 10,
+		Root:  make([]byte, 32),
+	}))
+	// to see the math for this, look at helpers.LatestWeakSubjectivityEpoch
+	// and for the values use mainnet config values, the validatorCount and avgBalance above, and altair fork epoch
+	expectedEpoch := slots.ToEpoch(st.Slot()) - 224
+	return st, expectedEpoch
+}
+
+// TODO(10429): refactor beacon state options in testing/util to take a state.BeaconState so this can become an option
+func populateValidators(cfg *params.BeaconChainConfig, st state.BeaconState, valCount, avgBalance uint64) error {
+	validators := make([]*ethpb.Validator, valCount)
+	balances := make([]uint64, len(validators))
+	for i := uint64(0); i < valCount; i++ {
+		validators[i] = &ethpb.Validator{
+			PublicKey:             make([]byte, cfg.BLSPubkeyLength),
+			WithdrawalCredentials: make([]byte, 32),
+			EffectiveBalance:      avgBalance * 1e9,
+			ExitEpoch:             cfg.FarFutureEpoch,
+		}
+		balances[i] = validators[i].EffectiveBalance
+	}
+
+	if err := st.SetValidators(validators); err != nil {
+		return err
+	}
+	if err := st.SetBalances(balances); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func TestDownloadFinalizedData(t *testing.T) {
+	ctx := context.Background()
+	cfg := params.MainnetConfig().Copy()
+
+	// avoid the altair zone because genesis tests are easier to set up
+	epoch := cfg.AltairForkEpoch - 1
+	// set up checkpoint state, using the epoch that will be computed as the ws checkpoint state based on the head state
+	slot, err := slots.EpochStart(epoch)
+	require.NoError(t, err)
+	st, err := util.NewBeaconState()
+	require.NoError(t, err)
+	fork, err := forkForEpoch(cfg, epoch)
+	require.NoError(t, st.SetFork(fork))
+	require.NoError(t, st.SetSlot(slot))
+
+	// set up checkpoint block
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockParentRoot(b, cfg.ZeroHash)
+	require.NoError(t, err)
+	b, err = blocktest.SetBlockSlot(b, slot)
+	require.NoError(t, err)
+	b, err = blocktest.SetProposerIndex(b, 0)
+	require.NoError(t, err)
+
+	// set up state header pointing at checkpoint block - this is how the block is downloaded by root
+	header, err := b.Header()
+	require.NoError(t, err)
+	require.NoError(t, st.SetLatestBlockHeader(header.Header))
+
+	// order of operations can be confusing here:
+	// - when computing the state root, make sure block header is complete, EXCEPT the state root should be zero-value
+	// - before computing the block root (to match the request route), the block should include the state root
+	//   *computed from the state with a header that does not have a state root set yet*
+	sr, err := st.HashTreeRoot(ctx)
+	require.NoError(t, err)
+
+	b, err = blocktest.SetBlockStateRoot(b, sr)
+	require.NoError(t, err)
+	mb, err := b.MarshalSSZ()
+	require.NoError(t, err)
+	br, err := b.Block().HashTreeRoot()
+	require.NoError(t, err)
+
+	ms, err := st.MarshalSSZ()
+	require.NoError(t, err)
+
+	hc := &http.Client{
+		Transport: &testRT{rt: func(req *http.Request) (*http.Response, error) {
+			res := &http.Response{Request: req}
+			switch req.URL.Path {
+			case renderGetStatePath(IdFinalized):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(ms))
+			case renderGetBlockPath(IdFromRoot(br)):
+				res.StatusCode = http.StatusOK
+				res.Body = io.NopCloser(bytes.NewBuffer(mb))
+			default:
+				res.StatusCode = http.StatusInternalServerError
+				res.Body = io.NopCloser(bytes.NewBufferString(""))
+			}
+
+			return res, nil
+		}},
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+
+	// sanity check before we go through checkpoint
+	// make sure we can download the state and unmarshal it with the VersionedUnmarshaler
+	sb, err := c.GetState(ctx, IdFinalized)
+	require.NoError(t, err)
+	require.Equal(t, true, bytes.Equal(sb, ms))
+	vu, err := detect.FromState(sb)
+	require.NoError(t, err)
+	us, err := vu.UnmarshalBeaconState(sb)
+	require.NoError(t, err)
+	ushtr, err := us.HashTreeRoot(ctx)
+	require.NoError(t, err)
+	require.Equal(t, sr, ushtr)
+
+	expected := &OriginData{
+		sb: ms,
+		bb: mb,
+		br: br,
+		sr: sr,
+	}
+	od, err := DownloadFinalizedData(ctx, c)
+	require.NoError(t, err)
+	require.Equal(t, true, bytes.Equal(expected.sb, od.sb))
+	require.Equal(t, true, bytes.Equal(expected.bb, od.bb))
+	require.Equal(t, expected.br, od.br)
+	require.Equal(t, expected.sr, od.sr)
+}
--- a/api/client/beacon/client.go
+++ b/api/client/beacon/client.go
@@ -0,0 +1,475 @@
+package beacon
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"net/url"
+	"path"
+	"regexp"
+	"sort"
+	"strconv"
+	"text/template"
+	"time"
+
+	"github.com/prysmaticlabs/prysm/v3/network/forks"
+
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/rpc/apimiddleware"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	log "github.com/sirupsen/logrus"
+)
+
+const (
+	getSignedBlockPath       = "/eth/v2/beacon/blocks"
+	getBlockRootPath         = "/eth/v1/beacon/blocks/{{.Id}}/root"
+	getForkForStatePath      = "/eth/v1/beacon/states/{{.Id}}/fork"
+	getWeakSubjectivityPath  = "/eth/v1/beacon/weak_subjectivity"
+	getForkSchedulePath      = "/eth/v1/config/fork_schedule"
+	getStatePath             = "/eth/v2/debug/beacon/states"
+	getNodeVersionPath       = "/eth/v1/node/version"
+	changeBLStoExecutionPath = "/eth/v1/beacon/pool/bls_to_execution_changes"
+)
+
+// StateOrBlockId represents the block_id / state_id parameters that several of the Eth Beacon API methods accept.
+// StateOrBlockId constants are defined for named identifiers, and helper methods are provided
+// for slot and root identifiers. Example text from the Eth Beacon Node API documentation:
+//
+// "Block identifier can be one of: "head" (canonical head in node's view), "genesis", "finalized",
+// <slot>, <hex encoded blockRoot with 0x prefix>."
+type StateOrBlockId string
+
+const (
+	IdGenesis   StateOrBlockId = "genesis"
+	IdHead      StateOrBlockId = "head"
+	IdFinalized StateOrBlockId = "finalized"
+)
+
+var ErrMalformedHostname = errors.New("hostname must include port, separated by one colon, like example.com:3500")
+
+// IdFromRoot encodes a block root in the format expected by the API in places where a root can be used to identify
+// a BeaconState or SignedBeaconBlock.
+func IdFromRoot(r [32]byte) StateOrBlockId {
+	return StateOrBlockId(fmt.Sprintf("%#x", r))
+}
+
+// IdFromSlot encodes a Slot in the format expected by the API in places where a slot can be used to identify
+// a BeaconState or SignedBeaconBlock.
+func IdFromSlot(s primitives.Slot) StateOrBlockId {
+	return StateOrBlockId(strconv.FormatUint(uint64(s), 10))
+}
+
+// idTemplate is used to create template functions that can interpolate StateOrBlockId values.
+func idTemplate(ts string) func(StateOrBlockId) string {
+	t := template.Must(template.New("").Parse(ts))
+	f := func(id StateOrBlockId) string {
+		b := bytes.NewBuffer(nil)
+		err := t.Execute(b, struct{ Id string }{Id: string(id)})
+		if err != nil {
+			panic(fmt.Sprintf("invalid idTemplate: %s", ts))
+		}
+		return b.String()
+	}
+	// run the template to ensure that it is valid
+	// this should happen load time (using package scoped vars) to ensure runtime errors aren't possible
+	_ = f(IdGenesis)
+	return f
+}
+
+// ClientOpt is a functional option for the Client type (http.Client wrapper)
+type ClientOpt func(*Client)
+
+// WithTimeout sets the .Timeout attribute of the wrapped http.Client.
+func WithTimeout(timeout time.Duration) ClientOpt {
+	return func(c *Client) {
+		c.hc.Timeout = timeout
+	}
+}
+
+// Client provides a collection of helper methods for calling the Eth Beacon Node API endpoints.
+type Client struct {
+	hc      *http.Client
+	baseURL *url.URL
+}
+
+// NewClient constructs a new client with the provided options (ex WithTimeout).
+// `host` is the base host + port used to construct request urls. This value can be
+// a URL string, or NewClient will assume an http endpoint if just `host:port` is used.
+func NewClient(host string, opts ...ClientOpt) (*Client, error) {
+	u, err := urlForHost(host)
+	if err != nil {
+		return nil, err
+	}
+	c := &Client{
+		hc:      &http.Client{},
+		baseURL: u,
+	}
+	for _, o := range opts {
+		o(c)
+	}
+	return c, nil
+}
+
+func urlForHost(h string) (*url.URL, error) {
+	// try to parse as url (being permissive)
+	u, err := url.Parse(h)
+	if err == nil && u.Host != "" {
+		return u, nil
+	}
+	// try to parse as host:port
+	host, port, err := net.SplitHostPort(h)
+	if err != nil {
+		return nil, ErrMalformedHostname
+	}
+	return &url.URL{Host: fmt.Sprintf("%s:%s", host, port), Scheme: "http"}, nil
+}
+
+// NodeURL returns a human-readable string representation of the beacon node base url.
+func (c *Client) NodeURL() string {
+	return c.baseURL.String()
+}
+
+type reqOption func(*http.Request)
+
+func withSSZEncoding() reqOption {
+	return func(req *http.Request) {
+		req.Header.Set("Accept", "application/octet-stream")
+	}
+}
+
+// get is a generic, opinionated GET function to reduce boilerplate amongst the getters in this package.
+func (c *Client) get(ctx context.Context, path string, opts ...reqOption) ([]byte, error) {
+	u := c.baseURL.ResolveReference(&url.URL{Path: path})
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, u.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+	for _, o := range opts {
+		o(req)
+	}
+	r, err := c.hc.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		err = r.Body.Close()
+	}()
+	if r.StatusCode != http.StatusOK {
+		return nil, non200Err(r)
+	}
+	b, err := io.ReadAll(r.Body)
+	if err != nil {
+		return nil, errors.Wrap(err, "error reading http response body from GetBlock")
+	}
+	return b, nil
+}
+
+func renderGetBlockPath(id StateOrBlockId) string {
+	return path.Join(getSignedBlockPath, string(id))
+}
+
+// GetBlock retrieves the SignedBeaconBlock for the given block id.
+// Block identifier can be one of: "head" (canonical head in node's view), "genesis", "finalized",
+// <slot>, <hex encoded blockRoot with 0x prefix>. Variables of type StateOrBlockId are exported by this package
+// for the named identifiers.
+// The return value contains the ssz-encoded bytes.
+func (c *Client) GetBlock(ctx context.Context, blockId StateOrBlockId) ([]byte, error) {
+	blockPath := renderGetBlockPath(blockId)
+	b, err := c.get(ctx, blockPath, withSSZEncoding())
+	if err != nil {
+		return nil, errors.Wrapf(err, "error requesting state by id = %s", blockId)
+	}
+	return b, nil
+}
+
+var getBlockRootTpl = idTemplate(getBlockRootPath)
+
+// GetBlockRoot retrieves the hash_tree_root of the BeaconBlock for the given block id.
+// Block identifier can be one of: "head" (canonical head in node's view), "genesis", "finalized",
+// <slot>, <hex encoded blockRoot with 0x prefix>. Variables of type StateOrBlockId are exported by this package
+// for the named identifiers.
+func (c *Client) GetBlockRoot(ctx context.Context, blockId StateOrBlockId) ([32]byte, error) {
+	rootPath := getBlockRootTpl(blockId)
+	b, err := c.get(ctx, rootPath)
+	if err != nil {
+		return [32]byte{}, errors.Wrapf(err, "error requesting block root by id = %s", blockId)
+	}
+	jsonr := &struct{ Data struct{ Root string } }{}
+	err = json.Unmarshal(b, jsonr)
+	if err != nil {
+		return [32]byte{}, errors.Wrap(err, "error decoding json data from get block root response")
+	}
+	rs, err := hexutil.Decode(jsonr.Data.Root)
+	if err != nil {
+		return [32]byte{}, errors.Wrap(err, fmt.Sprintf("error decoding hex-encoded value %s", jsonr.Data.Root))
+	}
+	return bytesutil.ToBytes32(rs), nil
+}
+
+var getForkTpl = idTemplate(getForkForStatePath)
+
+// GetFork queries the Beacon Node API for the Fork from the state identified by stateId.
+// Block identifier can be one of: "head" (canonical head in node's view), "genesis", "finalized",
+// <slot>, <hex encoded blockRoot with 0x prefix>. Variables of type StateOrBlockId are exported by this package
+// for the named identifiers.
+func (c *Client) GetFork(ctx context.Context, stateId StateOrBlockId) (*ethpb.Fork, error) {
+	body, err := c.get(ctx, getForkTpl(stateId))
+	if err != nil {
+		return nil, errors.Wrapf(err, "error requesting fork by state id = %s", stateId)
+	}
+	fr := &forkResponse{}
+	dataWrapper := &struct{ Data *forkResponse }{Data: fr}
+	err = json.Unmarshal(body, dataWrapper)
+	if err != nil {
+		return nil, errors.Wrap(err, "error decoding json response in GetFork")
+	}
+
+	return fr.Fork()
+}
+
+// GetForkSchedule retrieve all forks, past present and future, of which this node is aware.
+func (c *Client) GetForkSchedule(ctx context.Context) (forks.OrderedSchedule, error) {
+	body, err := c.get(ctx, getForkSchedulePath)
+	if err != nil {
+		return nil, errors.Wrap(err, "error requesting fork schedule")
+	}
+	fsr := &forkScheduleResponse{}
+	err = json.Unmarshal(body, fsr)
+	if err != nil {
+		return nil, err
+	}
+	ofs, err := fsr.OrderedForkSchedule()
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf("problem unmarshaling %s response", getForkSchedulePath))
+	}
+	return ofs, nil
+}
+
+type NodeVersion struct {
+	implementation string
+	semver         string
+	systemInfo     string
+}
+
+var versionRE = regexp.MustCompile(`^(\w+)/(v\d+\.\d+\.\d+[-a-zA-Z0-9]*)\s*/?(.*)$`)
+
+func parseNodeVersion(v string) (*NodeVersion, error) {
+	groups := versionRE.FindStringSubmatch(v)
+	if len(groups) != 4 {
+		return nil, errors.Wrapf(ErrInvalidNodeVersion, "could not be parsed: %s", v)
+	}
+	return &NodeVersion{
+		implementation: groups[1],
+		semver:         groups[2],
+		systemInfo:     groups[3],
+	}, nil
+}
+
+// GetNodeVersion requests that the beacon node identify information about its implementation in a format
+// similar to a HTTP User-Agent field. ex: Lighthouse/v0.1.5 (Linux x86_64)
+func (c *Client) GetNodeVersion(ctx context.Context) (*NodeVersion, error) {
+	b, err := c.get(ctx, getNodeVersionPath)
+	if err != nil {
+		return nil, errors.Wrap(err, "error requesting node version")
+	}
+	d := struct {
+		Data struct {
+			Version string `json:"version"`
+		} `json:"data"`
+	}{}
+	err = json.Unmarshal(b, &d)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error unmarshaling response body: %s", string(b))
+	}
+	return parseNodeVersion(d.Data.Version)
+}
+
+func renderGetStatePath(id StateOrBlockId) string {
+	return path.Join(getStatePath, string(id))
+}
+
+// GetState retrieves the BeaconState for the given state id.
+// State identifier can be one of: "head" (canonical head in node's view), "genesis", "finalized",
+// <slot>, <hex encoded stateRoot with 0x prefix>. Variables of type StateOrBlockId are exported by this package
+// for the named identifiers.
+// The return value contains the ssz-encoded bytes.
+func (c *Client) GetState(ctx context.Context, stateId StateOrBlockId) ([]byte, error) {
+	statePath := path.Join(getStatePath, string(stateId))
+	b, err := c.get(ctx, statePath, withSSZEncoding())
+	if err != nil {
+		return nil, errors.Wrapf(err, "error requesting state by id = %s", stateId)
+	}
+	return b, nil
+}
+
+// GetWeakSubjectivity calls a proposed API endpoint that is unique to prysm
+// This api method does the following:
+// - computes weak subjectivity epoch
+// - finds the highest non-skipped block preceding the epoch
+// - returns the htr of the found block and returns this + the value of state_root from the block
+func (c *Client) GetWeakSubjectivity(ctx context.Context) (*WeakSubjectivityData, error) {
+	body, err := c.get(ctx, getWeakSubjectivityPath)
+	if err != nil {
+		return nil, err
+	}
+	v := &apimiddleware.WeakSubjectivityResponse{}
+	err = json.Unmarshal(body, v)
+	if err != nil {
+		return nil, err
+	}
+	epoch, err := strconv.ParseUint(v.Data.Checkpoint.Epoch, 10, 64)
+	if err != nil {
+		return nil, err
+	}
+	blockRoot, err := hexutil.Decode(v.Data.Checkpoint.Root)
+	if err != nil {
+		return nil, err
+	}
+	stateRoot, err := hexutil.Decode(v.Data.StateRoot)
+	if err != nil {
+		return nil, err
+	}
+	return &WeakSubjectivityData{
+		Epoch:     primitives.Epoch(epoch),
+		BlockRoot: bytesutil.ToBytes32(blockRoot),
+		StateRoot: bytesutil.ToBytes32(stateRoot),
+	}, nil
+}
+
+// SubmitChangeBLStoExecution calls a beacon API endpoint to set the withdrawal addresses based on the given signed messages.
+// If the API responds with something other than OK there will be failure messages associated to the corresponding request message.
+func (c *Client) SubmitChangeBLStoExecution(ctx context.Context, request []*apimiddleware.SignedBLSToExecutionChangeJson) error {
+	u := c.baseURL.ResolveReference(&url.URL{Path: changeBLStoExecutionPath})
+	body, err := json.Marshal(request)
+	if err != nil {
+		return errors.Wrap(err, "failed to marshal JSON")
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, u.String(), bytes.NewBuffer(body))
+	if err != nil {
+		return errors.Wrap(err, "invalid format, failed to create new POST request object")
+	}
+	req.Header.Set("Content-Type", "application/json")
+	resp, err := c.hc.Do(req)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		err = resp.Body.Close()
+	}()
+	if resp.StatusCode != http.StatusOK {
+		decoder := json.NewDecoder(resp.Body)
+		decoder.DisallowUnknownFields()
+		errorJson := &apimiddleware.IndexedVerificationFailureErrorJson{}
+		if err := decoder.Decode(errorJson); err != nil {
+			return errors.Wrapf(err, "failed to decode error JSON for %s", resp.Request.URL)
+		}
+		for _, failure := range errorJson.Failures {
+			w := request[failure.Index].Message
+			log.WithFields(log.Fields{
+				"validator_index":    w.ValidatorIndex,
+				"withdrawal_address": w.ToExecutionAddress,
+			}).Error(failure.Message)
+		}
+		return errors.Errorf("POST error %d: %s", errorJson.Code, errorJson.Message)
+	}
+	return nil
+}
+
+// GetBLStoExecutionChanges gets all the set withdrawal messages in the node's operation pool.
+// Returns a struct representation of json response.
+func (c *Client) GetBLStoExecutionChanges(ctx context.Context) (*apimiddleware.BLSToExecutionChangesPoolResponseJson, error) {
+	body, err := c.get(ctx, changeBLStoExecutionPath)
+	if err != nil {
+		return nil, err
+	}
+	poolResponse := &apimiddleware.BLSToExecutionChangesPoolResponseJson{}
+	err = json.Unmarshal(body, poolResponse)
+	if err != nil {
+		return nil, err
+	}
+	return poolResponse, nil
+}
+
+func non200Err(response *http.Response) error {
+	bodyBytes, err := io.ReadAll(response.Body)
+	var body string
+	if err != nil {
+		body = "(Unable to read response body.)"
+	} else {
+		body = "response body:\n" + string(bodyBytes)
+	}
+	msg := fmt.Sprintf("code=%d, url=%s, body=%s", response.StatusCode, response.Request.URL, body)
+	switch response.StatusCode {
+	case 404:
+		return errors.Wrap(ErrNotFound, msg)
+	default:
+		return errors.Wrap(ErrNotOK, msg)
+	}
+}
+
+type forkResponse struct {
+	PreviousVersion string `json:"previous_version"`
+	CurrentVersion  string `json:"current_version"`
+	Epoch           string `json:"epoch"`
+}
+
+func (f *forkResponse) Fork() (*ethpb.Fork, error) {
+	epoch, err := strconv.ParseUint(f.Epoch, 10, 64)
+	if err != nil {
+		return nil, err
+	}
+	cSlice, err := hexutil.Decode(f.CurrentVersion)
+	if err != nil {
+		return nil, err
+	}
+	if len(cSlice) != 4 {
+		return nil, fmt.Errorf("got %d byte version for CurrentVersion, expected 4 bytes. hex=%s", len(cSlice), f.CurrentVersion)
+	}
+	pSlice, err := hexutil.Decode(f.PreviousVersion)
+	if err != nil {
+		return nil, err
+	}
+	if len(pSlice) != 4 {
+		return nil, fmt.Errorf("got %d byte version, expected 4 bytes. version hex=%s", len(pSlice), f.PreviousVersion)
+	}
+	return &ethpb.Fork{
+		CurrentVersion:  cSlice,
+		PreviousVersion: pSlice,
+		Epoch:           primitives.Epoch(epoch),
+	}, nil
+}
+
+type forkScheduleResponse struct {
+	Data []forkResponse
+}
+
+func (fsr *forkScheduleResponse) OrderedForkSchedule() (forks.OrderedSchedule, error) {
+	ofs := make(forks.OrderedSchedule, 0)
+	for _, d := range fsr.Data {
+		epoch, err := strconv.Atoi(d.Epoch)
+		if err != nil {
+			return nil, err
+		}
+		vSlice, err := hexutil.Decode(d.CurrentVersion)
+		if err != nil {
+			return nil, err
+		}
+		if len(vSlice) != 4 {
+			return nil, fmt.Errorf("got %d byte version, expected 4 bytes. version hex=%s", len(vSlice), d.CurrentVersion)
+		}
+		version := bytesutil.ToBytes4(vSlice)
+		ofs = append(ofs, forks.ForkScheduleEntry{
+			Version: version,
+			Epoch:   primitives.Epoch(uint64(epoch)),
+		})
+	}
+	sort.Sort(ofs)
+	return ofs, nil
+}
--- a/api/client/beacon/client_test.go
+++ b/api/client/beacon/client_test.go
@@ -0,0 +1,138 @@
+package beacon
+
+import (
+	"net/url"
+	"testing"
+
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+)
+
+func TestParseNodeVersion(t *testing.T) {
+	cases := []struct {
+		name string
+		v    string
+		err  error
+		nv   *NodeVersion
+	}{
+		{
+			name: "empty string",
+			v:    "",
+			err:  ErrInvalidNodeVersion,
+		},
+		{
+			name: "Prysm as the version string",
+			v:    "Prysm",
+			err:  ErrInvalidNodeVersion,
+		},
+		{
+			name: "semver only",
+			v:    "v2.0.6",
+			err:  ErrInvalidNodeVersion,
+		},
+		{
+			name: "complete version",
+			v:    "Prysm/v2.0.6 (linux amd64)",
+			nv: &NodeVersion{
+				implementation: "Prysm",
+				semver:         "v2.0.6",
+				systemInfo:     "(linux amd64)",
+			},
+		},
+		{
+			name: "nimbus version",
+			v:    "Nimbus/v22.4.0-039bec-stateofus",
+			nv: &NodeVersion{
+				implementation: "Nimbus",
+				semver:         "v22.4.0-039bec-stateofus",
+				systemInfo:     "",
+			},
+		},
+		{
+			name: "teku version",
+			v:    "teku/v22.3.2/linux-x86_64/oracle-java-11",
+			nv: &NodeVersion{
+				implementation: "teku",
+				semver:         "v22.3.2",
+				systemInfo:     "linux-x86_64/oracle-java-11",
+			},
+		},
+		{
+			name: "lighthouse version",
+			v:    "Lighthouse/v2.1.1-5f628a7/x86_64-linux",
+			nv: &NodeVersion{
+				implementation: "Lighthouse",
+				semver:         "v2.1.1-5f628a7",
+				systemInfo:     "x86_64-linux",
+			},
+		},
+	}
+
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			nv, err := parseNodeVersion(c.v)
+			if c.err != nil {
+				require.ErrorIs(t, err, c.err)
+			} else {
+				require.NoError(t, err)
+				require.DeepEqual(t, c.nv, nv)
+			}
+		})
+	}
+}
+
+func TestValidHostname(t *testing.T) {
+	cases := []struct {
+		name    string
+		hostArg string
+		path    string
+		joined  string
+		err     error
+	}{
+		{
+			name:    "hostname without port",
+			hostArg: "mydomain.org",
+			err:     ErrMalformedHostname,
+		},
+		{
+			name:    "hostname with port",
+			hostArg: "mydomain.org:3500",
+			path:    getNodeVersionPath,
+			joined:  "http://mydomain.org:3500/eth/v1/node/version",
+		},
+		{
+			name:    "https scheme, hostname with port",
+			hostArg: "https://mydomain.org:3500",
+			path:    getNodeVersionPath,
+			joined:  "https://mydomain.org:3500/eth/v1/node/version",
+		},
+		{
+			name:    "http scheme, hostname without port",
+			hostArg: "http://mydomain.org",
+			path:    getNodeVersionPath,
+			joined:  "http://mydomain.org/eth/v1/node/version",
+		},
+		{
+			name:    "http scheme, trailing slash, hostname without port",
+			hostArg: "http://mydomain.org/",
+			path:    getNodeVersionPath,
+			joined:  "http://mydomain.org/eth/v1/node/version",
+		},
+		{
+			name:    "http scheme, hostname with basic auth creds and no port",
+			hostArg: "http://username:pass@mydomain.org/",
+			path:    getNodeVersionPath,
+			joined:  "http://username:pass@mydomain.org/eth/v1/node/version",
+		},
+	}
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			cl, err := NewClient(c.hostArg)
+			if c.err != nil {
+				require.ErrorIs(t, err, c.err)
+				return
+			}
+			require.NoError(t, err)
+			require.Equal(t, c.joined, cl.baseURL.ResolveReference(&url.URL{Path: c.path}).String())
+		})
+	}
+}
--- a/api/client/beacon/doc.go
+++ b/api/client/beacon/doc.go
@@ -0,0 +1,5 @@
+/*
+Package beacon provides a client for interacting with the standard Eth Beacon Node API.
+Interactive swagger documentation for the API is available here: https://ethereum.github.io/beacon-APIs/
+*/
+package beacon
--- a/api/client/beacon/errors.go
+++ b/api/client/beacon/errors.go
@@ -0,0 +1,13 @@
+package beacon
+
+import "github.com/pkg/errors"
+
+// ErrNotOK is used to indicate when an HTTP request to the Beacon Node API failed with any non-2xx response code.
+// More specific errors may be returned, but an error in reaction to a non-2xx response will always wrap ErrNotOK.
+var ErrNotOK = errors.New("did not receive 2xx response from API")
+
+// ErrNotFound specifically means that a '404 - NOT FOUND' response was received from the API.
+var ErrNotFound = errors.Wrap(ErrNotOK, "recv 404 NotFound response from API")
+
+// ErrInvalidNodeVersion indicates that the /eth/v1/node/version api response format was not recognized.
+var ErrInvalidNodeVersion = errors.New("invalid node version response")
--- a/api/client/builder/BUILD.bazel
+++ b/api/client/builder/BUILD.bazel
@@ -0,0 +1,53 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "bid.go",
+        "client.go",
+        "errors.go",
+        "types.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/client/builder",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/interfaces:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//monitoring/tracing:go_default_library",
+        "//network:go_default_library",
+        "//network/authorization:go_default_library",
+        "//proto/engine/v1:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//runtime/version:go_default_library",
+        "@com_github_ethereum_go_ethereum//common/hexutil:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+        "@com_github_prysmaticlabs_fastssz//:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@io_opencensus_go//trace:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "client_test.go",
+        "types_test.go",
+    ],
+    data = glob(["testdata/**"]),
+    embed = [":go_default_library"],
+    deps = [
+        "//config/params:go_default_library",
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//proto/engine/v1:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "@com_github_ethereum_go_ethereum//common/hexutil:go_default_library",
+        "@com_github_golang_protobuf//proto:go_default_library",
+        "@com_github_prysmaticlabs_go_bitfield//:go_default_library",
+    ],
+)
--- a/api/client/builder/bid.go
+++ b/api/client/builder/bid.go
@@ -0,0 +1,195 @@
+package builder
+
+import (
+	"math/big"
+
+	ssz "github.com/prysmaticlabs/fastssz"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
+)
+
+// SignedBid is an interface describing the method set of a signed builder bid.
+type SignedBid interface {
+	Message() (Bid, error)
+	Signature() []byte
+	Version() int
+	IsNil() bool
+}
+
+// Bid is an interface describing the method set of a builder bid.
+type Bid interface {
+	Header() (interfaces.ExecutionData, error)
+	Value() []byte
+	Pubkey() []byte
+	Version() int
+	IsNil() bool
+	HashTreeRoot() ([32]byte, error)
+	HashTreeRootWith(hh *ssz.Hasher) error
+}
+
+type signedBuilderBid struct {
+	p *ethpb.SignedBuilderBid
+}
+
+// WrappedSignedBuilderBid is a constructor which wraps a protobuf signed bit into an interface.
+func WrappedSignedBuilderBid(p *ethpb.SignedBuilderBid) (SignedBid, error) {
+	w := signedBuilderBid{p: p}
+	if w.IsNil() {
+		return nil, blocks.ErrNilObjectWrapped
+	}
+	return w, nil
+}
+
+// Message --
+func (b signedBuilderBid) Message() (Bid, error) {
+	return WrappedBuilderBid(b.p.Message)
+}
+
+// Signature --
+func (b signedBuilderBid) Signature() []byte {
+	return b.p.Signature
+}
+
+// Version --
+func (b signedBuilderBid) Version() int {
+	return version.Bellatrix
+}
+
+// IsNil --
+func (b signedBuilderBid) IsNil() bool {
+	return b.p == nil
+}
+
+type signedBuilderBidCapella struct {
+	p *ethpb.SignedBuilderBidCapella
+}
+
+// WrappedSignedBuilderBidCapella is a constructor which wraps a protobuf signed bit into an interface.
+func WrappedSignedBuilderBidCapella(p *ethpb.SignedBuilderBidCapella) (SignedBid, error) {
+	w := signedBuilderBidCapella{p: p}
+	if w.IsNil() {
+		return nil, blocks.ErrNilObjectWrapped
+	}
+	return w, nil
+}
+
+// Message --
+func (b signedBuilderBidCapella) Message() (Bid, error) {
+	return WrappedBuilderBidCapella(b.p.Message)
+}
+
+// Signature --
+func (b signedBuilderBidCapella) Signature() []byte {
+	return b.p.Signature
+}
+
+// Version --
+func (b signedBuilderBidCapella) Version() int {
+	return version.Capella
+}
+
+// IsNil --
+func (b signedBuilderBidCapella) IsNil() bool {
+	return b.p == nil
+}
+
+type builderBid struct {
+	p *ethpb.BuilderBid
+}
+
+// WrappedBuilderBid is a constructor which wraps a protobuf bid into an interface.
+func WrappedBuilderBid(p *ethpb.BuilderBid) (Bid, error) {
+	w := builderBid{p: p}
+	if w.IsNil() {
+		return nil, blocks.ErrNilObjectWrapped
+	}
+	return w, nil
+}
+
+// Header --
+func (b builderBid) Header() (interfaces.ExecutionData, error) {
+	return blocks.WrappedExecutionPayloadHeader(b.p.Header)
+}
+
+// Version --
+func (b builderBid) Version() int {
+	return version.Bellatrix
+}
+
+// Value --
+func (b builderBid) Value() []byte {
+	return b.p.Value
+}
+
+// Pubkey --
+func (b builderBid) Pubkey() []byte {
+	return b.p.Pubkey
+}
+
+// IsNil --
+func (b builderBid) IsNil() bool {
+	return b.p == nil
+}
+
+// HashTreeRoot --
+func (b builderBid) HashTreeRoot() ([32]byte, error) {
+	return b.p.HashTreeRoot()
+}
+
+// HashTreeRootWith --
+func (b builderBid) HashTreeRootWith(hh *ssz.Hasher) error {
+	return b.p.HashTreeRootWith(hh)
+}
+
+type builderBidCapella struct {
+	p *ethpb.BuilderBidCapella
+}
+
+// WrappedBuilderBidCapella is a constructor which wraps a protobuf bid into an interface.
+func WrappedBuilderBidCapella(p *ethpb.BuilderBidCapella) (Bid, error) {
+	w := builderBidCapella{p: p}
+	if w.IsNil() {
+		return nil, blocks.ErrNilObjectWrapped
+	}
+	return w, nil
+}
+
+// Header returns the execution data interface.
+func (b builderBidCapella) Header() (interfaces.ExecutionData, error) {
+	// We have to convert big endian to little endian because the value is coming from the execution layer.
+	v := bytesutil.ReverseByteOrder(b.p.Value)
+	return blocks.WrappedExecutionPayloadHeaderCapella(b.p.Header, big.NewInt(0).SetBytes(v))
+}
+
+// Version --
+func (b builderBidCapella) Version() int {
+	return version.Capella
+}
+
+// Value --
+func (b builderBidCapella) Value() []byte {
+	return b.p.Value
+}
+
+// Pubkey --
+func (b builderBidCapella) Pubkey() []byte {
+	return b.p.Pubkey
+}
+
+// IsNil --
+func (b builderBidCapella) IsNil() bool {
+	return b.p == nil
+}
+
+// HashTreeRoot --
+func (b builderBidCapella) HashTreeRoot() ([32]byte, error) {
+	return b.p.HashTreeRoot()
+}
+
+// HashTreeRootWith --
+func (b builderBidCapella) HashTreeRootWith(hh *ssz.Hasher) error {
+	return b.p.HashTreeRootWith(hh)
+}
--- a/api/client/builder/client.go
+++ b/api/client/builder/client.go
@@ -0,0 +1,421 @@
+package builder
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"math/big"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+	"text/template"
+	"time"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/monitoring/tracing"
+	"github.com/prysmaticlabs/prysm/v3/network"
+	"github.com/prysmaticlabs/prysm/v3/network/authorization"
+	v1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
+	log "github.com/sirupsen/logrus"
+	"go.opencensus.io/trace"
+)
+
+const (
+	getExecHeaderPath          = "/eth/v1/builder/header/{{.Slot}}/{{.ParentHash}}/{{.Pubkey}}"
+	getStatus                  = "/eth/v1/builder/status"
+	postBlindedBeaconBlockPath = "/eth/v1/builder/blinded_blocks"
+	postRegisterValidatorPath  = "/eth/v1/builder/validators"
+)
+
+var errMalformedHostname = errors.New("hostname must include port, separated by one colon, like example.com:3500")
+var errMalformedRequest = errors.New("required request data are missing")
+var errNotBlinded = errors.New("submitted block is not blinded")
+var submitBlindedBlockTimeout = 3 * time.Second
+
+// ClientOpt is a functional option for the Client type (http.Client wrapper)
+type ClientOpt func(*Client)
+
+type observer interface {
+	observe(r *http.Request) error
+}
+
+func WithObserver(m observer) ClientOpt {
+	return func(c *Client) {
+		c.obvs = append(c.obvs, m)
+	}
+}
+
+type requestLogger struct{}
+
+func (*requestLogger) observe(r *http.Request) (e error) {
+	b := bytes.NewBuffer(nil)
+	if r.Body == nil {
+		log.WithFields(log.Fields{
+			"body-base64": "(nil value)",
+			"url":         r.URL.String(),
+		}).Info("builder http request")
+		return nil
+	}
+	t := io.TeeReader(r.Body, b)
+	defer func() {
+		if r.Body != nil {
+			e = r.Body.Close()
+		}
+	}()
+	body, err := io.ReadAll(t)
+	if err != nil {
+		return err
+	}
+	r.Body = io.NopCloser(b)
+	log.WithFields(log.Fields{
+		"body-base64": string(body),
+		"url":         r.URL.String(),
+	}).Info("builder http request")
+
+	return nil
+}
+
+var _ observer = &requestLogger{}
+
+// BuilderClient provides a collection of helper methods for calling Builder API endpoints.
+type BuilderClient interface {
+	NodeURL() string
+	GetHeader(ctx context.Context, slot primitives.Slot, parentHash [32]byte, pubkey [48]byte) (SignedBid, error)
+	RegisterValidator(ctx context.Context, svr []*ethpb.SignedValidatorRegistrationV1) error
+	SubmitBlindedBlock(ctx context.Context, sb interfaces.ReadOnlySignedBeaconBlock) (interfaces.ExecutionData, error)
+	Status(ctx context.Context) error
+}
+
+// Client provides a collection of helper methods for calling Builder API endpoints.
+type Client struct {
+	hc      *http.Client
+	baseURL *url.URL
+	obvs    []observer
+}
+
+// NewClient constructs a new client with the provided options (ex WithTimeout).
+// `host` is the base host + port used to construct request urls. This value can be
+// a URL string, or NewClient will assume an http endpoint if just `host:port` is used.
+func NewClient(host string, opts ...ClientOpt) (*Client, error) {
+	endpoint := covertEndPoint(host)
+	u, err := urlForHost(endpoint.Url)
+	if err != nil {
+		return nil, err
+	}
+	c := &Client{
+		hc:      &http.Client{},
+		baseURL: u,
+	}
+	for _, o := range opts {
+		o(c)
+	}
+	return c, nil
+}
+
+func urlForHost(h string) (*url.URL, error) {
+	// try to parse as url (being permissive)
+	u, err := url.Parse(h)
+	if err == nil && u.Host != "" {
+		return u, nil
+	}
+	// try to parse as host:port
+	host, port, err := net.SplitHostPort(h)
+	if err != nil {
+		return nil, errMalformedHostname
+	}
+	return &url.URL{Host: net.JoinHostPort(host, port), Scheme: "http"}, nil
+}
+
+// NodeURL returns a human-readable string representation of the beacon node base url.
+func (c *Client) NodeURL() string {
+	return c.baseURL.String()
+}
+
+type reqOption func(*http.Request)
+
+// do is a generic, opinionated request function to reduce boilerplate amongst the methods in this package api/client/builder/types.go.
+func (c *Client) do(ctx context.Context, method string, path string, body io.Reader, opts ...reqOption) (res []byte, err error) {
+	ctx, span := trace.StartSpan(ctx, "builder.client.do")
+	defer func() {
+		tracing.AnnotateError(span, err)
+		span.End()
+	}()
+
+	u := c.baseURL.ResolveReference(&url.URL{Path: path})
+
+	span.AddAttributes(trace.StringAttribute("url", u.String()),
+		trace.StringAttribute("method", method))
+
+	req, err := http.NewRequestWithContext(ctx, method, u.String(), body)
+	if err != nil {
+		return
+	}
+	for _, o := range opts {
+		o(req)
+	}
+	for _, o := range c.obvs {
+		if err = o.observe(req); err != nil {
+			return
+		}
+	}
+	r, err := c.hc.Do(req)
+	if err != nil {
+		return
+	}
+	defer func() {
+		closeErr := r.Body.Close()
+		if closeErr != nil {
+			log.WithError(closeErr).Error("Failed to close response body")
+		}
+	}()
+	if r.StatusCode != http.StatusOK {
+		err = non200Err(r)
+		return
+	}
+	res, err = io.ReadAll(r.Body)
+	if err != nil {
+		err = errors.Wrap(err, "error reading http response body from builder server")
+		return
+	}
+	return
+}
+
+var execHeaderTemplate = template.Must(template.New("").Parse(getExecHeaderPath))
+
+func execHeaderPath(slot primitives.Slot, parentHash [32]byte, pubkey [48]byte) (string, error) {
+	v := struct {
+		Slot       primitives.Slot
+		ParentHash string
+		Pubkey     string
+	}{
+		Slot:       slot,
+		ParentHash: fmt.Sprintf("%#x", parentHash),
+		Pubkey:     fmt.Sprintf("%#x", pubkey),
+	}
+	b := bytes.NewBuffer(nil)
+	err := execHeaderTemplate.Execute(b, v)
+	if err != nil {
+		return "", errors.Wrapf(err, "error rendering exec header template with slot=%d, parentHash=%#x, pubkey=%#x", slot, parentHash, pubkey)
+	}
+	return b.String(), nil
+}
+
+// GetHeader is used by a proposing validator to request an execution payload header from the Builder node.
+func (c *Client) GetHeader(ctx context.Context, slot primitives.Slot, parentHash [32]byte, pubkey [48]byte) (SignedBid, error) {
+	path, err := execHeaderPath(slot, parentHash, pubkey)
+	if err != nil {
+		return nil, err
+	}
+	hb, err := c.do(ctx, http.MethodGet, path, nil)
+	if err != nil {
+		return nil, err
+	}
+	v := &VersionResponse{}
+	if err := json.Unmarshal(hb, v); err != nil {
+		return nil, errors.Wrapf(err, "error unmarshaling the builder GetHeader response, using slot=%d, parentHash=%#x, pubkey=%#x", slot, parentHash, pubkey)
+	}
+	switch strings.ToLower(v.Version) {
+	case strings.ToLower(version.String(version.Capella)):
+		hr := &ExecHeaderResponseCapella{}
+		if err := json.Unmarshal(hb, hr); err != nil {
+			return nil, errors.Wrapf(err, "error unmarshaling the builder GetHeader response, using slot=%d, parentHash=%#x, pubkey=%#x", slot, parentHash, pubkey)
+		}
+		p, err := hr.ToProto()
+		if err != nil {
+			return nil, errors.Wrapf(err, "could not extract proto message from header")
+		}
+		return WrappedSignedBuilderBidCapella(p)
+	case strings.ToLower(version.String(version.Bellatrix)):
+		hr := &ExecHeaderResponse{}
+		if err := json.Unmarshal(hb, hr); err != nil {
+			return nil, errors.Wrapf(err, "error unmarshaling the builder GetHeader response, using slot=%d, parentHash=%#x, pubkey=%#x", slot, parentHash, pubkey)
+		}
+		p, err := hr.ToProto()
+		if err != nil {
+			return nil, errors.Wrap(err, "could not extract proto message from header")
+		}
+		return WrappedSignedBuilderBid(p)
+	default:
+		return nil, fmt.Errorf("unsupported header version %s", strings.ToLower(v.Version))
+	}
+
+}
+
+// RegisterValidator encodes the SignedValidatorRegistrationV1 message to json (including hex-encoding the byte
+// fields with 0x prefixes) and posts to the builder validator registration endpoint.
+func (c *Client) RegisterValidator(ctx context.Context, svr []*ethpb.SignedValidatorRegistrationV1) error {
+	ctx, span := trace.StartSpan(ctx, "builder.client.RegisterValidator")
+	defer span.End()
+	span.AddAttributes(trace.Int64Attribute("num_reqs", int64(len(svr))))
+
+	if len(svr) == 0 {
+		err := errors.Wrap(errMalformedRequest, "empty validator registration list")
+		tracing.AnnotateError(span, err)
+		return err
+	}
+	vs := make([]*SignedValidatorRegistration, len(svr))
+	for i := 0; i < len(svr); i++ {
+		vs[i] = &SignedValidatorRegistration{SignedValidatorRegistrationV1: svr[i]}
+	}
+	body, err := json.Marshal(vs)
+	if err != nil {
+		err := errors.Wrap(err, "error encoding the SignedValidatorRegistration value body in RegisterValidator")
+		tracing.AnnotateError(span, err)
+		return err
+	}
+
+	_, err = c.do(ctx, http.MethodPost, postRegisterValidatorPath, bytes.NewBuffer(body))
+	return err
+}
+
+// SubmitBlindedBlock calls the builder API endpoint that binds the validator to the builder and submits the block.
+// The response is the full execution payload used to create the blinded block.
+func (c *Client) SubmitBlindedBlock(ctx context.Context, sb interfaces.ReadOnlySignedBeaconBlock) (interfaces.ExecutionData, error) {
+	if !sb.IsBlinded() {
+		return nil, errNotBlinded
+	}
+	switch sb.Version() {
+	case version.Bellatrix:
+		psb, err := sb.PbBlindedBellatrixBlock()
+		if err != nil {
+			return nil, errors.Wrapf(err, "could not get protobuf block")
+		}
+		b := &SignedBlindedBeaconBlockBellatrix{SignedBlindedBeaconBlockBellatrix: psb}
+		body, err := json.Marshal(b)
+		if err != nil {
+			return nil, errors.Wrap(err, "error encoding the SignedBlindedBeaconBlockBellatrix value body in SubmitBlindedBlock")
+		}
+
+		ctx, cancel := context.WithTimeout(ctx, submitBlindedBlockTimeout)
+		defer cancel()
+		rb, err := c.do(ctx, http.MethodPost, postBlindedBeaconBlockPath, bytes.NewBuffer(body))
+
+		if err != nil {
+			return nil, errors.Wrap(err, "error posting the SignedBlindedBeaconBlockBellatrix to the builder api")
+		}
+		ep := &ExecPayloadResponse{}
+		if err := json.Unmarshal(rb, ep); err != nil {
+			return nil, errors.Wrap(err, "error unmarshaling the builder SubmitBlindedBlock response")
+		}
+		p, err := ep.ToProto()
+		if err != nil {
+			return nil, errors.Wrapf(err, "could not extract proto message from payload")
+		}
+		return blocks.WrappedExecutionPayload(p)
+	case version.Capella:
+		psb, err := sb.PbBlindedCapellaBlock()
+		if err != nil {
+			return nil, errors.Wrapf(err, "could not get protobuf block")
+		}
+		b := &SignedBlindedBeaconBlockCapella{SignedBlindedBeaconBlockCapella: psb}
+		body, err := json.Marshal(b)
+		if err != nil {
+			return nil, errors.Wrap(err, "error encoding the SignedBlindedBeaconBlockCapella value body in SubmitBlindedBlockCapella")
+		}
+
+		ctx, cancel := context.WithTimeout(ctx, submitBlindedBlockTimeout)
+		defer cancel()
+		rb, err := c.do(ctx, http.MethodPost, postBlindedBeaconBlockPath, bytes.NewBuffer(body))
+
+		if err != nil {
+			return nil, errors.Wrap(err, "error posting the SignedBlindedBeaconBlockCapella to the builder api")
+		}
+		ep := &ExecPayloadResponseCapella{}
+		if err := json.Unmarshal(rb, ep); err != nil {
+			return nil, errors.Wrap(err, "error unmarshaling the builder SubmitBlindedBlockCapella response")
+		}
+		p, err := ep.ToProto()
+		if err != nil {
+			return nil, errors.Wrapf(err, "could not extract proto message from payload")
+		}
+		return blocks.WrappedExecutionPayloadCapella(p, big.NewInt(0))
+	default:
+		return nil, fmt.Errorf("unsupported block version %s", version.String(sb.Version()))
+	}
+}
+
+// SubmitBlindedBlockCapella calls the builder API endpoint that binds the validator to the builder and submits the block.
+// The response is the full ExecutionPayloadCapella used to create the blinded block.
+func (c *Client) SubmitBlindedBlockCapella(ctx context.Context, sb *ethpb.SignedBlindedBeaconBlockCapella) (*v1.ExecutionPayloadCapella, error) {
+	v := &SignedBlindedBeaconBlockCapella{SignedBlindedBeaconBlockCapella: sb}
+	body, err := json.Marshal(v)
+	if err != nil {
+		return nil, errors.Wrap(err, "error encoding the SignedBlindedBeaconBlockCapella value body in SubmitBlindedBlockCapella")
+	}
+
+	ctx, cancel := context.WithTimeout(ctx, submitBlindedBlockTimeout)
+	defer cancel()
+	rb, err := c.do(ctx, http.MethodPost, postBlindedBeaconBlockPath, bytes.NewBuffer(body))
+
+	if err != nil {
+		return nil, errors.Wrap(err, "error posting the SignedBlindedBeaconBlockBellatrix to the builder api")
+	}
+	ep := &ExecPayloadResponseCapella{}
+	if err := json.Unmarshal(rb, ep); err != nil {
+		return nil, errors.Wrap(err, "error unmarshaling the builder SubmitBlindedBlockCapella response")
+	}
+	return ep.ToProto()
+}
+
+// Status asks the remote builder server for a health check. A response of 200 with an empty body is the success/healthy
+// response, and an error response may have an error message. This method will return a nil value for error in the
+// happy path, and an error with information about the server response body for a non-200 response.
+func (c *Client) Status(ctx context.Context) error {
+	_, err := c.do(ctx, http.MethodGet, getStatus, nil)
+	return err
+}
+
+func non200Err(response *http.Response) error {
+	bodyBytes, err := io.ReadAll(response.Body)
+	var errMessage ErrorMessage
+	var body string
+	if err != nil {
+		body = "(Unable to read response body.)"
+	} else {
+		body = "response body:\n" + string(bodyBytes)
+	}
+	msg := fmt.Sprintf("code=%d, url=%s, body=%s", response.StatusCode, response.Request.URL, body)
+	switch response.StatusCode {
+	case 204:
+		log.WithError(ErrNoContent).Debug(msg)
+		return ErrNoContent
+	case 400:
+		if jsonErr := json.Unmarshal(bodyBytes, &errMessage); jsonErr != nil {
+			return errors.Wrap(jsonErr, "unable to read response body")
+		}
+		log.WithError(ErrBadRequest).Debug(msg)
+		return errors.Wrap(ErrBadRequest, errMessage.Message)
+	case 404:
+		if jsonErr := json.Unmarshal(bodyBytes, &errMessage); jsonErr != nil {
+			return errors.Wrap(jsonErr, "unable to read response body")
+		}
+		log.WithError(ErrNotFound).Debug(msg)
+		return errors.Wrap(ErrNotFound, errMessage.Message)
+	case 500:
+		if jsonErr := json.Unmarshal(bodyBytes, &errMessage); jsonErr != nil {
+			return errors.Wrap(jsonErr, "unable to read response body")
+		}
+		log.WithError(ErrNotOK).Debug(msg)
+		return errors.Wrap(ErrNotOK, errMessage.Message)
+	default:
+		log.WithError(ErrNotOK).Debug(msg)
+		return errors.Wrap(ErrNotOK, fmt.Sprintf("unsupported error code: %d", response.StatusCode))
+	}
+}
+
+func covertEndPoint(ep string) network.Endpoint {
+	return network.Endpoint{
+		Url: ep,
+		Auth: network.AuthorizationData{ // Auth is not used for builder.
+			Method: authorization.None,
+			Value:  "",
+		}}
+}
--- a/api/client/builder/client_test.go
+++ b/api/client/builder/client_test.go
@@ -0,0 +1,626 @@
+package builder
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"math/big"
+	"net/http"
+	"net/url"
+	"strconv"
+	"testing"
+
+	"github.com/prysmaticlabs/go-bitfield"
+	"github.com/prysmaticlabs/prysm/v3/config/params"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	types "github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	v1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
+	eth "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+)
+
+type roundtrip func(*http.Request) (*http.Response, error)
+
+func (fn roundtrip) RoundTrip(r *http.Request) (*http.Response, error) {
+	return fn(r)
+}
+
+func TestClient_Status(t *testing.T) {
+	ctx := context.Background()
+	statusPath := "/eth/v1/builder/status"
+	hc := &http.Client{
+		Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+			defer func() {
+				if r.Body == nil {
+					return
+				}
+				require.NoError(t, r.Body.Close())
+			}()
+			require.Equal(t, statusPath, r.URL.Path)
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewBuffer(nil)),
+				Request:    r.Clone(ctx),
+			}, nil
+		}),
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+	require.NoError(t, c.Status(ctx))
+	hc = &http.Client{
+		Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+			defer func() {
+				if r.Body == nil {
+					return
+				}
+				require.NoError(t, r.Body.Close())
+			}()
+			require.Equal(t, statusPath, r.URL.Path)
+			message := ErrorMessage{
+				Code:    500,
+				Message: "Internal server error",
+			}
+			resp, err := json.Marshal(message)
+			require.NoError(t, err)
+			return &http.Response{
+				StatusCode: http.StatusInternalServerError,
+				Body:       io.NopCloser(bytes.NewBuffer(resp)),
+				Request:    r.Clone(ctx),
+			}, nil
+		}),
+	}
+	c = &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+	require.ErrorIs(t, c.Status(ctx), ErrNotOK)
+}
+
+func TestClient_RegisterValidator(t *testing.T) {
+	ctx := context.Background()
+	expectedBody := `[{"message":{"fee_recipient":"0x0000000000000000000000000000000000000000","gas_limit":"23","timestamp":"42","pubkey":"0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"},"signature":"0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"}]`
+	expectedPath := "/eth/v1/builder/validators"
+	hc := &http.Client{
+		Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+			body, err := io.ReadAll(r.Body)
+			defer func() {
+				require.NoError(t, r.Body.Close())
+			}()
+			require.NoError(t, err)
+			require.Equal(t, expectedBody, string(body))
+			require.Equal(t, expectedPath, r.URL.Path)
+			require.Equal(t, http.MethodPost, r.Method)
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewBuffer(nil)),
+				Request:    r.Clone(ctx),
+			}, nil
+		}),
+	}
+	c := &Client{
+		hc:      hc,
+		baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+	}
+	reg := &eth.SignedValidatorRegistrationV1{
+		Message: &eth.ValidatorRegistrationV1{
+			FeeRecipient: ezDecode(t, params.BeaconConfig().EthBurnAddressHex),
+			GasLimit:     23,
+			Timestamp:    42,
+			Pubkey:       ezDecode(t, "0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"),
+		},
+		Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+	}
+	require.NoError(t, c.RegisterValidator(ctx, []*eth.SignedValidatorRegistrationV1{reg}))
+}
+
+func TestClient_GetHeader(t *testing.T) {
+	ctx := context.Background()
+	expectedPath := "/eth/v1/builder/header/23/0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2/0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"
+	var slot types.Slot = 23
+	parentHash := ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2")
+	pubkey := ezDecode(t, "0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a")
+
+	t.Run("server error", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, expectedPath, r.URL.Path)
+				message := ErrorMessage{
+					Code:    500,
+					Message: "Internal server error",
+				}
+				resp, err := json.Marshal(message)
+				require.NoError(t, err)
+				return &http.Response{
+					StatusCode: http.StatusInternalServerError,
+					Body:       io.NopCloser(bytes.NewBuffer(resp)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+
+		_, err := c.GetHeader(ctx, slot, bytesutil.ToBytes32(parentHash), bytesutil.ToBytes48(pubkey))
+		require.ErrorIs(t, err, ErrNotOK)
+	})
+	t.Run("header not available", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, expectedPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusNoContent,
+					Body:       io.NopCloser(bytes.NewBuffer([]byte("No header is available."))),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		_, err := c.GetHeader(ctx, slot, bytesutil.ToBytes32(parentHash), bytesutil.ToBytes48(pubkey))
+		require.ErrorIs(t, err, ErrNoContent)
+	})
+	t.Run("bellatrix", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, expectedPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusOK,
+					Body:       io.NopCloser(bytes.NewBufferString(testExampleHeaderResponse)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		h, err := c.GetHeader(ctx, slot, bytesutil.ToBytes32(parentHash), bytesutil.ToBytes48(pubkey))
+		require.NoError(t, err)
+		expectedSig := ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505")
+		require.Equal(t, true, bytes.Equal(expectedSig, h.Signature()))
+		expectedTxRoot := ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2")
+		bid, err := h.Message()
+		require.NoError(t, err)
+		bidHeader, err := bid.Header()
+		require.NoError(t, err)
+		withdrawalsRoot, err := bidHeader.TransactionsRoot()
+		require.NoError(t, err)
+		require.Equal(t, true, bytes.Equal(expectedTxRoot, withdrawalsRoot))
+		require.Equal(t, uint64(1), bidHeader.GasUsed())
+		value, err := stringToUint256("652312848583266388373324160190187140051835877600158453279131187530910662656")
+		require.NoError(t, err)
+		require.Equal(t, fmt.Sprintf("%#x", value.SSZBytes()), fmt.Sprintf("%#x", bid.Value()))
+		bidValue := bytesutil.ReverseByteOrder(bid.Value())
+		require.DeepEqual(t, bidValue, value.Bytes())
+		require.DeepEqual(t, big.NewInt(0).SetBytes(bidValue), value.Int)
+	})
+	t.Run("capella", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, expectedPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusOK,
+					Body:       io.NopCloser(bytes.NewBufferString(testExampleHeaderResponseCapella)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		h, err := c.GetHeader(ctx, slot, bytesutil.ToBytes32(parentHash), bytesutil.ToBytes48(pubkey))
+		require.NoError(t, err)
+		expectedWithdrawalsRoot := ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2")
+		bid, err := h.Message()
+		require.NoError(t, err)
+		bidHeader, err := bid.Header()
+		require.NoError(t, err)
+		withdrawalsRoot, err := bidHeader.WithdrawalsRoot()
+		require.NoError(t, err)
+		require.Equal(t, true, bytes.Equal(expectedWithdrawalsRoot, withdrawalsRoot))
+		value, err := stringToUint256("652312848583266388373324160190187140051835877600158453279131187530910662656")
+		require.NoError(t, err)
+		require.Equal(t, fmt.Sprintf("%#x", value.SSZBytes()), fmt.Sprintf("%#x", bid.Value()))
+		bidValue := bytesutil.ReverseByteOrder(bid.Value())
+		require.DeepEqual(t, bidValue, value.Bytes())
+		require.DeepEqual(t, big.NewInt(0).SetBytes(bidValue), value.Int)
+	})
+	t.Run("unsupported version", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, expectedPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusOK,
+					Body:       io.NopCloser(bytes.NewBufferString(testExampleHeaderResponseUnknownVersion)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		_, err := c.GetHeader(ctx, slot, bytesutil.ToBytes32(parentHash), bytesutil.ToBytes48(pubkey))
+		require.ErrorContains(t, "unsupported header version", err)
+	})
+}
+
+func TestSubmitBlindedBlock(t *testing.T) {
+	ctx := context.Background()
+
+	t.Run("bellatrix", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, postBlindedBeaconBlockPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusOK,
+					Body:       io.NopCloser(bytes.NewBufferString(testExampleExecutionPayload)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		sbbb, err := blocks.NewSignedBeaconBlock(testSignedBlindedBeaconBlockBellatrix(t))
+		require.NoError(t, err)
+		ep, err := c.SubmitBlindedBlock(ctx, sbbb)
+		require.NoError(t, err)
+		require.Equal(t, true, bytes.Equal(ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"), ep.ParentHash()))
+		bfpg, err := stringToUint256("452312848583266388373324160190187140051835877600158453279131187530910662656")
+		require.NoError(t, err)
+		require.Equal(t, fmt.Sprintf("%#x", bfpg.SSZBytes()), fmt.Sprintf("%#x", ep.BaseFeePerGas()))
+		require.Equal(t, uint64(1), ep.GasLimit())
+	})
+	t.Run("capella", func(t *testing.T) {
+		hc := &http.Client{
+			Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+				require.Equal(t, postBlindedBeaconBlockPath, r.URL.Path)
+				return &http.Response{
+					StatusCode: http.StatusOK,
+					Body:       io.NopCloser(bytes.NewBufferString(testExampleExecutionPayloadCapella)),
+					Request:    r.Clone(ctx),
+				}, nil
+			}),
+		}
+		c := &Client{
+			hc:      hc,
+			baseURL: &url.URL{Host: "localhost:3500", Scheme: "http"},
+		}
+		sbb, err := blocks.NewSignedBeaconBlock(testSignedBlindedBeaconBlockCapella(t))
+		require.NoError(t, err)
+		ep, err := c.SubmitBlindedBlock(ctx, sbb)
+		require.NoError(t, err)
+		withdrawals, err := ep.Withdrawals()
+		require.NoError(t, err)
+		require.Equal(t, 1, len(withdrawals))
+		assert.Equal(t, uint64(1), withdrawals[0].Index)
+		assert.Equal(t, types.ValidatorIndex(1), withdrawals[0].ValidatorIndex)
+		assert.DeepEqual(t, ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943"), withdrawals[0].Address)
+		assert.Equal(t, uint64(1), withdrawals[0].Amount)
+	})
+	t.Run("not blinded", func(t *testing.T) {
+		sbb, err := blocks.NewSignedBeaconBlock(&eth.SignedBeaconBlockBellatrix{Block: &eth.BeaconBlockBellatrix{Body: &eth.BeaconBlockBodyBellatrix{}}})
+		require.NoError(t, err)
+		_, err = (&Client{}).SubmitBlindedBlock(ctx, sbb)
+		require.ErrorIs(t, err, errNotBlinded)
+	})
+}
+
+func testSignedBlindedBeaconBlockBellatrix(t *testing.T) *eth.SignedBlindedBeaconBlockBellatrix {
+	return &eth.SignedBlindedBeaconBlockBellatrix{
+		Block: &eth.BlindedBeaconBlockBellatrix{
+			Slot:          1,
+			ProposerIndex: 1,
+			ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+			StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+			Body: &eth.BlindedBeaconBlockBodyBellatrix{
+				RandaoReveal: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+				Eth1Data: &eth.Eth1Data{
+					DepositRoot:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					DepositCount: 1,
+					BlockHash:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+				},
+				Graffiti: ezDecode(t, "0xdeadbeefc0ffee"),
+				ProposerSlashings: []*eth.ProposerSlashing{
+					{
+						Header_1: &eth.SignedBeaconBlockHeader{
+							Header: &eth.BeaconBlockHeader{
+								Slot:          1,
+								ProposerIndex: 1,
+								ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								BodyRoot:      ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+						Header_2: &eth.SignedBeaconBlockHeader{
+							Header: &eth.BeaconBlockHeader{
+								Slot:          1,
+								ProposerIndex: 1,
+								ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								BodyRoot:      ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				AttesterSlashings: []*eth.AttesterSlashing{
+					{
+						Attestation_1: &eth.IndexedAttestation{
+							AttestingIndices: []uint64{1},
+							Data: &eth.AttestationData{
+								Slot:            1,
+								CommitteeIndex:  1,
+								BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								Source: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+								Target: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+						Attestation_2: &eth.IndexedAttestation{
+							AttestingIndices: []uint64{1},
+							Data: &eth.AttestationData{
+								Slot:            1,
+								CommitteeIndex:  1,
+								BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								Source: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+								Target: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				Attestations: []*eth.Attestation{
+					{
+						AggregationBits: bitfield.Bitlist{0x01},
+						Data: &eth.AttestationData{
+							Slot:            1,
+							CommitteeIndex:  1,
+							BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							Source: &eth.Checkpoint{
+								Epoch: 1,
+								Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Target: &eth.Checkpoint{
+								Epoch: 1,
+								Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+						},
+						Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+					},
+				},
+				Deposits: []*eth.Deposit{
+					{
+						Proof: [][]byte{ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2")},
+						Data: &eth.Deposit_Data{
+							PublicKey:             ezDecode(t, "0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"),
+							WithdrawalCredentials: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							Amount:                1,
+							Signature:             ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				VoluntaryExits: []*eth.SignedVoluntaryExit{
+					{
+						Exit: &eth.VoluntaryExit{
+							Epoch:          1,
+							ValidatorIndex: 1,
+						},
+						Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+					},
+				},
+				SyncAggregate: &eth.SyncAggregate{
+					SyncCommitteeSignature: make([]byte, 48),
+					SyncCommitteeBits:      bitfield.Bitvector512{0x01},
+				},
+				ExecutionPayloadHeader: &v1.ExecutionPayloadHeader{
+					ParentHash:       ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					FeeRecipient:     ezDecode(t, "0xabcf8e0d4e9587369b2301d0790347320302cc09"),
+					StateRoot:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					ReceiptsRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					LogsBloom:        ezDecode(t, "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"),
+					PrevRandao:       ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					BlockNumber:      1,
+					GasLimit:         1,
+					GasUsed:          1,
+					Timestamp:        1,
+					ExtraData:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					BaseFeePerGas:    []byte(strconv.FormatUint(1, 10)),
+					BlockHash:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					TransactionsRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+				},
+			},
+		},
+		Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+	}
+}
+
+func testSignedBlindedBeaconBlockCapella(t *testing.T) *eth.SignedBlindedBeaconBlockCapella {
+	return &eth.SignedBlindedBeaconBlockCapella{
+		Block: &eth.BlindedBeaconBlockCapella{
+			Slot:          1,
+			ProposerIndex: 1,
+			ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+			StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+			Body: &eth.BlindedBeaconBlockBodyCapella{
+				RandaoReveal: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+				Eth1Data: &eth.Eth1Data{
+					DepositRoot:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					DepositCount: 1,
+					BlockHash:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+				},
+				Graffiti: ezDecode(t, "0xdeadbeefc0ffee"),
+				ProposerSlashings: []*eth.ProposerSlashing{
+					{
+						Header_1: &eth.SignedBeaconBlockHeader{
+							Header: &eth.BeaconBlockHeader{
+								Slot:          1,
+								ProposerIndex: 1,
+								ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								BodyRoot:      ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+						Header_2: &eth.SignedBeaconBlockHeader{
+							Header: &eth.BeaconBlockHeader{
+								Slot:          1,
+								ProposerIndex: 1,
+								ParentRoot:    ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								StateRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								BodyRoot:      ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				AttesterSlashings: []*eth.AttesterSlashing{
+					{
+						Attestation_1: &eth.IndexedAttestation{
+							AttestingIndices: []uint64{1},
+							Data: &eth.AttestationData{
+								Slot:            1,
+								CommitteeIndex:  1,
+								BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								Source: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+								Target: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+						Attestation_2: &eth.IndexedAttestation{
+							AttestingIndices: []uint64{1},
+							Data: &eth.AttestationData{
+								Slot:            1,
+								CommitteeIndex:  1,
+								BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								Source: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+								Target: &eth.Checkpoint{
+									Epoch: 1,
+									Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+								},
+							},
+							Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				Attestations: []*eth.Attestation{
+					{
+						AggregationBits: bitfield.Bitlist{0x01},
+						Data: &eth.AttestationData{
+							Slot:            1,
+							CommitteeIndex:  1,
+							BeaconBlockRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							Source: &eth.Checkpoint{
+								Epoch: 1,
+								Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+							Target: &eth.Checkpoint{
+								Epoch: 1,
+								Root:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							},
+						},
+						Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+					},
+				},
+				Deposits: []*eth.Deposit{
+					{
+						Proof: [][]byte{ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2")},
+						Data: &eth.Deposit_Data{
+							PublicKey:             ezDecode(t, "0x93247f2209abcacf57b75a51dafae777f9dd38bc7053d1af526f220a7489a6d3a2753e5f3e8b1cfe39b56f43611df74a"),
+							WithdrawalCredentials: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+							Amount:                1,
+							Signature:             ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+						},
+					},
+				},
+				VoluntaryExits: []*eth.SignedVoluntaryExit{
+					{
+						Exit: &eth.VoluntaryExit{
+							Epoch:          1,
+							ValidatorIndex: 1,
+						},
+						Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+					},
+				},
+				SyncAggregate: &eth.SyncAggregate{
+					SyncCommitteeSignature: make([]byte, 48),
+					SyncCommitteeBits:      bitfield.Bitvector512{0x01},
+				},
+				ExecutionPayloadHeader: &v1.ExecutionPayloadHeaderCapella{
+					ParentHash:       ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					FeeRecipient:     ezDecode(t, "0xabcf8e0d4e9587369b2301d0790347320302cc09"),
+					StateRoot:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					ReceiptsRoot:     ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					LogsBloom:        ezDecode(t, "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"),
+					PrevRandao:       ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					BlockNumber:      1,
+					GasLimit:         1,
+					GasUsed:          1,
+					Timestamp:        1,
+					ExtraData:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					BaseFeePerGas:    []byte(strconv.FormatUint(1, 10)),
+					BlockHash:        ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					TransactionsRoot: ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+					WithdrawalsRoot:  ezDecode(t, "0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"),
+				},
+			},
+		},
+		Signature: ezDecode(t, "0x1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505cc411d61252fb6cb3fa0017b679f8bb2305b26a285fa2737f175668d0dff91cc1b66ac1fb663c9bc59509846d6ec05345bd908eda73e670af888da41af171505"),
+	}
+}
+
+func TestRequestLogger(t *testing.T) {
+	wo := WithObserver(&requestLogger{})
+	c, err := NewClient("localhost:3500", wo)
+	require.NoError(t, err)
+
+	ctx := context.Background()
+	hc := &http.Client{
+		Transport: roundtrip(func(r *http.Request) (*http.Response, error) {
+			require.Equal(t, getStatus, r.URL.Path)
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Body:       io.NopCloser(bytes.NewBufferString(testExampleExecutionPayload)),
+				Request:    r.Clone(ctx),
+			}, nil
+		}),
+	}
+	c.hc = hc
+	err = c.Status(ctx)
+	require.NoError(t, err)
+}
--- a/api/client/builder/errors.go
+++ b/api/client/builder/errors.go
@@ -0,0 +1,17 @@
+package builder
+
+import "github.com/pkg/errors"
+
+// ErrNotOK is used to indicate when an HTTP request to the Beacon Node API failed with any non-2xx response code.
+// More specific errors may be returned, but an error in reaction to a non-2xx response will always wrap ErrNotOK.
+var ErrNotOK = errors.New("did not receive 200 response from API")
+
+// ErrNotFound specifically means that a '404 - NOT FOUND' response was received from the API.
+var ErrNotFound = errors.Wrap(ErrNotOK, "recv 404 NotFound response from API")
+
+// ErrBadRequest specifically means that a '400 - BAD REQUEST' response was received from the API.
+var ErrBadRequest = errors.Wrap(ErrNotOK, "recv 400 BadRequest response from API")
+
+// ErrNoContent specifically means that a '204 - No Content' response was received from the API.
+// Typically, a 204 is a success but in this case for the Header API means No header is available
+var ErrNoContent = errors.New("recv 204 no content response from API, No header is available")
--- a/api/client/builder/testdata/blinded-block-capella.json
+++ b/api/client/builder/testdata/blinded-block-capella.json
--- a/api/client/builder/testdata/blinded-block.json
+++ b/api/client/builder/testdata/blinded-block.json
--- a/api/client/builder/testdata/execution-payload-capella.json
+++ b/api/client/builder/testdata/execution-payload-capella.json
@@ -0,0 +1 @@
+{"parent_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","fee_recipient":"0xabcf8e0d4e9587369b2301d0790347320302cc09","state_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","receipts_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","logs_bloom":"0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","prev_randao":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","block_number":"1","gas_limit":"1","gas_used":"1","timestamp":"1","extra_data":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","base_fee_per_gas":"14074904626401341155369551180448584754667373453244490859944217516317499064576","block_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","transactions_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","withdrawals_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"}
--- a/api/client/builder/testdata/execution-payload.json
+++ b/api/client/builder/testdata/execution-payload.json
@@ -0,0 +1 @@
+{"parent_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","fee_recipient":"0xabcf8e0d4e9587369b2301d0790347320302cc09","state_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","receipts_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","logs_bloom":"0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","prev_randao":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","block_number":"1","gas_limit":"1","gas_used":"1","timestamp":"1","extra_data":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","base_fee_per_gas":"14074904626401341155369551180448584754667373453244490859944217516317499064576","block_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","transactions_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"}
--- a/api/client/builder/testing/BUILD.bazel
+++ b/api/client/builder/testing/BUILD.bazel
@@ -0,0 +1,15 @@
+load("@prysm//tools/go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["mock.go"],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/client/builder/testing",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//api/client/builder:go_default_library",
+        "//consensus-types/interfaces:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+    ],
+)
--- a/api/client/builder/testing/mock.go
+++ b/api/client/builder/testing/mock.go
@@ -0,0 +1,50 @@
+package testing
+
+import (
+	"context"
+
+	"github.com/prysmaticlabs/prysm/v3/api/client/builder"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+)
+
+// MockClient is a mock implementation of BuilderClient.
+type MockClient struct {
+	RegisteredVals map[[48]byte]bool
+}
+
+// NewClient creates a new, correctly initialized mock.
+func NewClient() MockClient {
+	return MockClient{RegisteredVals: map[[48]byte]bool{}}
+}
+
+// NodeURL --
+func (MockClient) NodeURL() string {
+	return ""
+}
+
+// GetHeader --
+func (MockClient) GetHeader(_ context.Context, _ primitives.Slot, _ [32]byte, _ [48]byte) (builder.SignedBid, error) {
+	return nil, nil
+}
+
+// RegisterValidator --
+func (m MockClient) RegisterValidator(_ context.Context, svr []*ethpb.SignedValidatorRegistrationV1) error {
+	for _, r := range svr {
+		b := bytesutil.ToBytes48(r.Message.Pubkey)
+		m.RegisteredVals[b] = true
+	}
+	return nil
+}
+
+// SubmitBlindedBlock --
+func (MockClient) SubmitBlindedBlock(_ context.Context, _ interfaces.ReadOnlySignedBeaconBlock) (interfaces.ExecutionData, error) {
+	return nil, nil
+}
+
+// Status --
+func (MockClient) Status(_ context.Context) error {
+	return nil
+}
--- a/api/client/builder/types.go
+++ b/api/client/builder/types.go
@@ -0,0 +1,963 @@
+package builder
+
+import (
+	"encoding/json"
+	"fmt"
+	"math/big"
+	"strconv"
+
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/pkg/errors"
+	types "github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	v1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
+	eth "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+)
+
+type SignedValidatorRegistration struct {
+	*eth.SignedValidatorRegistrationV1
+}
+
+type ValidatorRegistration struct {
+	*eth.ValidatorRegistrationV1
+}
+
+func (r *SignedValidatorRegistration) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Message   *ValidatorRegistration `json:"message"`
+		Signature hexutil.Bytes          `json:"signature"`
+	}{
+		Message:   &ValidatorRegistration{r.Message},
+		Signature: r.SignedValidatorRegistrationV1.Signature,
+	})
+}
+
+func (r *SignedValidatorRegistration) UnmarshalJSON(b []byte) error {
+	if r.SignedValidatorRegistrationV1 == nil {
+		r.SignedValidatorRegistrationV1 = &eth.SignedValidatorRegistrationV1{}
+	}
+	o := struct {
+		Message   *ValidatorRegistration `json:"message"`
+		Signature hexutil.Bytes          `json:"signature"`
+	}{}
+	if err := json.Unmarshal(b, &o); err != nil {
+		return err
+	}
+	r.Message = o.Message.ValidatorRegistrationV1
+	r.Signature = o.Signature
+	return nil
+}
+
+func (r *ValidatorRegistration) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		FeeRecipient hexutil.Bytes `json:"fee_recipient"`
+		GasLimit     string        `json:"gas_limit"`
+		Timestamp    string        `json:"timestamp"`
+		Pubkey       hexutil.Bytes `json:"pubkey"`
+	}{
+		FeeRecipient: r.FeeRecipient,
+		GasLimit:     fmt.Sprintf("%d", r.GasLimit),
+		Timestamp:    fmt.Sprintf("%d", r.Timestamp),
+		Pubkey:       r.Pubkey,
+	})
+}
+
+func (r *ValidatorRegistration) UnmarshalJSON(b []byte) error {
+	if r.ValidatorRegistrationV1 == nil {
+		r.ValidatorRegistrationV1 = &eth.ValidatorRegistrationV1{}
+	}
+	o := struct {
+		FeeRecipient hexutil.Bytes `json:"fee_recipient"`
+		GasLimit     string        `json:"gas_limit"`
+		Timestamp    string        `json:"timestamp"`
+		Pubkey       hexutil.Bytes `json:"pubkey"`
+	}{}
+	if err := json.Unmarshal(b, &o); err != nil {
+		return err
+	}
+
+	r.FeeRecipient = o.FeeRecipient
+	r.Pubkey = o.Pubkey
+	var err error
+	if r.GasLimit, err = strconv.ParseUint(o.GasLimit, 10, 64); err != nil {
+		return errors.Wrap(err, "failed to parse gas limit")
+	}
+	if r.Timestamp, err = strconv.ParseUint(o.Timestamp, 10, 64); err != nil {
+		return errors.Wrap(err, "failed to parse timestamp")
+	}
+
+	return nil
+}
+
+var errInvalidUint256 = errors.New("invalid Uint256")
+var errDecodeUint256 = errors.New("unable to decode into Uint256")
+
+type Uint256 struct {
+	*big.Int
+}
+
+func isValidUint256(bi *big.Int) bool {
+	return bi.Cmp(big.NewInt(0)) >= 0 && bi.BitLen() <= 256
+}
+
+func stringToUint256(s string) (Uint256, error) {
+	bi := new(big.Int)
+	_, ok := bi.SetString(s, 10)
+	if !ok || !isValidUint256(bi) {
+		return Uint256{}, errors.Wrapf(errDecodeUint256, "value=%s", s)
+	}
+	return Uint256{Int: bi}, nil
+}
+
+// sszBytesToUint256 creates a Uint256 from a ssz-style (little-endian byte slice) representation.
+func sszBytesToUint256(b []byte) (Uint256, error) {
+	bi := bytesutil.LittleEndianBytesToBigInt(b)
+	if !isValidUint256(bi) {
+		return Uint256{}, errors.Wrapf(errDecodeUint256, "value=%s", b)
+	}
+	return Uint256{Int: bi}, nil
+}
+
+// SSZBytes creates an ssz-style (little-endian byte slice) representation of the Uint256
+func (s Uint256) SSZBytes() []byte {
+	if !isValidUint256(s.Int) {
+		return []byte{}
+	}
+	return bytesutil.PadTo(bytesutil.ReverseByteOrder(s.Int.Bytes()), 32)
+}
+
+func (s *Uint256) UnmarshalJSON(t []byte) error {
+	start := 0
+	end := len(t)
+	if t[0] == '"' {
+		start += 1
+	}
+	if t[end-1] == '"' {
+		end -= 1
+	}
+	return s.UnmarshalText(t[start:end])
+}
+
+func (s *Uint256) UnmarshalText(t []byte) error {
+	if s.Int == nil {
+		s.Int = big.NewInt(0)
+	}
+	z, ok := s.SetString(string(t), 10)
+	if !ok {
+		return errors.Wrapf(errDecodeUint256, "value=%s", t)
+	}
+	if !isValidUint256(z) {
+		return errors.Wrapf(errDecodeUint256, "value=%s", t)
+	}
+	s.Int = z
+	return nil
+}
+
+func (s Uint256) MarshalJSON() ([]byte, error) {
+	t, err := s.MarshalText()
+	if err != nil {
+		return nil, err
+	}
+	t = append([]byte{'"'}, t...)
+	t = append(t, '"')
+	return t, nil
+}
+
+func (s Uint256) MarshalText() ([]byte, error) {
+	if !isValidUint256(s.Int) {
+		return nil, errors.Wrapf(errInvalidUint256, "value=%s", s.Int)
+	}
+	return []byte(s.String()), nil
+}
+
+type Uint64String uint64
+
+func (s *Uint64String) UnmarshalText(t []byte) error {
+	u, err := strconv.ParseUint(string(t), 10, 64)
+	*s = Uint64String(u)
+	return err
+}
+
+func (s Uint64String) MarshalText() ([]byte, error) {
+	return []byte(fmt.Sprintf("%d", s)), nil
+}
+
+type VersionResponse struct {
+	Version string `json:"version"`
+}
+
+type ExecHeaderResponse struct {
+	Version string `json:"version"`
+	Data    struct {
+		Signature hexutil.Bytes `json:"signature"`
+		Message   *BuilderBid   `json:"message"`
+	} `json:"data"`
+}
+
+func (ehr *ExecHeaderResponse) ToProto() (*eth.SignedBuilderBid, error) {
+	bb, err := ehr.Data.Message.ToProto()
+	if err != nil {
+		return nil, err
+	}
+	return &eth.SignedBuilderBid{
+		Message:   bb,
+		Signature: ehr.Data.Signature,
+	}, nil
+}
+
+func (bb *BuilderBid) ToProto() (*eth.BuilderBid, error) {
+	header, err := bb.Header.ToProto()
+	if err != nil {
+		return nil, err
+	}
+	return &eth.BuilderBid{
+		Header: header,
+		Value:  bb.Value.SSZBytes(),
+		Pubkey: bb.Pubkey,
+	}, nil
+}
+
+func (h *ExecutionPayloadHeader) ToProto() (*v1.ExecutionPayloadHeader, error) {
+	return &v1.ExecutionPayloadHeader{
+		ParentHash:       h.ParentHash,
+		FeeRecipient:     h.FeeRecipient,
+		StateRoot:        h.StateRoot,
+		ReceiptsRoot:     h.ReceiptsRoot,
+		LogsBloom:        h.LogsBloom,
+		PrevRandao:       h.PrevRandao,
+		BlockNumber:      uint64(h.BlockNumber),
+		GasLimit:         uint64(h.GasLimit),
+		GasUsed:          uint64(h.GasUsed),
+		Timestamp:        uint64(h.Timestamp),
+		ExtraData:        h.ExtraData,
+		BaseFeePerGas:    h.BaseFeePerGas.SSZBytes(),
+		BlockHash:        h.BlockHash,
+		TransactionsRoot: h.TransactionsRoot,
+	}, nil
+}
+
+type BuilderBid struct {
+	Header *ExecutionPayloadHeader `json:"header"`
+	Value  Uint256                 `json:"value"`
+	Pubkey hexutil.Bytes           `json:"pubkey"`
+}
+
+type ExecutionPayloadHeader struct {
+	ParentHash       hexutil.Bytes `json:"parent_hash"`
+	FeeRecipient     hexutil.Bytes `json:"fee_recipient"`
+	StateRoot        hexutil.Bytes `json:"state_root"`
+	ReceiptsRoot     hexutil.Bytes `json:"receipts_root"`
+	LogsBloom        hexutil.Bytes `json:"logs_bloom"`
+	PrevRandao       hexutil.Bytes `json:"prev_randao"`
+	BlockNumber      Uint64String  `json:"block_number"`
+	GasLimit         Uint64String  `json:"gas_limit"`
+	GasUsed          Uint64String  `json:"gas_used"`
+	Timestamp        Uint64String  `json:"timestamp"`
+	ExtraData        hexutil.Bytes `json:"extra_data"`
+	BaseFeePerGas    Uint256       `json:"base_fee_per_gas"`
+	BlockHash        hexutil.Bytes `json:"block_hash"`
+	TransactionsRoot hexutil.Bytes `json:"transactions_root"`
+	*v1.ExecutionPayloadHeader
+}
+
+func (h *ExecutionPayloadHeader) MarshalJSON() ([]byte, error) {
+	type MarshalCaller ExecutionPayloadHeader
+	baseFeePerGas, err := sszBytesToUint256(h.ExecutionPayloadHeader.BaseFeePerGas)
+	if err != nil {
+		return []byte{}, errors.Wrapf(err, "invalid BaseFeePerGas")
+	}
+	return json.Marshal(&MarshalCaller{
+		ParentHash:       h.ExecutionPayloadHeader.ParentHash,
+		FeeRecipient:     h.ExecutionPayloadHeader.FeeRecipient,
+		StateRoot:        h.ExecutionPayloadHeader.StateRoot,
+		ReceiptsRoot:     h.ExecutionPayloadHeader.ReceiptsRoot,
+		LogsBloom:        h.ExecutionPayloadHeader.LogsBloom,
+		PrevRandao:       h.ExecutionPayloadHeader.PrevRandao,
+		BlockNumber:      Uint64String(h.ExecutionPayloadHeader.BlockNumber),
+		GasLimit:         Uint64String(h.ExecutionPayloadHeader.GasLimit),
+		GasUsed:          Uint64String(h.ExecutionPayloadHeader.GasUsed),
+		Timestamp:        Uint64String(h.ExecutionPayloadHeader.Timestamp),
+		ExtraData:        h.ExecutionPayloadHeader.ExtraData,
+		BaseFeePerGas:    baseFeePerGas,
+		BlockHash:        h.ExecutionPayloadHeader.BlockHash,
+		TransactionsRoot: h.ExecutionPayloadHeader.TransactionsRoot,
+	})
+}
+
+func (h *ExecutionPayloadHeader) UnmarshalJSON(b []byte) error {
+	type UnmarshalCaller ExecutionPayloadHeader
+	uc := &UnmarshalCaller{}
+	if err := json.Unmarshal(b, uc); err != nil {
+		return err
+	}
+	ep := ExecutionPayloadHeader(*uc)
+	*h = ep
+	var err error
+	h.ExecutionPayloadHeader, err = h.ToProto()
+	return err
+}
+
+type ExecPayloadResponse struct {
+	Version string           `json:"version"`
+	Data    ExecutionPayload `json:"data"`
+}
+
+type ExecutionPayload struct {
+	ParentHash    hexutil.Bytes   `json:"parent_hash"`
+	FeeRecipient  hexutil.Bytes   `json:"fee_recipient"`
+	StateRoot     hexutil.Bytes   `json:"state_root"`
+	ReceiptsRoot  hexutil.Bytes   `json:"receipts_root"`
+	LogsBloom     hexutil.Bytes   `json:"logs_bloom"`
+	PrevRandao    hexutil.Bytes   `json:"prev_randao"`
+	BlockNumber   Uint64String    `json:"block_number"`
+	GasLimit      Uint64String    `json:"gas_limit"`
+	GasUsed       Uint64String    `json:"gas_used"`
+	Timestamp     Uint64String    `json:"timestamp"`
+	ExtraData     hexutil.Bytes   `json:"extra_data"`
+	BaseFeePerGas Uint256         `json:"base_fee_per_gas"`
+	BlockHash     hexutil.Bytes   `json:"block_hash"`
+	Transactions  []hexutil.Bytes `json:"transactions"`
+}
+
+func (r *ExecPayloadResponse) ToProto() (*v1.ExecutionPayload, error) {
+	return r.Data.ToProto()
+}
+
+func (p *ExecutionPayload) ToProto() (*v1.ExecutionPayload, error) {
+	txs := make([][]byte, len(p.Transactions))
+	for i := range p.Transactions {
+		txs[i] = p.Transactions[i]
+	}
+	return &v1.ExecutionPayload{
+		ParentHash:    p.ParentHash,
+		FeeRecipient:  p.FeeRecipient,
+		StateRoot:     p.StateRoot,
+		ReceiptsRoot:  p.ReceiptsRoot,
+		LogsBloom:     p.LogsBloom,
+		PrevRandao:    p.PrevRandao,
+		BlockNumber:   uint64(p.BlockNumber),
+		GasLimit:      uint64(p.GasLimit),
+		GasUsed:       uint64(p.GasUsed),
+		Timestamp:     uint64(p.Timestamp),
+		ExtraData:     p.ExtraData,
+		BaseFeePerGas: p.BaseFeePerGas.SSZBytes(),
+		BlockHash:     p.BlockHash,
+		Transactions:  txs,
+	}, nil
+}
+
+type ExecHeaderResponseCapella struct {
+	Data struct {
+		Signature hexutil.Bytes      `json:"signature"`
+		Message   *BuilderBidCapella `json:"message"`
+	} `json:"data"`
+}
+
+func (ehr *ExecHeaderResponseCapella) ToProto() (*eth.SignedBuilderBidCapella, error) {
+	bb, err := ehr.Data.Message.ToProto()
+	if err != nil {
+		return nil, err
+	}
+	return &eth.SignedBuilderBidCapella{
+		Message:   bb,
+		Signature: ehr.Data.Signature,
+	}, nil
+}
+
+func (bb *BuilderBidCapella) ToProto() (*eth.BuilderBidCapella, error) {
+	header, err := bb.Header.ToProto()
+	if err != nil {
+		return nil, err
+	}
+	return &eth.BuilderBidCapella{
+		Header: header,
+		Value:  bb.Value.SSZBytes(),
+		Pubkey: bb.Pubkey,
+	}, nil
+}
+
+func (h *ExecutionPayloadHeaderCapella) ToProto() (*v1.ExecutionPayloadHeaderCapella, error) {
+	return &v1.ExecutionPayloadHeaderCapella{
+		ParentHash:       h.ParentHash,
+		FeeRecipient:     h.FeeRecipient,
+		StateRoot:        h.StateRoot,
+		ReceiptsRoot:     h.ReceiptsRoot,
+		LogsBloom:        h.LogsBloom,
+		PrevRandao:       h.PrevRandao,
+		BlockNumber:      uint64(h.BlockNumber),
+		GasLimit:         uint64(h.GasLimit),
+		GasUsed:          uint64(h.GasUsed),
+		Timestamp:        uint64(h.Timestamp),
+		ExtraData:        h.ExtraData,
+		BaseFeePerGas:    h.BaseFeePerGas.SSZBytes(),
+		BlockHash:        h.BlockHash,
+		TransactionsRoot: h.TransactionsRoot,
+		WithdrawalsRoot:  h.WithdrawalsRoot,
+	}, nil
+}
+
+type BuilderBidCapella struct {
+	Header *ExecutionPayloadHeaderCapella `json:"header"`
+	Value  Uint256                        `json:"value"`
+	Pubkey hexutil.Bytes                  `json:"pubkey"`
+}
+
+type ExecutionPayloadHeaderCapella struct {
+	ParentHash       hexutil.Bytes `json:"parent_hash"`
+	FeeRecipient     hexutil.Bytes `json:"fee_recipient"`
+	StateRoot        hexutil.Bytes `json:"state_root"`
+	ReceiptsRoot     hexutil.Bytes `json:"receipts_root"`
+	LogsBloom        hexutil.Bytes `json:"logs_bloom"`
+	PrevRandao       hexutil.Bytes `json:"prev_randao"`
+	BlockNumber      Uint64String  `json:"block_number"`
+	GasLimit         Uint64String  `json:"gas_limit"`
+	GasUsed          Uint64String  `json:"gas_used"`
+	Timestamp        Uint64String  `json:"timestamp"`
+	ExtraData        hexutil.Bytes `json:"extra_data"`
+	BaseFeePerGas    Uint256       `json:"base_fee_per_gas"`
+	BlockHash        hexutil.Bytes `json:"block_hash"`
+	TransactionsRoot hexutil.Bytes `json:"transactions_root"`
+	WithdrawalsRoot  hexutil.Bytes `json:"withdrawals_root"`
+	*v1.ExecutionPayloadHeaderCapella
+}
+
+func (h *ExecutionPayloadHeaderCapella) MarshalJSON() ([]byte, error) {
+	type MarshalCaller ExecutionPayloadHeaderCapella
+	baseFeePerGas, err := sszBytesToUint256(h.ExecutionPayloadHeaderCapella.BaseFeePerGas)
+	if err != nil {
+		return []byte{}, errors.Wrapf(err, "invalid BaseFeePerGas")
+	}
+	return json.Marshal(&MarshalCaller{
+		ParentHash:       h.ExecutionPayloadHeaderCapella.ParentHash,
+		FeeRecipient:     h.ExecutionPayloadHeaderCapella.FeeRecipient,
+		StateRoot:        h.ExecutionPayloadHeaderCapella.StateRoot,
+		ReceiptsRoot:     h.ExecutionPayloadHeaderCapella.ReceiptsRoot,
+		LogsBloom:        h.ExecutionPayloadHeaderCapella.LogsBloom,
+		PrevRandao:       h.ExecutionPayloadHeaderCapella.PrevRandao,
+		BlockNumber:      Uint64String(h.ExecutionPayloadHeaderCapella.BlockNumber),
+		GasLimit:         Uint64String(h.ExecutionPayloadHeaderCapella.GasLimit),
+		GasUsed:          Uint64String(h.ExecutionPayloadHeaderCapella.GasUsed),
+		Timestamp:        Uint64String(h.ExecutionPayloadHeaderCapella.Timestamp),
+		ExtraData:        h.ExecutionPayloadHeaderCapella.ExtraData,
+		BaseFeePerGas:    baseFeePerGas,
+		BlockHash:        h.ExecutionPayloadHeaderCapella.BlockHash,
+		TransactionsRoot: h.ExecutionPayloadHeaderCapella.TransactionsRoot,
+		WithdrawalsRoot:  h.ExecutionPayloadHeaderCapella.WithdrawalsRoot,
+	})
+}
+
+func (h *ExecutionPayloadHeaderCapella) UnmarshalJSON(b []byte) error {
+	type UnmarshalCaller ExecutionPayloadHeaderCapella
+	uc := &UnmarshalCaller{}
+	if err := json.Unmarshal(b, uc); err != nil {
+		return err
+	}
+	ep := ExecutionPayloadHeaderCapella(*uc)
+	*h = ep
+	var err error
+	h.ExecutionPayloadHeaderCapella, err = h.ToProto()
+	return err
+}
+
+type ExecPayloadResponseCapella struct {
+	Version string                  `json:"version"`
+	Data    ExecutionPayloadCapella `json:"data"`
+}
+
+type ExecutionPayloadCapella struct {
+	ParentHash    hexutil.Bytes   `json:"parent_hash"`
+	FeeRecipient  hexutil.Bytes   `json:"fee_recipient"`
+	StateRoot     hexutil.Bytes   `json:"state_root"`
+	ReceiptsRoot  hexutil.Bytes   `json:"receipts_root"`
+	LogsBloom     hexutil.Bytes   `json:"logs_bloom"`
+	PrevRandao    hexutil.Bytes   `json:"prev_randao"`
+	BlockNumber   Uint64String    `json:"block_number"`
+	GasLimit      Uint64String    `json:"gas_limit"`
+	GasUsed       Uint64String    `json:"gas_used"`
+	Timestamp     Uint64String    `json:"timestamp"`
+	ExtraData     hexutil.Bytes   `json:"extra_data"`
+	BaseFeePerGas Uint256         `json:"base_fee_per_gas"`
+	BlockHash     hexutil.Bytes   `json:"block_hash"`
+	Transactions  []hexutil.Bytes `json:"transactions"`
+	Withdrawals   []Withdrawal    `json:"withdrawals"`
+}
+
+func (r *ExecPayloadResponseCapella) ToProto() (*v1.ExecutionPayloadCapella, error) {
+	return r.Data.ToProto()
+}
+
+func (p *ExecutionPayloadCapella) ToProto() (*v1.ExecutionPayloadCapella, error) {
+	txs := make([][]byte, len(p.Transactions))
+	for i := range p.Transactions {
+		txs[i] = p.Transactions[i]
+	}
+	withdrawals := make([]*v1.Withdrawal, len(p.Withdrawals))
+	for i, w := range p.Withdrawals {
+		withdrawals[i] = &v1.Withdrawal{
+			Index:          w.Index.Uint64(),
+			ValidatorIndex: types.ValidatorIndex(w.ValidatorIndex.Uint64()),
+			Address:        w.Address,
+			Amount:         w.Amount.Uint64(),
+		}
+	}
+	return &v1.ExecutionPayloadCapella{
+		ParentHash:    p.ParentHash,
+		FeeRecipient:  p.FeeRecipient,
+		StateRoot:     p.StateRoot,
+		ReceiptsRoot:  p.ReceiptsRoot,
+		LogsBloom:     p.LogsBloom,
+		PrevRandao:    p.PrevRandao,
+		BlockNumber:   uint64(p.BlockNumber),
+		GasLimit:      uint64(p.GasLimit),
+		GasUsed:       uint64(p.GasUsed),
+		Timestamp:     uint64(p.Timestamp),
+		ExtraData:     p.ExtraData,
+		BaseFeePerGas: p.BaseFeePerGas.SSZBytes(),
+		BlockHash:     p.BlockHash,
+		Transactions:  txs,
+		Withdrawals:   withdrawals,
+	}, nil
+}
+
+type Withdrawal struct {
+	Index          Uint256       `json:"index"`
+	ValidatorIndex Uint256       `json:"validator_index"`
+	Address        hexutil.Bytes `json:"address"`
+	Amount         Uint256       `json:"amount"`
+}
+
+type SignedBlindedBeaconBlockBellatrix struct {
+	*eth.SignedBlindedBeaconBlockBellatrix
+}
+
+type BlindedBeaconBlockBellatrix struct {
+	*eth.BlindedBeaconBlockBellatrix
+}
+
+type BlindedBeaconBlockBodyBellatrix struct {
+	*eth.BlindedBeaconBlockBodyBellatrix
+}
+
+func (r *SignedBlindedBeaconBlockBellatrix) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Message   *BlindedBeaconBlockBellatrix `json:"message"`
+		Signature hexutil.Bytes                `json:"signature"`
+	}{
+		Message:   &BlindedBeaconBlockBellatrix{r.SignedBlindedBeaconBlockBellatrix.Block},
+		Signature: r.SignedBlindedBeaconBlockBellatrix.Signature,
+	})
+}
+
+func (b *BlindedBeaconBlockBellatrix) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Slot          string                           `json:"slot"`
+		ProposerIndex string                           `json:"proposer_index"`
+		ParentRoot    hexutil.Bytes                    `json:"parent_root"`
+		StateRoot     hexutil.Bytes                    `json:"state_root"`
+		Body          *BlindedBeaconBlockBodyBellatrix `json:"body"`
+	}{
+		Slot:          fmt.Sprintf("%d", b.Slot),
+		ProposerIndex: fmt.Sprintf("%d", b.ProposerIndex),
+		ParentRoot:    b.ParentRoot,
+		StateRoot:     b.StateRoot,
+		Body:          &BlindedBeaconBlockBodyBellatrix{b.BlindedBeaconBlockBellatrix.Body},
+	})
+}
+
+type ProposerSlashing struct {
+	*eth.ProposerSlashing
+}
+
+func (s *ProposerSlashing) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		SignedHeader1 *SignedBeaconBlockHeader `json:"signed_header_1"`
+		SignedHeader2 *SignedBeaconBlockHeader `json:"signed_header_2"`
+	}{
+		SignedHeader1: &SignedBeaconBlockHeader{s.ProposerSlashing.Header_1},
+		SignedHeader2: &SignedBeaconBlockHeader{s.ProposerSlashing.Header_2},
+	})
+}
+
+type SignedBeaconBlockHeader struct {
+	*eth.SignedBeaconBlockHeader
+}
+
+func (h *SignedBeaconBlockHeader) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Header    *BeaconBlockHeader `json:"message"`
+		Signature hexutil.Bytes      `json:"signature"`
+	}{
+		Header:    &BeaconBlockHeader{h.SignedBeaconBlockHeader.Header},
+		Signature: h.SignedBeaconBlockHeader.Signature,
+	})
+}
+
+type BeaconBlockHeader struct {
+	*eth.BeaconBlockHeader
+}
+
+func (h *BeaconBlockHeader) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Slot          string        `json:"slot"`
+		ProposerIndex string        `json:"proposer_index"`
+		ParentRoot    hexutil.Bytes `json:"parent_root"`
+		StateRoot     hexutil.Bytes `json:"state_root"`
+		BodyRoot      hexutil.Bytes `json:"body_root"`
+	}{
+		Slot:          fmt.Sprintf("%d", h.BeaconBlockHeader.Slot),
+		ProposerIndex: fmt.Sprintf("%d", h.BeaconBlockHeader.ProposerIndex),
+		ParentRoot:    h.BeaconBlockHeader.ParentRoot,
+		StateRoot:     h.BeaconBlockHeader.StateRoot,
+		BodyRoot:      h.BeaconBlockHeader.BodyRoot,
+	})
+}
+
+type IndexedAttestation struct {
+	*eth.IndexedAttestation
+}
+
+func (a *IndexedAttestation) MarshalJSON() ([]byte, error) {
+	indices := make([]string, len(a.IndexedAttestation.AttestingIndices))
+	for i := range a.IndexedAttestation.AttestingIndices {
+		indices[i] = fmt.Sprintf("%d", a.AttestingIndices[i])
+	}
+	return json.Marshal(struct {
+		AttestingIndices []string         `json:"attesting_indices"`
+		Data             *AttestationData `json:"data"`
+		Signature        hexutil.Bytes    `json:"signature"`
+	}{
+		AttestingIndices: indices,
+		Data:             &AttestationData{a.IndexedAttestation.Data},
+		Signature:        a.IndexedAttestation.Signature,
+	})
+}
+
+type AttesterSlashing struct {
+	*eth.AttesterSlashing
+}
+
+func (s *AttesterSlashing) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Attestation1 *IndexedAttestation `json:"attestation_1"`
+		Attestation2 *IndexedAttestation `json:"attestation_2"`
+	}{
+		Attestation1: &IndexedAttestation{s.Attestation_1},
+		Attestation2: &IndexedAttestation{s.Attestation_2},
+	})
+}
+
+type Checkpoint struct {
+	*eth.Checkpoint
+}
+
+func (c *Checkpoint) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Epoch string        `json:"epoch"`
+		Root  hexutil.Bytes `json:"root"`
+	}{
+		Epoch: fmt.Sprintf("%d", c.Checkpoint.Epoch),
+		Root:  c.Checkpoint.Root,
+	})
+}
+
+type AttestationData struct {
+	*eth.AttestationData
+}
+
+func (a *AttestationData) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Slot            string        `json:"slot"`
+		Index           string        `json:"index"`
+		BeaconBlockRoot hexutil.Bytes `json:"beacon_block_root"`
+		Source          *Checkpoint   `json:"source"`
+		Target          *Checkpoint   `json:"target"`
+	}{
+		Slot:            fmt.Sprintf("%d", a.AttestationData.Slot),
+		Index:           fmt.Sprintf("%d", a.AttestationData.CommitteeIndex),
+		BeaconBlockRoot: a.AttestationData.BeaconBlockRoot,
+		Source:          &Checkpoint{a.AttestationData.Source},
+		Target:          &Checkpoint{a.AttestationData.Target},
+	})
+}
+
+type Attestation struct {
+	*eth.Attestation
+}
+
+func (a *Attestation) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		AggregationBits hexutil.Bytes    `json:"aggregation_bits"`
+		Data            *AttestationData `json:"data"`
+		Signature       hexutil.Bytes    `json:"signature" ssz-size:"96"`
+	}{
+		AggregationBits: hexutil.Bytes(a.Attestation.AggregationBits),
+		Data:            &AttestationData{a.Attestation.Data},
+		Signature:       a.Attestation.Signature,
+	})
+}
+
+type DepositData struct {
+	*eth.Deposit_Data
+}
+
+func (d *DepositData) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		PublicKey             hexutil.Bytes `json:"pubkey"`
+		WithdrawalCredentials hexutil.Bytes `json:"withdrawal_credentials"`
+		Amount                string        `json:"amount"`
+		Signature             hexutil.Bytes `json:"signature"`
+	}{
+		PublicKey:             d.PublicKey,
+		WithdrawalCredentials: d.WithdrawalCredentials,
+		Amount:                fmt.Sprintf("%d", d.Amount),
+		Signature:             d.Signature,
+	})
+}
+
+type Deposit struct {
+	*eth.Deposit
+}
+
+func (d *Deposit) MarshalJSON() ([]byte, error) {
+	proof := make([]hexutil.Bytes, len(d.Proof))
+	for i := range d.Proof {
+		proof[i] = d.Proof[i]
+	}
+	return json.Marshal(struct {
+		Proof []hexutil.Bytes `json:"proof"`
+		Data  *DepositData    `json:"data"`
+	}{
+		Proof: proof,
+		Data:  &DepositData{Deposit_Data: d.Deposit.Data},
+	})
+}
+
+type SignedVoluntaryExit struct {
+	*eth.SignedVoluntaryExit
+}
+
+func (sve *SignedVoluntaryExit) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Message   *VoluntaryExit `json:"message"`
+		Signature hexutil.Bytes  `json:"signature"`
+	}{
+		Signature: sve.SignedVoluntaryExit.Signature,
+		Message:   &VoluntaryExit{sve.SignedVoluntaryExit.Exit},
+	})
+}
+
+type VoluntaryExit struct {
+	*eth.VoluntaryExit
+}
+
+func (ve *VoluntaryExit) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Epoch          string `json:"epoch"`
+		ValidatorIndex string `json:"validator_index"`
+	}{
+		Epoch:          fmt.Sprintf("%d", ve.Epoch),
+		ValidatorIndex: fmt.Sprintf("%d", ve.ValidatorIndex),
+	})
+}
+
+type SyncAggregate struct {
+	*eth.SyncAggregate
+}
+
+func (s *SyncAggregate) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		SyncCommitteeBits      hexutil.Bytes `json:"sync_committee_bits"`
+		SyncCommitteeSignature hexutil.Bytes `json:"sync_committee_signature"`
+	}{
+		SyncCommitteeBits:      hexutil.Bytes(s.SyncAggregate.SyncCommitteeBits),
+		SyncCommitteeSignature: s.SyncAggregate.SyncCommitteeSignature,
+	})
+}
+
+type Eth1Data struct {
+	*eth.Eth1Data
+}
+
+func (e *Eth1Data) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		DepositRoot  hexutil.Bytes `json:"deposit_root"`
+		DepositCount string        `json:"deposit_count"`
+		BlockHash    hexutil.Bytes `json:"block_hash"`
+	}{
+		DepositRoot:  e.DepositRoot,
+		DepositCount: fmt.Sprintf("%d", e.DepositCount),
+		BlockHash:    e.BlockHash,
+	})
+}
+
+func (b *BlindedBeaconBlockBodyBellatrix) MarshalJSON() ([]byte, error) {
+	sve := make([]*SignedVoluntaryExit, len(b.BlindedBeaconBlockBodyBellatrix.VoluntaryExits))
+	for i := range b.BlindedBeaconBlockBodyBellatrix.VoluntaryExits {
+		sve[i] = &SignedVoluntaryExit{SignedVoluntaryExit: b.BlindedBeaconBlockBodyBellatrix.VoluntaryExits[i]}
+	}
+	deps := make([]*Deposit, len(b.BlindedBeaconBlockBodyBellatrix.Deposits))
+	for i := range b.BlindedBeaconBlockBodyBellatrix.Deposits {
+		deps[i] = &Deposit{Deposit: b.BlindedBeaconBlockBodyBellatrix.Deposits[i]}
+	}
+	atts := make([]*Attestation, len(b.BlindedBeaconBlockBodyBellatrix.Attestations))
+	for i := range b.BlindedBeaconBlockBodyBellatrix.Attestations {
+		atts[i] = &Attestation{Attestation: b.BlindedBeaconBlockBodyBellatrix.Attestations[i]}
+	}
+	atsl := make([]*AttesterSlashing, len(b.BlindedBeaconBlockBodyBellatrix.AttesterSlashings))
+	for i := range b.BlindedBeaconBlockBodyBellatrix.AttesterSlashings {
+		atsl[i] = &AttesterSlashing{AttesterSlashing: b.BlindedBeaconBlockBodyBellatrix.AttesterSlashings[i]}
+	}
+	pros := make([]*ProposerSlashing, len(b.BlindedBeaconBlockBodyBellatrix.ProposerSlashings))
+	for i := range b.BlindedBeaconBlockBodyBellatrix.ProposerSlashings {
+		pros[i] = &ProposerSlashing{ProposerSlashing: b.BlindedBeaconBlockBodyBellatrix.ProposerSlashings[i]}
+	}
+	return json.Marshal(struct {
+		RandaoReveal           hexutil.Bytes           `json:"randao_reveal"`
+		Eth1Data               *Eth1Data               `json:"eth1_data"`
+		Graffiti               hexutil.Bytes           `json:"graffiti"`
+		ProposerSlashings      []*ProposerSlashing     `json:"proposer_slashings"`
+		AttesterSlashings      []*AttesterSlashing     `json:"attester_slashings"`
+		Attestations           []*Attestation          `json:"attestations"`
+		Deposits               []*Deposit              `json:"deposits"`
+		VoluntaryExits         []*SignedVoluntaryExit  `json:"voluntary_exits"`
+		SyncAggregate          *SyncAggregate          `json:"sync_aggregate"`
+		ExecutionPayloadHeader *ExecutionPayloadHeader `json:"execution_payload_header"`
+	}{
+		RandaoReveal:           b.RandaoReveal,
+		Eth1Data:               &Eth1Data{b.BlindedBeaconBlockBodyBellatrix.Eth1Data},
+		Graffiti:               b.BlindedBeaconBlockBodyBellatrix.Graffiti,
+		ProposerSlashings:      pros,
+		AttesterSlashings:      atsl,
+		Attestations:           atts,
+		Deposits:               deps,
+		VoluntaryExits:         sve,
+		SyncAggregate:          &SyncAggregate{b.BlindedBeaconBlockBodyBellatrix.SyncAggregate},
+		ExecutionPayloadHeader: &ExecutionPayloadHeader{ExecutionPayloadHeader: b.BlindedBeaconBlockBodyBellatrix.ExecutionPayloadHeader},
+	})
+}
+
+type SignedBLSToExecutionChange struct {
+	*eth.SignedBLSToExecutionChange
+}
+
+func (ch *SignedBLSToExecutionChange) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Message   *BLSToExecutionChange `json:"message"`
+		Signature hexutil.Bytes         `json:"signature"`
+	}{
+		Signature: ch.Signature,
+		Message:   &BLSToExecutionChange{ch.Message},
+	})
+}
+
+type BLSToExecutionChange struct {
+	*eth.BLSToExecutionChange
+}
+
+func (ch *BLSToExecutionChange) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		ValidatorIndex     string        `json:"validator_index"`
+		FromBlsPubkey      hexutil.Bytes `json:"from_bls_pubkey"`
+		ToExecutionAddress hexutil.Bytes `json:"to_execution_address"`
+	}{
+		ValidatorIndex:     fmt.Sprintf("%d", ch.ValidatorIndex),
+		FromBlsPubkey:      ch.FromBlsPubkey,
+		ToExecutionAddress: ch.ToExecutionAddress,
+	})
+}
+
+type SignedBlindedBeaconBlockCapella struct {
+	*eth.SignedBlindedBeaconBlockCapella
+}
+
+type BlindedBeaconBlockCapella struct {
+	*eth.BlindedBeaconBlockCapella
+}
+
+type BlindedBeaconBlockBodyCapella struct {
+	*eth.BlindedBeaconBlockBodyCapella
+}
+
+func (b *SignedBlindedBeaconBlockCapella) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Message   *BlindedBeaconBlockCapella `json:"message"`
+		Signature hexutil.Bytes              `json:"signature"`
+	}{
+		Message:   &BlindedBeaconBlockCapella{b.Block},
+		Signature: b.Signature,
+	})
+}
+
+func (b *BlindedBeaconBlockCapella) MarshalJSON() ([]byte, error) {
+	return json.Marshal(struct {
+		Slot          string                         `json:"slot"`
+		ProposerIndex string                         `json:"proposer_index"`
+		ParentRoot    hexutil.Bytes                  `json:"parent_root"`
+		StateRoot     hexutil.Bytes                  `json:"state_root"`
+		Body          *BlindedBeaconBlockBodyCapella `json:"body"`
+	}{
+		Slot:          fmt.Sprintf("%d", b.Slot),
+		ProposerIndex: fmt.Sprintf("%d", b.ProposerIndex),
+		ParentRoot:    b.ParentRoot,
+		StateRoot:     b.StateRoot,
+		Body:          &BlindedBeaconBlockBodyCapella{b.Body},
+	})
+}
+
+func (b *BlindedBeaconBlockBodyCapella) MarshalJSON() ([]byte, error) {
+	sve := make([]*SignedVoluntaryExit, len(b.VoluntaryExits))
+	for i := range b.VoluntaryExits {
+		sve[i] = &SignedVoluntaryExit{SignedVoluntaryExit: b.VoluntaryExits[i]}
+	}
+	deps := make([]*Deposit, len(b.Deposits))
+	for i := range b.Deposits {
+		deps[i] = &Deposit{Deposit: b.Deposits[i]}
+	}
+	atts := make([]*Attestation, len(b.Attestations))
+	for i := range b.Attestations {
+		atts[i] = &Attestation{Attestation: b.Attestations[i]}
+	}
+	atsl := make([]*AttesterSlashing, len(b.AttesterSlashings))
+	for i := range b.AttesterSlashings {
+		atsl[i] = &AttesterSlashing{AttesterSlashing: b.AttesterSlashings[i]}
+	}
+	pros := make([]*ProposerSlashing, len(b.ProposerSlashings))
+	for i := range b.ProposerSlashings {
+		pros[i] = &ProposerSlashing{ProposerSlashing: b.ProposerSlashings[i]}
+	}
+	chs := make([]*SignedBLSToExecutionChange, len(b.BlsToExecutionChanges))
+	for i := range b.BlsToExecutionChanges {
+		chs[i] = &SignedBLSToExecutionChange{SignedBLSToExecutionChange: b.BlsToExecutionChanges[i]}
+	}
+	return json.Marshal(struct {
+		RandaoReveal           hexutil.Bytes                  `json:"randao_reveal"`
+		Eth1Data               *Eth1Data                      `json:"eth1_data"`
+		Graffiti               hexutil.Bytes                  `json:"graffiti"`
+		ProposerSlashings      []*ProposerSlashing            `json:"proposer_slashings"`
+		AttesterSlashings      []*AttesterSlashing            `json:"attester_slashings"`
+		Attestations           []*Attestation                 `json:"attestations"`
+		Deposits               []*Deposit                     `json:"deposits"`
+		VoluntaryExits         []*SignedVoluntaryExit         `json:"voluntary_exits"`
+		BLSToExecutionChanges  []*SignedBLSToExecutionChange  `json:"bls_to_execution_changes"`
+		SyncAggregate          *SyncAggregate                 `json:"sync_aggregate"`
+		ExecutionPayloadHeader *ExecutionPayloadHeaderCapella `json:"execution_payload_header"`
+	}{
+		RandaoReveal:           b.RandaoReveal,
+		Eth1Data:               &Eth1Data{b.Eth1Data},
+		Graffiti:               b.Graffiti,
+		ProposerSlashings:      pros,
+		AttesterSlashings:      atsl,
+		Attestations:           atts,
+		Deposits:               deps,
+		VoluntaryExits:         sve,
+		BLSToExecutionChanges:  chs,
+		SyncAggregate:          &SyncAggregate{b.SyncAggregate},
+		ExecutionPayloadHeader: &ExecutionPayloadHeaderCapella{ExecutionPayloadHeaderCapella: b.ExecutionPayloadHeader},
+	})
+}
+
+type ErrorMessage struct {
+	Code        int      `json:"code"`
+	Message     string   `json:"message"`
+	Stacktraces []string `json:"stacktraces,omitempty"`
+}
--- a/api/client/builder/types_test.go
+++ b/api/client/builder/types_test.go
--- a/api/gateway/BUILD.bazel
+++ b/api/gateway/BUILD.bazel
@@ -0,0 +1,44 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "gateway.go",
+        "log.go",
+        "modifiers.go",
+        "options.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/gateway",
+    visibility = [
+        "//beacon-chain:__subpackages__",
+        "//validator:__subpackages__",
+    ],
+    deps = [
+        "//api/gateway/apimiddleware:go_default_library",
+        "//runtime:go_default_library",
+        "@com_github_gorilla_mux//:go_default_library",
+        "@com_github_grpc_ecosystem_grpc_gateway_v2//runtime:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+        "@com_github_rs_cors//:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@org_golang_google_grpc//:go_default_library",
+        "@org_golang_google_grpc//connectivity:go_default_library",
+        "@org_golang_google_grpc//credentials:go_default_library",
+        "@org_golang_google_protobuf//proto:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["gateway_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//api/gateway/apimiddleware:go_default_library",
+        "//cmd/beacon-chain/flags:go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "@com_github_gorilla_mux//:go_default_library",
+        "@com_github_sirupsen_logrus//hooks/test:go_default_library",
+        "@com_github_urfave_cli_v2//:go_default_library",
+    ],
+)
--- a/api/gateway/apimiddleware/BUILD.bazel
+++ b/api/gateway/apimiddleware/BUILD.bazel
@@ -0,0 +1,41 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "api_middleware.go",
+        "log.go",
+        "param_handling.go",
+        "process_field.go",
+        "process_request.go",
+        "structs.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/gateway/apimiddleware",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//api/grpc:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "@com_github_ethereum_go_ethereum//common:go_default_library",
+        "@com_github_ethereum_go_ethereum//common/hexutil:go_default_library",
+        "@com_github_gorilla_mux//:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@com_github_wealdtech_go_bytesutil//:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "param_handling_test.go",
+        "process_request_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//api/grpc:go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "@com_github_gorilla_mux//:go_default_library",
+        "@com_github_sirupsen_logrus//hooks/test:go_default_library",
+    ],
+)
--- a/api/gateway/apimiddleware/api_middleware.go
+++ b/api/gateway/apimiddleware/api_middleware.go
@@ -0,0 +1,265 @@
+package apimiddleware
+
+import (
+	"net/http"
+	"reflect"
+	"time"
+
+	"github.com/gorilla/mux"
+)
+
+// ApiProxyMiddleware is a proxy between an Ethereum consensus API HTTP client and grpc-gateway.
+// The purpose of the proxy is to handle HTTP requests and gRPC responses in such a way that:
+//   - Ethereum consensus API requests can be handled by grpc-gateway correctly
+//   - gRPC responses can be returned as spec-compliant Ethereum consensus API responses
+type ApiProxyMiddleware struct {
+	GatewayAddress  string
+	EndpointCreator EndpointFactory
+	Timeout         time.Duration
+	router          *mux.Router
+}
+
+// EndpointFactory is responsible for creating new instances of Endpoint values.
+type EndpointFactory interface {
+	Create(path string) (*Endpoint, error)
+	Paths() []string
+	IsNil() bool
+}
+
+// Endpoint is a representation of an API HTTP endpoint that should be proxied by the middleware.
+type Endpoint struct {
+	Path               string          // The path of the HTTP endpoint.
+	GetResponse        interface{}     // The struct corresponding to the JSON structure used in a GET response.
+	PostRequest        interface{}     // The struct corresponding to the JSON structure used in a POST request.
+	PostResponse       interface{}     // The struct corresponding to the JSON structure used in a POST response.
+	DeleteRequest      interface{}     // The struct corresponding to the JSON structure used in a DELETE request.
+	DeleteResponse     interface{}     // The struct corresponding to the JSON structure used in a DELETE response.
+	RequestURLLiterals []string        // Names of URL parameters that should not be base64-encoded.
+	RequestQueryParams []QueryParam    // Query parameters of the request.
+	Err                ErrorJson       // The struct corresponding to the error that should be returned in case of a request failure.
+	Hooks              HookCollection  // A collection of functions that can be invoked at various stages of the request/response cycle.
+	CustomHandlers     []CustomHandler // Functions that will be executed instead of the default request/response behaviour.
+}
+
+// RunDefault expresses whether the default processing logic should be carried out after running a pre hook.
+type RunDefault bool
+
+// DefaultEndpoint returns an Endpoint with default configuration, e.g. DefaultErrorJson for error handling.
+func DefaultEndpoint() Endpoint {
+	return Endpoint{
+		Err: &DefaultErrorJson{},
+	}
+}
+
+// QueryParam represents a single query parameter's metadata.
+type QueryParam struct {
+	Name string
+	Hex  bool
+	Enum bool
+}
+
+// CustomHandler is a function that can be invoked at the very beginning of the request,
+// essentially replacing the whole default request/response logic with custom logic for a specific endpoint.
+type CustomHandler = func(m *ApiProxyMiddleware, endpoint Endpoint, w http.ResponseWriter, req *http.Request) (handled bool)
+
+// HookCollection contains hooks that can be used to amend the default request/response cycle with custom logic for a specific endpoint.
+type HookCollection struct {
+	OnPreDeserializeRequestBodyIntoContainer      func(endpoint *Endpoint, w http.ResponseWriter, req *http.Request) (RunDefault, ErrorJson)
+	OnPostDeserializeRequestBodyIntoContainer     func(endpoint *Endpoint, w http.ResponseWriter, req *http.Request) ErrorJson
+	OnPreDeserializeGrpcResponseBodyIntoContainer func([]byte, interface{}) (RunDefault, ErrorJson)
+	OnPreSerializeMiddlewareResponseIntoJson      func(interface{}) (RunDefault, []byte, ErrorJson)
+}
+
+// fieldProcessor applies the processing function f to a value when the tag is present on the field.
+type fieldProcessor struct {
+	tag string
+	f   func(value reflect.Value) error
+}
+
+// Run starts the proxy, registering all proxy endpoints.
+func (m *ApiProxyMiddleware) Run(gatewayRouter *mux.Router) {
+	for _, path := range m.EndpointCreator.Paths() {
+		gatewayRouter.HandleFunc(path, m.WithMiddleware(path))
+	}
+	m.router = gatewayRouter
+}
+
+// ServeHTTP for the proxy middleware.
+func (m *ApiProxyMiddleware) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+	m.router.ServeHTTP(w, req)
+}
+
+// WithMiddleware wraps the given endpoint handler with the middleware logic.
+func (m *ApiProxyMiddleware) WithMiddleware(path string) http.HandlerFunc {
+	return func(w http.ResponseWriter, req *http.Request) {
+		endpoint, err := m.EndpointCreator.Create(path)
+		if err != nil {
+			log.WithError(err).Errorf("Could not create endpoint for path: %s", path)
+			return
+		}
+
+		for _, handler := range endpoint.CustomHandlers {
+			if handler(m, *endpoint, w, req) {
+				return
+			}
+		}
+
+		if req.Method == "POST" {
+			if errJson := handlePostRequestForEndpoint(endpoint, w, req); errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+		}
+
+		if req.Method == "DELETE" && req.Body != http.NoBody {
+			if errJson := handleDeleteRequestForEndpoint(endpoint, req); errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+		}
+
+		if errJson := m.PrepareRequestForProxying(*endpoint, req); errJson != nil {
+			WriteError(w, errJson, nil)
+			return
+		}
+		grpcResp, errJson := m.ProxyRequest(req)
+		if errJson != nil {
+			WriteError(w, errJson, nil)
+			return
+		}
+		grpcRespBody, errJson := ReadGrpcResponseBody(grpcResp.Body)
+		if errJson != nil {
+			WriteError(w, errJson, nil)
+			return
+		}
+
+		var respJson []byte
+		if !GrpcResponseIsEmpty(grpcRespBody) {
+			respHasError, errJson := HandleGrpcResponseError(endpoint.Err, grpcResp, grpcRespBody, w)
+			if errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+			if respHasError {
+				return
+			}
+
+			var resp interface{}
+			if req.Method == "GET" {
+				resp = endpoint.GetResponse
+			} else if req.Method == "DELETE" {
+				resp = endpoint.DeleteResponse
+			} else {
+				resp = endpoint.PostResponse
+			}
+			if errJson := deserializeGrpcResponseBodyIntoContainerWrapped(endpoint, grpcRespBody, resp); errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+			if errJson := ProcessMiddlewareResponseFields(resp); errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+
+			respJson, errJson = serializeMiddlewareResponseIntoJsonWrapped(endpoint, respJson, resp)
+			if errJson != nil {
+				WriteError(w, errJson, nil)
+				return
+			}
+		}
+
+		if errJson := WriteMiddlewareResponseHeadersAndBody(grpcResp, respJson, w); errJson != nil {
+			WriteError(w, errJson, nil)
+			return
+		}
+		if errJson := Cleanup(grpcResp.Body); errJson != nil {
+			WriteError(w, errJson, nil)
+			return
+		}
+	}
+}
+
+func handlePostRequestForEndpoint(endpoint *Endpoint, w http.ResponseWriter, req *http.Request) ErrorJson {
+	if errJson := deserializeRequestBodyIntoContainerWrapped(endpoint, req, w); errJson != nil {
+		return errJson
+	}
+	if errJson := ProcessRequestContainerFields(endpoint.PostRequest); errJson != nil {
+		return errJson
+	}
+	return SetRequestBodyToRequestContainer(endpoint.PostRequest, req)
+}
+
+func handleDeleteRequestForEndpoint(endpoint *Endpoint, req *http.Request) ErrorJson {
+	if errJson := DeserializeRequestBodyIntoContainer(req.Body, endpoint.DeleteRequest); errJson != nil {
+		return errJson
+	}
+	if errJson := ProcessRequestContainerFields(endpoint.DeleteRequest); errJson != nil {
+		return errJson
+	}
+	return SetRequestBodyToRequestContainer(endpoint.DeleteRequest, req)
+}
+
+func deserializeRequestBodyIntoContainerWrapped(endpoint *Endpoint, req *http.Request, w http.ResponseWriter) ErrorJson {
+	runDefault := true
+	if endpoint.Hooks.OnPreDeserializeRequestBodyIntoContainer != nil {
+		run, errJson := endpoint.Hooks.OnPreDeserializeRequestBodyIntoContainer(endpoint, w, req)
+		if errJson != nil {
+			return errJson
+		}
+		if !run {
+			runDefault = false
+		}
+	}
+	if runDefault {
+		if errJson := DeserializeRequestBodyIntoContainer(req.Body, endpoint.PostRequest); errJson != nil {
+			return errJson
+		}
+	}
+	if endpoint.Hooks.OnPostDeserializeRequestBodyIntoContainer != nil {
+		if errJson := endpoint.Hooks.OnPostDeserializeRequestBodyIntoContainer(endpoint, w, req); errJson != nil {
+			return errJson
+		}
+	}
+	return nil
+}
+
+func deserializeGrpcResponseBodyIntoContainerWrapped(endpoint *Endpoint, grpcResponseBody []byte, resp interface{}) ErrorJson {
+	runDefault := true
+	if endpoint.Hooks.OnPreDeserializeGrpcResponseBodyIntoContainer != nil {
+		run, errJson := endpoint.Hooks.OnPreDeserializeGrpcResponseBodyIntoContainer(grpcResponseBody, resp)
+		if errJson != nil {
+			return errJson
+		}
+		if !run {
+			runDefault = false
+		}
+	}
+	if runDefault {
+		if errJson := DeserializeGrpcResponseBodyIntoContainer(grpcResponseBody, resp); errJson != nil {
+			return errJson
+		}
+	}
+	return nil
+}
+
+func serializeMiddlewareResponseIntoJsonWrapped(endpoint *Endpoint, respJson []byte, resp interface{}) ([]byte, ErrorJson) {
+	runDefault := true
+	var errJson ErrorJson
+	if endpoint.Hooks.OnPreSerializeMiddlewareResponseIntoJson != nil {
+		var run RunDefault
+		run, respJson, errJson = endpoint.Hooks.OnPreSerializeMiddlewareResponseIntoJson(resp)
+		if errJson != nil {
+			return nil, errJson
+		}
+		if !run {
+			runDefault = false
+		}
+	}
+	if runDefault {
+		respJson, errJson = SerializeMiddlewareResponseIntoJson(resp)
+		if errJson != nil {
+			return nil, errJson
+		}
+	}
+	return respJson, nil
+}
--- a/api/gateway/apimiddleware/log.go
+++ b/api/gateway/apimiddleware/log.go
@@ -0,0 +1,5 @@
+package apimiddleware
+
+import "github.com/sirupsen/logrus"
+
+var log = logrus.WithField("prefix", "apimiddleware")
--- a/api/gateway/apimiddleware/param_handling.go
+++ b/api/gateway/apimiddleware/param_handling.go
@@ -0,0 +1,103 @@
+package apimiddleware
+
+import (
+	"encoding/base64"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/gorilla/mux"
+	butil "github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	"github.com/wealdtech/go-bytesutil"
+)
+
+// HandleURLParameters processes URL parameters, allowing parameterized URLs to be safely and correctly proxied to grpc-gateway.
+func HandleURLParameters(url string, req *http.Request, literals []string) ErrorJson {
+	segments := strings.Split(url, "/")
+
+segmentsLoop:
+	for i, s := range segments {
+		// We only care about segments which are parameterized.
+		if isRequestParam(s) {
+			// Don't do anything with parameters which should be forwarded literally to gRPC.
+			for _, l := range literals {
+				if s == "{"+l+"}" {
+					continue segmentsLoop
+				}
+			}
+
+			routeVar := mux.Vars(req)[s[1:len(s)-1]]
+			bRouteVar := []byte(routeVar)
+			if butil.IsHex(bRouteVar) {
+				var err error
+				bRouteVar, err = bytesutil.FromHexString(string(bRouteVar))
+				if err != nil {
+					return InternalServerErrorWithMessage(err, "could not process URL parameter")
+				}
+			}
+			// Converting hex to base64 may result in a value which malforms the URL.
+			// We use URLEncoding to safely escape such values.
+			base64RouteVar := base64.URLEncoding.EncodeToString(bRouteVar)
+
+			// Merge segments back into the full URL.
+			splitPath := strings.Split(req.URL.Path, "/")
+			splitPath[i] = base64RouteVar
+			req.URL.Path = strings.Join(splitPath, "/")
+		}
+	}
+	return nil
+}
+
+// HandleQueryParameters processes query parameters, allowing them to be safely and correctly proxied to grpc-gateway.
+func HandleQueryParameters(req *http.Request, params []QueryParam) ErrorJson {
+	queryParams := req.URL.Query()
+
+	normalizeQueryValues(queryParams)
+
+	for key, vals := range queryParams {
+		for _, p := range params {
+			if key == p.Name {
+				if p.Hex {
+					queryParams.Del(key)
+					for _, v := range vals {
+						b := []byte(v)
+						if butil.IsHex(b) {
+							var err error
+							b, err = bytesutil.FromHexString(v)
+							if err != nil {
+								return InternalServerErrorWithMessage(err, "could not process query parameter")
+							}
+						}
+						queryParams.Add(key, base64.URLEncoding.EncodeToString(b))
+					}
+				}
+				if p.Enum {
+					queryParams.Del(key)
+					for _, v := range vals {
+						// gRPC expects uppercase enum values.
+						queryParams.Add(key, strings.ToUpper(v))
+					}
+				}
+			}
+		}
+	}
+	req.URL.RawQuery = queryParams.Encode()
+	return nil
+}
+
+// isRequestParam verifies whether the passed string is a request parameter.
+// Request parameters are enclosed in { and }.
+func isRequestParam(s string) bool {
+	return len(s) > 2 && s[0] == '{' && s[len(s)-1] == '}'
+}
+
+func normalizeQueryValues(queryParams url.Values) {
+	// Replace comma-separated values with individual values.
+	for key, vals := range queryParams {
+		splitVals := make([]string, 0)
+		for _, v := range vals {
+			splitVals = append(splitVals, strings.Split(v, ",")...)
+		}
+		queryParams[key] = splitVals
+	}
+}
--- a/api/gateway/apimiddleware/param_handling_test.go
+++ b/api/gateway/apimiddleware/param_handling_test.go
@@ -0,0 +1,124 @@
+package apimiddleware
+
+import (
+	"bytes"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gorilla/mux"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+)
+
+func TestHandleURLParameters(t *testing.T) {
+	var body bytes.Buffer
+
+	t.Run("no_params", func(t *testing.T) {
+		request := httptest.NewRequest("GET", "http://foo.example/bar", &body)
+
+		errJson := HandleURLParameters("/not_param", request, []string{})
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "/bar", request.URL.Path)
+	})
+
+	t.Run("with_params", func(t *testing.T) {
+		muxVars := make(map[string]string)
+		muxVars["bar_param"] = "bar"
+		muxVars["quux_param"] = "quux"
+		request := httptest.NewRequest("GET", "http://foo.example/bar/baz/quux", &body)
+		request = mux.SetURLVars(request, muxVars)
+
+		errJson := HandleURLParameters("/{bar_param}/not_param/{quux_param}", request, []string{})
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "/YmFy/baz/cXV1eA==", request.URL.Path)
+	})
+
+	t.Run("with_literal", func(t *testing.T) {
+		muxVars := make(map[string]string)
+		muxVars["bar_param"] = "bar"
+		request := httptest.NewRequest("GET", "http://foo.example/bar/baz", &body)
+		request = mux.SetURLVars(request, muxVars)
+
+		errJson := HandleURLParameters("/{bar_param}/not_param/", request, []string{"bar_param"})
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "/bar/baz", request.URL.Path)
+	})
+
+	t.Run("with_hex", func(t *testing.T) {
+		muxVars := make(map[string]string)
+		muxVars["hex_param"] = "0x626172"
+		request := httptest.NewRequest("GET", "http://foo.example/0x626172/baz", &body)
+		request = mux.SetURLVars(request, muxVars)
+
+		errJson := HandleURLParameters("/{hex_param}/not_param/", request, []string{})
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "/YmFy/baz", request.URL.Path)
+	})
+}
+
+func TestHandleQueryParameters(t *testing.T) {
+	var body bytes.Buffer
+
+	t.Run("regular_params", func(t *testing.T) {
+		request := httptest.NewRequest("GET", "http://foo.example?bar=bar&baz=baz", &body)
+
+		errJson := HandleQueryParameters(request, []QueryParam{{Name: "bar"}, {Name: "baz"}})
+		require.Equal(t, true, errJson == nil)
+		query := request.URL.Query()
+		v, ok := query["bar"]
+		require.Equal(t, true, ok, "query param not found")
+		require.Equal(t, 1, len(v), "wrong number of query param values")
+		assert.Equal(t, "bar", v[0])
+		v, ok = query["baz"]
+		require.Equal(t, true, ok, "query param not found")
+		require.Equal(t, 1, len(v), "wrong number of query param values")
+		assert.Equal(t, "baz", v[0])
+	})
+
+	t.Run("hex_and_enum_params", func(t *testing.T) {
+		request := httptest.NewRequest("GET", "http://foo.example?hex=0x626172&baz=baz", &body)
+
+		errJson := HandleQueryParameters(request, []QueryParam{{Name: "hex", Hex: true}, {Name: "baz", Enum: true}})
+		require.Equal(t, true, errJson == nil)
+		query := request.URL.Query()
+		v, ok := query["hex"]
+		require.Equal(t, true, ok, "query param not found")
+		require.Equal(t, 1, len(v), "wrong number of query param values")
+		assert.Equal(t, "YmFy", v[0])
+		v, ok = query["baz"]
+		require.Equal(t, true, ok, "query param not found")
+		require.Equal(t, 1, len(v), "wrong number of query param values")
+		assert.Equal(t, "BAZ", v[0])
+	})
+}
+
+func TestIsRequestParam(t *testing.T) {
+	tests := []struct {
+		s string
+		b bool
+	}{
+		{"", false},
+		{"{", false},
+		{"}", false},
+		{"{}", false},
+		{"{x}", true},
+		{"{very_long_parameter_name_with_underscores}", true},
+	}
+	for _, tt := range tests {
+		b := isRequestParam(tt.s)
+		assert.Equal(t, tt.b, b)
+	}
+}
+
+func TestNormalizeQueryValues(t *testing.T) {
+	input := make(map[string][]string)
+	input["key"] = []string{"value1", "value2,value3,value4", "value5"}
+
+	normalizeQueryValues(input)
+	require.Equal(t, 5, len(input["key"]))
+	assert.Equal(t, "value1", input["key"][0])
+	assert.Equal(t, "value2", input["key"][1])
+	assert.Equal(t, "value3", input["key"][2])
+	assert.Equal(t, "value4", input["key"][3])
+	assert.Equal(t, "value5", input["key"][4])
+}
--- a/api/gateway/apimiddleware/process_field.go
+++ b/api/gateway/apimiddleware/process_field.go
@@ -0,0 +1,179 @@
+package apimiddleware
+
+import (
+	"encoding/base64"
+	"fmt"
+	"math/big"
+	"reflect"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/pkg/errors"
+	"github.com/wealdtech/go-bytesutil"
+)
+
+// processField calls each processor function on any field that has the matching tag set.
+// It is a recursive function.
+func processField(s interface{}, processors []fieldProcessor) error {
+	kind := reflect.TypeOf(s).Kind()
+	if kind != reflect.Ptr && kind != reflect.Slice && kind != reflect.Array {
+		return fmt.Errorf("processing fields of kind '%v' is unsupported", kind)
+	}
+
+	t := reflect.TypeOf(s).Elem()
+	v := reflect.Indirect(reflect.ValueOf(s))
+
+	for i := 0; i < t.NumField(); i++ {
+		switch v.Field(i).Kind() {
+		case reflect.Slice:
+			sliceElem := t.Field(i).Type.Elem()
+			kind := sliceElem.Kind()
+			// Recursively process slices to struct pointers.
+			switch {
+			case kind == reflect.Ptr && sliceElem.Elem().Kind() == reflect.Struct:
+				for j := 0; j < v.Field(i).Len(); j++ {
+					if err := processField(v.Field(i).Index(j).Interface(), processors); err != nil {
+						return errors.Wrapf(err, "could not process field '%s'", t.Field(i).Name)
+					}
+				}
+			// Process each string in string slices.
+			case kind == reflect.String:
+				for _, proc := range processors {
+					_, hasTag := t.Field(i).Tag.Lookup(proc.tag)
+					if !hasTag {
+						continue
+					}
+					for j := 0; j < v.Field(i).Len(); j++ {
+						if err := proc.f(v.Field(i).Index(j)); err != nil {
+							return errors.Wrapf(err, "could not process field '%s'", t.Field(i).Name)
+						}
+					}
+				}
+			}
+		// Recursively process struct pointers.
+		case reflect.Ptr:
+			if v.Field(i).Elem().Kind() == reflect.Struct {
+				if err := processField(v.Field(i).Interface(), processors); err != nil {
+					return errors.Wrapf(err, "could not process field '%s'", t.Field(i).Name)
+				}
+			}
+		default:
+			field := t.Field(i)
+			for _, proc := range processors {
+				if _, hasTag := field.Tag.Lookup(proc.tag); hasTag {
+					if err := proc.f(v.Field(i)); err != nil {
+						return errors.Wrapf(err, "could not process field '%s'", t.Field(i).Name)
+					}
+				}
+			}
+		}
+	}
+	return nil
+}
+
+func hexToBase64Processor(v reflect.Value) error {
+	if v.String() == "0x" {
+		v.SetString("")
+		return nil
+	}
+	b, err := bytesutil.FromHexString(v.String())
+	if err != nil {
+		return err
+	}
+	v.SetString(base64.StdEncoding.EncodeToString(b))
+	return nil
+}
+
+func base64ToHexProcessor(v reflect.Value) error {
+	if v.String() == "" {
+		// Empty hex values are represented as "0x".
+		v.SetString("0x")
+		return nil
+	}
+	b, err := base64.StdEncoding.DecodeString(v.String())
+	if err != nil {
+		return err
+	}
+	v.SetString(hexutil.Encode(b))
+	return nil
+}
+
+func base64ToChecksumAddressProcessor(v reflect.Value) error {
+	if v.String() == "" {
+		// Empty hex values are represented as "0x".
+		v.SetString("0x")
+		return nil
+	}
+	b, err := base64.StdEncoding.DecodeString(v.String())
+	if err != nil {
+		return err
+	}
+	v.SetString(common.BytesToAddress(b).Hex())
+	return nil
+}
+
+func base64ToUint256Processor(v reflect.Value) error {
+	if v.String() == "" {
+		return nil
+	}
+	littleEndian, err := base64.StdEncoding.DecodeString(v.String())
+	if err != nil {
+		return err
+	}
+	if len(littleEndian) != 32 {
+		return errors.New("invalid length for Uint256")
+	}
+
+	// Integers are stored as little-endian, but
+	// big.Int expects big-endian. So we need to reverse
+	// the byte order before decoding.
+	var bigEndian [32]byte
+	for i := 0; i < len(littleEndian); i++ {
+		bigEndian[i] = littleEndian[len(littleEndian)-1-i]
+	}
+	var uint256 big.Int
+	uint256.SetBytes(bigEndian[:])
+	v.SetString(uint256.String())
+	return nil
+}
+
+func uint256ToBase64Processor(v reflect.Value) error {
+	if v.String() == "" {
+		return nil
+	}
+	uint256, ok := new(big.Int).SetString(v.String(), 10)
+	if !ok {
+		return fmt.Errorf("could not parse Uint256")
+	}
+	bigEndian := uint256.Bytes()
+	if len(bigEndian) > 32 {
+		return fmt.Errorf("number too big for Uint256")
+	}
+
+	// Integers are stored as little-endian, but
+	// big.Int gives big-endian. So we need to reverse
+	// the byte order before encoding.
+	var littleEndian [32]byte
+	for i := 0; i < len(bigEndian); i++ {
+		littleEndian[i] = bigEndian[len(bigEndian)-1-i]
+	}
+	v.SetString(base64.StdEncoding.EncodeToString(littleEndian[:]))
+	return nil
+}
+
+func enumToLowercaseProcessor(v reflect.Value) error {
+	v.SetString(strings.ToLower(v.String()))
+	return nil
+}
+
+func timeToUnixProcessor(v reflect.Value) error {
+	t, err := time.Parse(time.RFC3339, v.String())
+	if err != nil {
+		return err
+	}
+	v.SetString(strconv.FormatUint(uint64(t.Unix()), 10))
+	return nil
+}
--- a/api/gateway/apimiddleware/process_request.go
+++ b/api/gateway/apimiddleware/process_request.go
@@ -0,0 +1,276 @@
+package apimiddleware
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"net"
+	"net/http"
+	"strconv"
+	"strings"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/api/grpc"
+)
+
+// DeserializeRequestBodyIntoContainer deserializes the request's body into an endpoint-specific struct.
+func DeserializeRequestBodyIntoContainer(body io.Reader, requestContainer interface{}) ErrorJson {
+	decoder := json.NewDecoder(body)
+	decoder.DisallowUnknownFields()
+	if err := decoder.Decode(&requestContainer); err != nil {
+		if strings.Contains(err.Error(), "json: unknown field") {
+			e := errors.Wrap(err, "could not decode request body")
+			return &DefaultErrorJson{
+				Message: e.Error(),
+				Code:    http.StatusBadRequest,
+			}
+		}
+		return InternalServerErrorWithMessage(err, "could not decode request body")
+	}
+	return nil
+}
+
+// ProcessRequestContainerFields processes fields of an endpoint-specific container according to field tags.
+func ProcessRequestContainerFields(requestContainer interface{}) ErrorJson {
+	if err := processField(requestContainer, []fieldProcessor{
+		{
+			tag: "hex",
+			f:   hexToBase64Processor,
+		},
+		{
+			tag: "uint256",
+			f:   uint256ToBase64Processor,
+		},
+	}); err != nil {
+		return InternalServerErrorWithMessage(err, "could not process request data")
+	}
+	return nil
+}
+
+// SetRequestBodyToRequestContainer makes the endpoint-specific container the new body of the request.
+func SetRequestBodyToRequestContainer(requestContainer interface{}, req *http.Request) ErrorJson {
+	// Serialize the struct, which now includes a base64-encoded value, into JSON.
+	j, err := json.Marshal(requestContainer)
+	if err != nil {
+		return InternalServerErrorWithMessage(err, "could not marshal request")
+	}
+	// Set the body to the new JSON.
+	req.Body = io.NopCloser(bytes.NewReader(j))
+	req.Header.Set("Content-Length", strconv.Itoa(len(j)))
+	req.ContentLength = int64(len(j))
+	return nil
+}
+
+// PrepareRequestForProxying applies additional logic to the request so that it can be correctly proxied to grpc-gateway.
+func (m *ApiProxyMiddleware) PrepareRequestForProxying(endpoint Endpoint, req *http.Request) ErrorJson {
+	req.URL.Scheme = "http"
+	req.URL.Host = m.GatewayAddress
+	req.RequestURI = ""
+	if errJson := HandleURLParameters(endpoint.Path, req, endpoint.RequestURLLiterals); errJson != nil {
+		return errJson
+	}
+	if errJson := HandleQueryParameters(req, endpoint.RequestQueryParams); errJson != nil {
+		return errJson
+	}
+	// We have to add the prefix after handling parameters because adding the prefix changes URL segment indexing.
+	req.URL.Path = "/internal" + req.URL.Path
+	return nil
+}
+
+// ProxyRequest proxies the request to grpc-gateway.
+func (m *ApiProxyMiddleware) ProxyRequest(req *http.Request) (*http.Response, ErrorJson) {
+	// We do not use http.DefaultClient because it does not have any timeout.
+	netClient := &http.Client{Timeout: m.Timeout}
+	grpcResp, err := netClient.Do(req)
+	if err != nil {
+		if err, ok := err.(net.Error); ok && err.Timeout() {
+			return nil, TimeoutError()
+		}
+		return nil, InternalServerErrorWithMessage(err, "could not proxy request")
+	}
+	if grpcResp == nil {
+		return nil, &DefaultErrorJson{Message: "nil response from gRPC-gateway", Code: http.StatusInternalServerError}
+	}
+	return grpcResp, nil
+}
+
+// ReadGrpcResponseBody reads the body from the grpc-gateway's response.
+func ReadGrpcResponseBody(r io.Reader) ([]byte, ErrorJson) {
+	body, err := io.ReadAll(r)
+	if err != nil {
+		return nil, InternalServerErrorWithMessage(err, "could not read response body")
+	}
+	return body, nil
+}
+
+// HandleGrpcResponseError acts on an error that resulted from a grpc-gateway's response.
+// Whether there was an error is indicated by the bool return value. In case of an error,
+// there is no need to write to the response because it's taken care of by the function.
+func HandleGrpcResponseError(errJson ErrorJson, resp *http.Response, respBody []byte, w http.ResponseWriter) (bool, ErrorJson) {
+	responseHasError := false
+	if err := json.Unmarshal(respBody, errJson); err != nil {
+		return false, InternalServerErrorWithMessage(err, "could not unmarshal error")
+	}
+	if errJson.Msg() != "" {
+		responseHasError = true
+		// Something went wrong, but the request completed, meaning we can write headers and the error message.
+		for h, vs := range resp.Header {
+			for _, v := range vs {
+				w.Header().Set(h, v)
+			}
+		}
+		// Handle gRPC timeout.
+		if resp.StatusCode == http.StatusGatewayTimeout {
+			WriteError(w, TimeoutError(), resp.Header)
+		} else {
+			// Set code to HTTP code because unmarshalled body contained gRPC code.
+			errJson.SetCode(resp.StatusCode)
+			WriteError(w, errJson, resp.Header)
+		}
+	}
+	return responseHasError, nil
+}
+
+// GrpcResponseIsEmpty determines whether the grpc-gateway's response body contains no data.
+func GrpcResponseIsEmpty(grpcResponseBody []byte) bool {
+	return len(grpcResponseBody) == 0 || string(grpcResponseBody) == "{}"
+}
+
+// DeserializeGrpcResponseBodyIntoContainer deserializes the grpc-gateway's response body into an endpoint-specific struct.
+func DeserializeGrpcResponseBodyIntoContainer(body []byte, responseContainer interface{}) ErrorJson {
+	if err := json.Unmarshal(body, &responseContainer); err != nil {
+		return InternalServerErrorWithMessage(err, "could not unmarshal response")
+	}
+	return nil
+}
+
+// ProcessMiddlewareResponseFields processes fields of an endpoint-specific container according to field tags.
+func ProcessMiddlewareResponseFields(responseContainer interface{}) ErrorJson {
+	if err := processField(responseContainer, []fieldProcessor{
+		{
+			tag: "hex",
+			f:   base64ToHexProcessor,
+		},
+		{
+			tag: "address",
+			f:   base64ToChecksumAddressProcessor,
+		},
+		{
+			tag: "enum",
+			f:   enumToLowercaseProcessor,
+		},
+		{
+			tag: "time",
+			f:   timeToUnixProcessor,
+		},
+		{
+			tag: "uint256",
+			f:   base64ToUint256Processor,
+		},
+	}); err != nil {
+		return InternalServerErrorWithMessage(err, "could not process response data")
+	}
+	return nil
+}
+
+// SerializeMiddlewareResponseIntoJson serializes the endpoint-specific response struct into a JSON representation.
+func SerializeMiddlewareResponseIntoJson(responseContainer interface{}) (jsonResponse []byte, errJson ErrorJson) {
+	j, err := json.Marshal(responseContainer)
+	if err != nil {
+		return nil, InternalServerErrorWithMessage(err, "could not marshal response")
+	}
+	return j, nil
+}
+
+// WriteMiddlewareResponseHeadersAndBody populates headers and the body of the final response.
+func WriteMiddlewareResponseHeadersAndBody(grpcResp *http.Response, responseJson []byte, w http.ResponseWriter) ErrorJson {
+	var statusCodeHeader string
+	for h, vs := range grpcResp.Header {
+		// We don't want to expose any gRPC metadata in the HTTP response, so we skip forwarding metadata headers.
+		if strings.HasPrefix(h, "Grpc-Metadata") {
+			if h == "Grpc-Metadata-"+grpc.HttpCodeMetadataKey {
+				statusCodeHeader = vs[0]
+			}
+		} else {
+			for _, v := range vs {
+				w.Header().Set(h, v)
+			}
+		}
+	}
+	if !GrpcResponseIsEmpty(responseJson) {
+		w.Header().Set("Content-Length", strconv.Itoa(len(responseJson)))
+		if statusCodeHeader != "" {
+			code, err := strconv.Atoi(statusCodeHeader)
+			if err != nil {
+				return InternalServerErrorWithMessage(err, "could not parse status code")
+			}
+			w.WriteHeader(code)
+		} else {
+			w.WriteHeader(grpcResp.StatusCode)
+		}
+		if _, err := io.Copy(w, io.NopCloser(bytes.NewReader(responseJson))); err != nil {
+			return InternalServerErrorWithMessage(err, "could not write response message")
+		}
+	} else {
+		w.Header().Set("Content-Length", "0")
+		w.WriteHeader(grpcResp.StatusCode)
+	}
+	return nil
+}
+
+// WriteError writes the error by manipulating headers and the body of the final response.
+func WriteError(w http.ResponseWriter, errJson ErrorJson, responseHeader http.Header) {
+	// Include custom error in the error JSON.
+	hasCustomError := false
+	if responseHeader != nil {
+		customError, ok := responseHeader["Grpc-Metadata-"+grpc.CustomErrorMetadataKey]
+		if ok {
+			hasCustomError = true
+			// Assume header has only one value and read the 0 index.
+			if err := json.Unmarshal([]byte(customError[0]), errJson); err != nil {
+				log.WithError(err).Error("Could not unmarshal custom error message")
+				return
+			}
+		}
+	}
+
+	var j []byte
+	if hasCustomError {
+		var err error
+		j, err = json.Marshal(errJson)
+		if err != nil {
+			log.WithError(err).Error("Could not marshal error message")
+			return
+		}
+	} else {
+		var err error
+		// We marshal the response body into a DefaultErrorJson if the custom error is not present.
+		// This is because the ErrorJson argument is the endpoint's error definition, which may contain custom fields.
+		// In such a scenario marhaling the endpoint's error would populate the resulting JSON
+		// with these fields even if they are not present in the gRPC header.
+		d := &DefaultErrorJson{
+			Message: errJson.Msg(),
+			Code:    errJson.StatusCode(),
+		}
+		j, err = json.Marshal(d)
+		if err != nil {
+			log.WithError(err).Error("Could not marshal error message")
+			return
+		}
+	}
+
+	w.Header().Set("Content-Length", strconv.Itoa(len(j)))
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(errJson.StatusCode())
+	if _, err := io.Copy(w, io.NopCloser(bytes.NewReader(j))); err != nil {
+		log.WithError(err).Error("Could not write error message")
+	}
+}
+
+// Cleanup performs final cleanup on the initial response from grpc-gateway.
+func Cleanup(grpcResponseBody io.ReadCloser) ErrorJson {
+	if err := grpcResponseBody.Close(); err != nil {
+		return InternalServerErrorWithMessage(err, "could not close response body")
+	}
+	return nil
+}
--- a/api/gateway/apimiddleware/process_request_test.go
+++ b/api/gateway/apimiddleware/process_request_test.go
@@ -0,0 +1,429 @@
+package apimiddleware
+
+import (
+	"bytes"
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"github.com/prysmaticlabs/prysm/v3/api/grpc"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	"github.com/sirupsen/logrus/hooks/test"
+)
+
+type testRequestContainer struct {
+	TestString         string
+	TestHexString      string `hex:"true"`
+	TestEmptyHexString string `hex:"true"`
+	TestUint256String  string `uint256:"true"`
+}
+
+func defaultRequestContainer() *testRequestContainer {
+	return &testRequestContainer{
+		TestString:         "test string",
+		TestHexString:      "0x666F6F", // hex encoding of "foo"
+		TestEmptyHexString: "0x",
+		TestUint256String:  "4196",
+	}
+}
+
+type testResponseContainer struct {
+	TestString       string
+	TestHex          string `hex:"true"`
+	TestEmptyHex     string `hex:"true"`
+	TestAddress      string `address:"true"`
+	TestEmptyAddress string `address:"true"`
+	TestUint256      string `uint256:"true"`
+	TestEnum         string `enum:"true"`
+	TestTime         string `time:"true"`
+}
+
+func defaultResponseContainer() *testResponseContainer {
+	return &testResponseContainer{
+		TestString:       "test string",
+		TestHex:          "Zm9v", // base64 encoding of "foo"
+		TestEmptyHex:     "",
+		TestAddress:      "Zm9v",
+		TestEmptyAddress: "",
+		TestEnum:         "Test Enum",
+		TestTime:         "2006-01-02T15:04:05Z",
+
+		// base64 encoding of 4196 in little-endian
+		TestUint256: "ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=",
+	}
+}
+
+type testErrorJson struct {
+	Message     string
+	Code        int
+	CustomField string
+}
+
+// StatusCode returns the error's underlying error code.
+func (e *testErrorJson) StatusCode() int {
+	return e.Code
+}
+
+// Msg returns the error's underlying message.
+func (e *testErrorJson) Msg() string {
+	return e.Message
+}
+
+// SetCode sets the error's underlying error code.
+func (e *testErrorJson) SetCode(code int) {
+	e.Code = code
+}
+
+// SetMsg sets the error's underlying message.
+func (e *testErrorJson) SetMsg(msg string) {
+	e.Message = msg
+}
+
+func TestDeserializeRequestBodyIntoContainer(t *testing.T) {
+	t.Run("ok", func(t *testing.T) {
+		var bodyJson bytes.Buffer
+		err := json.NewEncoder(&bodyJson).Encode(defaultRequestContainer())
+		require.NoError(t, err)
+
+		container := &testRequestContainer{}
+		errJson := DeserializeRequestBodyIntoContainer(&bodyJson, container)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "test string", container.TestString)
+	})
+
+	t.Run("error", func(t *testing.T) {
+		var bodyJson bytes.Buffer
+		bodyJson.Write([]byte("foo"))
+		errJson := DeserializeRequestBodyIntoContainer(&bodyJson, &testRequestContainer{})
+		require.NotNil(t, errJson)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not decode request body"))
+		assert.Equal(t, http.StatusInternalServerError, errJson.StatusCode())
+	})
+
+	t.Run("unknown field", func(t *testing.T) {
+		var bodyJson bytes.Buffer
+		bodyJson.Write([]byte("{\"foo\":\"foo\"}"))
+		errJson := DeserializeRequestBodyIntoContainer(&bodyJson, &testRequestContainer{})
+		require.NotNil(t, errJson)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not decode request body"))
+		assert.Equal(t, http.StatusBadRequest, errJson.StatusCode())
+	})
+}
+
+func TestProcessRequestContainerFields(t *testing.T) {
+	t.Run("ok", func(t *testing.T) {
+		container := defaultRequestContainer()
+
+		errJson := ProcessRequestContainerFields(container)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "Zm9v", container.TestHexString)
+		assert.Equal(t, "", container.TestEmptyHexString)
+		assert.Equal(t, "ZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=", container.TestUint256String)
+	})
+
+	t.Run("error", func(t *testing.T) {
+		errJson := ProcessRequestContainerFields("foo")
+		require.NotNil(t, errJson)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not process request data"))
+		assert.Equal(t, http.StatusInternalServerError, errJson.StatusCode())
+	})
+}
+
+func TestSetRequestBodyToRequestContainer(t *testing.T) {
+	var body bytes.Buffer
+	request := httptest.NewRequest("GET", "http://foo.example", &body)
+
+	errJson := SetRequestBodyToRequestContainer(defaultRequestContainer(), request)
+	require.Equal(t, true, errJson == nil)
+	container := &testRequestContainer{}
+	require.NoError(t, json.NewDecoder(request.Body).Decode(container))
+	assert.Equal(t, "test string", container.TestString)
+	contentLengthHeader, ok := request.Header["Content-Length"]
+	require.Equal(t, true, ok)
+	require.Equal(t, 1, len(contentLengthHeader), "wrong number of header values")
+	assert.Equal(t, "108", contentLengthHeader[0])
+	assert.Equal(t, int64(108), request.ContentLength)
+}
+
+func TestPrepareRequestForProxying(t *testing.T) {
+	middleware := &ApiProxyMiddleware{
+		GatewayAddress: "http://gateway.example",
+	}
+	// We will set some params to make the request more interesting.
+	endpoint := Endpoint{
+		Path:               "/{url_param}",
+		RequestURLLiterals: []string{"url_param"},
+		RequestQueryParams: []QueryParam{{Name: "query_param"}},
+	}
+	var body bytes.Buffer
+	request := httptest.NewRequest("GET", "http://foo.example?query_param=bar", &body)
+
+	errJson := middleware.PrepareRequestForProxying(endpoint, request)
+	require.Equal(t, true, errJson == nil)
+	assert.Equal(t, "http", request.URL.Scheme)
+	assert.Equal(t, middleware.GatewayAddress, request.URL.Host)
+	assert.Equal(t, "", request.RequestURI)
+}
+
+func TestReadGrpcResponseBody(t *testing.T) {
+	var b bytes.Buffer
+	b.Write([]byte("foo"))
+
+	body, jsonErr := ReadGrpcResponseBody(&b)
+	require.Equal(t, true, jsonErr == nil)
+	assert.Equal(t, "foo", string(body))
+}
+
+func TestHandleGrpcResponseError(t *testing.T) {
+	response := &http.Response{
+		StatusCode: 400,
+		Header: http.Header{
+			"Foo": []string{"foo"},
+			"Bar": []string{"bar"},
+		},
+	}
+	writer := httptest.NewRecorder()
+	errJson := &testErrorJson{
+		Message: "foo",
+		Code:    400,
+	}
+	b, err := json.Marshal(errJson)
+	require.NoError(t, err)
+
+	hasError, e := HandleGrpcResponseError(errJson, response, b, writer)
+	require.Equal(t, true, e == nil)
+	assert.Equal(t, true, hasError)
+	v, ok := writer.Header()["Foo"]
+	require.Equal(t, true, ok, "header not found")
+	require.Equal(t, 1, len(v), "wrong number of header values")
+	assert.Equal(t, "foo", v[0])
+	v, ok = writer.Header()["Bar"]
+	require.Equal(t, true, ok, "header not found")
+	require.Equal(t, 1, len(v), "wrong number of header values")
+	assert.Equal(t, "bar", v[0])
+	assert.Equal(t, 400, errJson.StatusCode())
+}
+
+func TestGrpcResponseIsEmpty(t *testing.T) {
+	t.Run("nil", func(t *testing.T) {
+		assert.Equal(t, true, GrpcResponseIsEmpty(nil))
+	})
+	t.Run("empty_slice", func(t *testing.T) {
+		assert.Equal(t, true, GrpcResponseIsEmpty(make([]byte, 0)))
+	})
+	t.Run("empty_brackets", func(t *testing.T) {
+		assert.Equal(t, true, GrpcResponseIsEmpty([]byte("{}")))
+	})
+	t.Run("non_empty", func(t *testing.T) {
+		assert.Equal(t, false, GrpcResponseIsEmpty([]byte("{\"foo\":\"bar\"})")))
+	})
+}
+
+func TestDeserializeGrpcResponseBodyIntoContainer(t *testing.T) {
+	t.Run("ok", func(t *testing.T) {
+		body, err := json.Marshal(defaultRequestContainer())
+		require.NoError(t, err)
+
+		container := &testRequestContainer{}
+		errJson := DeserializeGrpcResponseBodyIntoContainer(body, container)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "test string", container.TestString)
+	})
+
+	t.Run("error", func(t *testing.T) {
+		var bodyJson bytes.Buffer
+		bodyJson.Write([]byte("foo"))
+		errJson := DeserializeGrpcResponseBodyIntoContainer(bodyJson.Bytes(), &testRequestContainer{})
+		require.NotNil(t, errJson)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not unmarshal response"))
+		assert.Equal(t, http.StatusInternalServerError, errJson.StatusCode())
+	})
+}
+
+func TestProcessMiddlewareResponseFields(t *testing.T) {
+	t.Run("Ok", func(t *testing.T) {
+		container := defaultResponseContainer()
+
+		errJson := ProcessMiddlewareResponseFields(container)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, "0x666f6f", container.TestHex)
+		assert.Equal(t, "0x", container.TestEmptyHex)
+		assert.Equal(t, "0x0000000000000000000000000000000000666F6f", container.TestAddress)
+		assert.Equal(t, "0x", container.TestEmptyAddress)
+		assert.Equal(t, "4196", container.TestUint256)
+		assert.Equal(t, "test enum", container.TestEnum)
+		assert.Equal(t, "1136214245", container.TestTime)
+	})
+
+	t.Run("error", func(t *testing.T) {
+		errJson := ProcessMiddlewareResponseFields("foo")
+		require.NotNil(t, errJson)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not process response data"))
+		assert.Equal(t, http.StatusInternalServerError, errJson.StatusCode())
+	})
+}
+
+func TestSerializeMiddlewareResponseIntoJson(t *testing.T) {
+	container := defaultResponseContainer()
+	j, errJson := SerializeMiddlewareResponseIntoJson(container)
+	assert.Equal(t, true, errJson == nil)
+	cToDeserialize := &testResponseContainer{}
+	require.NoError(t, json.Unmarshal(j, cToDeserialize))
+	assert.Equal(t, "test string", cToDeserialize.TestString)
+}
+
+func TestWriteMiddlewareResponseHeadersAndBody(t *testing.T) {
+	t.Run("GET", func(t *testing.T) {
+		response := &http.Response{
+			Header: http.Header{
+				"Foo": []string{"foo"},
+				"Grpc-Metadata-" + grpc.HttpCodeMetadataKey: []string{"204"},
+			},
+		}
+		container := defaultResponseContainer()
+		responseJson, err := json.Marshal(container)
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+		writer.Body = &bytes.Buffer{}
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, true, errJson == nil)
+		v, ok := writer.Header()["Foo"]
+		require.Equal(t, true, ok, "header not found")
+		require.Equal(t, 1, len(v), "wrong number of header values")
+		assert.Equal(t, "foo", v[0])
+		v, ok = writer.Header()["Content-Length"]
+		require.Equal(t, true, ok, "header not found")
+		require.Equal(t, 1, len(v), "wrong number of header values")
+		assert.Equal(t, "224", v[0])
+		assert.Equal(t, 204, writer.Code)
+		assert.DeepEqual(t, responseJson, writer.Body.Bytes())
+	})
+
+	t.Run("GET_no_grpc_status_code_header", func(t *testing.T) {
+		response := &http.Response{
+			Header:     http.Header{},
+			StatusCode: 204,
+		}
+		container := defaultResponseContainer()
+		responseJson, err := json.Marshal(container)
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, 204, writer.Code)
+	})
+
+	t.Run("GET_invalid_status_code", func(t *testing.T) {
+		response := &http.Response{
+			Header: http.Header{},
+		}
+
+		// Set invalid status code.
+		response.Header["Grpc-Metadata-"+grpc.HttpCodeMetadataKey] = []string{"invalid"}
+
+		container := defaultResponseContainer()
+		responseJson, err := json.Marshal(container)
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, false, errJson == nil)
+		assert.Equal(t, true, strings.Contains(errJson.Msg(), "could not parse status code"))
+		assert.Equal(t, http.StatusInternalServerError, errJson.StatusCode())
+	})
+
+	t.Run("POST", func(t *testing.T) {
+		response := &http.Response{
+			Header:     http.Header{},
+			StatusCode: 204,
+		}
+		container := defaultResponseContainer()
+		responseJson, err := json.Marshal(container)
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, 204, writer.Code)
+	})
+
+	t.Run("POST_with_response_body", func(t *testing.T) {
+		response := &http.Response{
+			Header:     http.Header{},
+			StatusCode: 204,
+		}
+		container := defaultResponseContainer()
+		responseJson, err := json.Marshal(container)
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+		writer.Body = &bytes.Buffer{}
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, 204, writer.Code)
+		assert.DeepEqual(t, responseJson, writer.Body.Bytes())
+	})
+
+	t.Run("POST_with_empty_json_body", func(t *testing.T) {
+		response := &http.Response{
+			Header:     http.Header{},
+			StatusCode: 204,
+		}
+		responseJson, err := json.Marshal(struct{}{})
+		require.NoError(t, err)
+		writer := httptest.NewRecorder()
+		writer.Body = &bytes.Buffer{}
+
+		errJson := WriteMiddlewareResponseHeadersAndBody(response, responseJson, writer)
+		require.Equal(t, true, errJson == nil)
+		assert.Equal(t, 204, writer.Code)
+		assert.DeepEqual(t, []byte(nil), writer.Body.Bytes())
+		assert.Equal(t, "0", writer.Header()["Content-Length"][0])
+	})
+}
+
+func TestWriteError(t *testing.T) {
+	t.Run("ok", func(t *testing.T) {
+		responseHeader := http.Header{
+			"Grpc-Metadata-" + grpc.CustomErrorMetadataKey: []string{"{\"CustomField\":\"bar\"}"},
+		}
+		errJson := &testErrorJson{
+			Message: "foo",
+			Code:    500,
+		}
+		writer := httptest.NewRecorder()
+		writer.Body = &bytes.Buffer{}
+
+		WriteError(writer, errJson, responseHeader)
+		v, ok := writer.Header()["Content-Length"]
+		require.Equal(t, true, ok, "header not found")
+		require.Equal(t, 1, len(v), "wrong number of header values")
+		assert.Equal(t, "48", v[0])
+		v, ok = writer.Header()["Content-Type"]
+		require.Equal(t, true, ok, "header not found")
+		require.Equal(t, 1, len(v), "wrong number of header values")
+		assert.Equal(t, "application/json", v[0])
+		assert.Equal(t, 500, writer.Code)
+		eDeserialize := &testErrorJson{}
+		require.NoError(t, json.Unmarshal(writer.Body.Bytes(), eDeserialize))
+		assert.Equal(t, "foo", eDeserialize.Message)
+		assert.Equal(t, 500, eDeserialize.Code)
+		assert.Equal(t, "bar", eDeserialize.CustomField)
+	})
+
+	t.Run("invalid_custom_error_header", func(t *testing.T) {
+		logHook := test.NewGlobal()
+
+		responseHeader := http.Header{
+			"Grpc-Metadata-" + grpc.CustomErrorMetadataKey: []string{"invalid"},
+		}
+
+		WriteError(httptest.NewRecorder(), &testErrorJson{}, responseHeader)
+		assert.LogsContain(t, logHook, "Could not unmarshal custom error message")
+	})
+}
--- a/api/gateway/apimiddleware/structs.go
+++ b/api/gateway/apimiddleware/structs.go
@@ -0,0 +1,69 @@
+package apimiddleware
+
+import (
+	"net/http"
+
+	"github.com/pkg/errors"
+)
+
+// ---------------
+// Error handling.
+// ---------------
+
+// ErrorJson describes common functionality of all JSON error representations.
+type ErrorJson interface {
+	StatusCode() int
+	SetCode(code int)
+	Msg() string
+	SetMsg(msg string)
+}
+
+// DefaultErrorJson is a JSON representation of a simple error value, containing only a message and an error code.
+type DefaultErrorJson struct {
+	Message string `json:"message"`
+	Code    int    `json:"code"`
+}
+
+// InternalServerErrorWithMessage returns a DefaultErrorJson with 500 code and a custom message.
+func InternalServerErrorWithMessage(err error, message string) *DefaultErrorJson {
+	e := errors.Wrapf(err, message)
+	return &DefaultErrorJson{
+		Message: e.Error(),
+		Code:    http.StatusInternalServerError,
+	}
+}
+
+// InternalServerError returns a DefaultErrorJson with 500 code.
+func InternalServerError(err error) *DefaultErrorJson {
+	return &DefaultErrorJson{
+		Message: err.Error(),
+		Code:    http.StatusInternalServerError,
+	}
+}
+
+func TimeoutError() *DefaultErrorJson {
+	return &DefaultErrorJson{
+		Message: "Request timeout",
+		Code:    http.StatusRequestTimeout,
+	}
+}
+
+// StatusCode returns the error's underlying error code.
+func (e *DefaultErrorJson) StatusCode() int {
+	return e.Code
+}
+
+// Msg returns the error's underlying message.
+func (e *DefaultErrorJson) Msg() string {
+	return e.Message
+}
+
+// SetCode sets the error's underlying error code.
+func (e *DefaultErrorJson) SetCode(code int) {
+	e.Code = code
+}
+
+// SetMsg sets the error's underlying message.
+func (e *DefaultErrorJson) SetMsg(msg string) {
+	e.Message = msg
+}
--- a/api/gateway/gateway.go
+++ b/api/gateway/gateway.go
@@ -0,0 +1,257 @@
+// Package gateway defines a grpc-gateway server that serves HTTP-JSON traffic and acts a proxy between HTTP and gRPC.
+package gateway
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"net/http"
+	"path"
+	"strings"
+	"time"
+
+	"github.com/gorilla/mux"
+	gwruntime "github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/api/gateway/apimiddleware"
+	"github.com/prysmaticlabs/prysm/v3/runtime"
+	"github.com/rs/cors"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/connectivity"
+	"google.golang.org/grpc/credentials"
+)
+
+var _ runtime.Service = (*Gateway)(nil)
+
+// PbMux serves grpc-gateway requests for selected patterns using registered protobuf handlers.
+type PbMux struct {
+	Registrations []PbHandlerRegistration // Protobuf registrations to be registered in Mux.
+	Patterns      []string                // URL patterns that will be handled by Mux.
+	Mux           *gwruntime.ServeMux     // The router that will be used for grpc-gateway requests.
+}
+
+// PbHandlerRegistration is a function that registers a protobuf handler.
+type PbHandlerRegistration func(context.Context, *gwruntime.ServeMux, *grpc.ClientConn) error
+
+// MuxHandler is a function that implements the mux handler functionality.
+type MuxHandler func(
+	apiMiddlewareHandler *apimiddleware.ApiProxyMiddleware,
+	h http.HandlerFunc,
+	w http.ResponseWriter,
+	req *http.Request,
+)
+
+// Config parameters for setting up the gateway service.
+type config struct {
+	maxCallRecvMsgSize           uint64
+	remoteCert                   string
+	gatewayAddr                  string
+	remoteAddr                   string
+	allowedOrigins               []string
+	apiMiddlewareEndpointFactory apimiddleware.EndpointFactory
+	muxHandler                   MuxHandler
+	pbHandlers                   []*PbMux
+	router                       *mux.Router
+	timeout                      time.Duration
+}
+
+// Gateway is the gRPC gateway to serve HTTP JSON traffic as a proxy and forward it to the gRPC server.
+type Gateway struct {
+	cfg          *config
+	conn         *grpc.ClientConn
+	server       *http.Server
+	cancel       context.CancelFunc
+	proxy        *apimiddleware.ApiProxyMiddleware
+	ctx          context.Context
+	startFailure error
+}
+
+// New returns a new instance of the Gateway.
+func New(ctx context.Context, opts ...Option) (*Gateway, error) {
+	g := &Gateway{
+		ctx: ctx,
+		cfg: &config{
+			router: mux.NewRouter(),
+		},
+	}
+	for _, opt := range opts {
+		if err := opt(g); err != nil {
+			return nil, err
+		}
+	}
+	return g, nil
+}
+
+// Start the gateway service.
+func (g *Gateway) Start() {
+	ctx, cancel := context.WithCancel(g.ctx)
+	g.cancel = cancel
+
+	conn, err := g.dial(ctx, "tcp", g.cfg.remoteAddr)
+	if err != nil {
+		log.WithError(err).Error("Failed to connect to gRPC server")
+		g.startFailure = err
+		return
+	}
+	g.conn = conn
+
+	for _, h := range g.cfg.pbHandlers {
+		for _, r := range h.Registrations {
+			if err := r(ctx, h.Mux, g.conn); err != nil {
+				log.WithError(err).Error("Failed to register handler")
+				g.startFailure = err
+				return
+			}
+		}
+		for _, p := range h.Patterns {
+			g.cfg.router.PathPrefix(p).Handler(h.Mux)
+		}
+	}
+
+	corsMux := g.corsMiddleware(g.cfg.router)
+
+	if g.cfg.apiMiddlewareEndpointFactory != nil && !g.cfg.apiMiddlewareEndpointFactory.IsNil() {
+		g.registerApiMiddleware()
+	}
+
+	if g.cfg.muxHandler != nil {
+		g.cfg.router.PathPrefix("/").HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			g.cfg.muxHandler(g.proxy, corsMux.ServeHTTP, w, r)
+		})
+	}
+
+	g.server = &http.Server{
+		Addr:              g.cfg.gatewayAddr,
+		Handler:           corsMux,
+		ReadHeaderTimeout: time.Second,
+	}
+
+	go func() {
+		log.WithField("address", g.cfg.gatewayAddr).Info("Starting gRPC gateway")
+		if err := g.server.ListenAndServe(); err != http.ErrServerClosed {
+			log.WithError(err).Error("Failed to start gRPC gateway")
+			g.startFailure = err
+			return
+		}
+	}()
+}
+
+// Status of grpc gateway. Returns an error if this service is unhealthy.
+func (g *Gateway) Status() error {
+	if g.startFailure != nil {
+		return g.startFailure
+	}
+	if s := g.conn.GetState(); s != connectivity.Ready {
+		return fmt.Errorf("grpc server is %s", s)
+	}
+	return nil
+}
+
+// Stop the gateway with a graceful shutdown.
+func (g *Gateway) Stop() error {
+	if g.server != nil {
+		shutdownCtx, shutdownCancel := context.WithTimeout(g.ctx, 2*time.Second)
+		defer shutdownCancel()
+		if err := g.server.Shutdown(shutdownCtx); err != nil {
+			if errors.Is(err, context.DeadlineExceeded) {
+				log.Warn("Existing connections terminated")
+			} else {
+				log.WithError(err).Error("Failed to gracefully shut down server")
+			}
+		}
+	}
+	if g.cancel != nil {
+		g.cancel()
+	}
+	return nil
+}
+
+func (g *Gateway) corsMiddleware(h http.Handler) http.Handler {
+	c := cors.New(cors.Options{
+		AllowedOrigins:   g.cfg.allowedOrigins,
+		AllowedMethods:   []string{http.MethodPost, http.MethodGet, http.MethodDelete, http.MethodOptions},
+		AllowCredentials: true,
+		MaxAge:           600,
+		AllowedHeaders:   []string{"*"},
+	})
+	return c.Handler(h)
+}
+
+const swaggerDir = "proto/prysm/v1alpha1/"
+
+// SwaggerServer returns swagger specification files located under "/swagger/"
+func SwaggerServer() http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if !strings.HasSuffix(r.URL.Path, ".swagger.json") {
+			log.Debugf("Not found: %s", r.URL.Path)
+			http.NotFound(w, r)
+			return
+		}
+
+		log.Debugf("Serving %s\n", r.URL.Path)
+		p := strings.TrimPrefix(r.URL.Path, "/swagger/")
+		p = path.Join(swaggerDir, p)
+		http.ServeFile(w, r, p)
+	}
+}
+
+// dial the gRPC server.
+func (g *Gateway) dial(ctx context.Context, network, addr string) (*grpc.ClientConn, error) {
+	switch network {
+	case "tcp":
+		return g.dialTCP(ctx, addr)
+	case "unix":
+		return g.dialUnix(ctx, addr)
+	default:
+		return nil, fmt.Errorf("unsupported network type %q", network)
+	}
+}
+
+// dialTCP creates a client connection via TCP.
+// "addr" must be a valid TCP address with a port number.
+func (g *Gateway) dialTCP(ctx context.Context, addr string) (*grpc.ClientConn, error) {
+	security := grpc.WithInsecure()
+	if len(g.cfg.remoteCert) > 0 {
+		creds, err := credentials.NewClientTLSFromFile(g.cfg.remoteCert, "")
+		if err != nil {
+			return nil, err
+		}
+		security = grpc.WithTransportCredentials(creds)
+	}
+	opts := []grpc.DialOption{
+		security,
+		grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(int(g.cfg.maxCallRecvMsgSize))),
+	}
+
+	return grpc.DialContext(ctx, addr, opts...)
+}
+
+// dialUnix creates a client connection via a unix domain socket.
+// "addr" must be a valid path to the socket.
+func (g *Gateway) dialUnix(ctx context.Context, addr string) (*grpc.ClientConn, error) {
+	d := func(addr string, timeout time.Duration) (net.Conn, error) {
+		return net.DialTimeout("unix", addr, timeout)
+	}
+	f := func(ctx context.Context, addr string) (net.Conn, error) {
+		if deadline, ok := ctx.Deadline(); ok {
+			return d(addr, time.Until(deadline))
+		}
+		return d(addr, 0)
+	}
+	opts := []grpc.DialOption{
+		grpc.WithInsecure(),
+		grpc.WithContextDialer(f),
+		grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(int(g.cfg.maxCallRecvMsgSize))),
+	}
+	return grpc.DialContext(ctx, addr, opts...)
+}
+
+func (g *Gateway) registerApiMiddleware() {
+	g.proxy = &apimiddleware.ApiProxyMiddleware{
+		GatewayAddress:  g.cfg.gatewayAddr,
+		EndpointCreator: g.cfg.apiMiddlewareEndpointFactory,
+		Timeout:         g.cfg.timeout,
+	}
+	log.Info("Starting API middleware")
+	g.proxy.Run(g.cfg.router)
+}
--- a/api/gateway/gateway_test.go
+++ b/api/gateway/gateway_test.go
@@ -0,0 +1,128 @@
+package gateway
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"testing"
+
+	"github.com/gorilla/mux"
+	"github.com/prysmaticlabs/prysm/v3/api/gateway/apimiddleware"
+	"github.com/prysmaticlabs/prysm/v3/cmd/beacon-chain/flags"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	logTest "github.com/sirupsen/logrus/hooks/test"
+	"github.com/urfave/cli/v2"
+)
+
+type mockEndpointFactory struct {
+}
+
+func (*mockEndpointFactory) Paths() []string {
+	return []string{}
+}
+
+func (*mockEndpointFactory) Create(_ string) (*apimiddleware.Endpoint, error) {
+	return nil, nil
+}
+
+func (*mockEndpointFactory) IsNil() bool {
+	return false
+}
+
+func TestGateway_Customized(t *testing.T) {
+	r := mux.NewRouter()
+	cert := "cert"
+	origins := []string{"origin"}
+	size := uint64(100)
+	endpointFactory := &mockEndpointFactory{}
+
+	opts := []Option{
+		WithRouter(r),
+		WithRemoteCert(cert),
+		WithAllowedOrigins(origins),
+		WithMaxCallRecvMsgSize(size),
+		WithApiMiddleware(endpointFactory),
+		WithMuxHandler(func(
+			_ *apimiddleware.ApiProxyMiddleware,
+			_ http.HandlerFunc,
+			_ http.ResponseWriter,
+			_ *http.Request,
+		) {
+		}),
+	}
+
+	g, err := New(context.Background(), opts...)
+	require.NoError(t, err)
+
+	assert.Equal(t, r, g.cfg.router)
+	assert.Equal(t, cert, g.cfg.remoteCert)
+	require.Equal(t, 1, len(g.cfg.allowedOrigins))
+	assert.Equal(t, origins[0], g.cfg.allowedOrigins[0])
+	assert.Equal(t, size, g.cfg.maxCallRecvMsgSize)
+	assert.Equal(t, endpointFactory, g.cfg.apiMiddlewareEndpointFactory)
+}
+
+func TestGateway_StartStop(t *testing.T) {
+	hook := logTest.NewGlobal()
+
+	app := cli.App{}
+	set := flag.NewFlagSet("test", 0)
+	ctx := cli.NewContext(&app, set, nil)
+
+	gatewayPort := ctx.Int(flags.GRPCGatewayPort.Name)
+	gatewayHost := ctx.String(flags.GRPCGatewayHost.Name)
+	rpcHost := ctx.String(flags.RPCHost.Name)
+	selfAddress := fmt.Sprintf("%s:%d", rpcHost, ctx.Int(flags.RPCPort.Name))
+	gatewayAddress := fmt.Sprintf("%s:%d", gatewayHost, gatewayPort)
+
+	opts := []Option{
+		WithGatewayAddr(gatewayAddress),
+		WithRemoteAddr(selfAddress),
+		WithMuxHandler(func(
+			_ *apimiddleware.ApiProxyMiddleware,
+			_ http.HandlerFunc,
+			_ http.ResponseWriter,
+			_ *http.Request,
+		) {
+		}),
+	}
+
+	g, err := New(context.Background(), opts...)
+	require.NoError(t, err)
+
+	g.Start()
+	go func() {
+		require.LogsContain(t, hook, "Starting gRPC gateway")
+		require.LogsDoNotContain(t, hook, "Starting API middleware")
+	}()
+	err = g.Stop()
+	require.NoError(t, err)
+}
+
+func TestGateway_NilHandler_NotFoundHandlerRegistered(t *testing.T) {
+	app := cli.App{}
+	set := flag.NewFlagSet("test", 0)
+	ctx := cli.NewContext(&app, set, nil)
+
+	gatewayPort := ctx.Int(flags.GRPCGatewayPort.Name)
+	gatewayHost := ctx.String(flags.GRPCGatewayHost.Name)
+	rpcHost := ctx.String(flags.RPCHost.Name)
+	selfAddress := fmt.Sprintf("%s:%d", rpcHost, ctx.Int(flags.RPCPort.Name))
+	gatewayAddress := fmt.Sprintf("%s:%d", gatewayHost, gatewayPort)
+
+	opts := []Option{
+		WithGatewayAddr(gatewayAddress),
+		WithRemoteAddr(selfAddress),
+	}
+
+	g, err := New(context.Background(), opts...)
+	require.NoError(t, err)
+
+	writer := httptest.NewRecorder()
+	g.cfg.router.ServeHTTP(writer, &http.Request{Method: "GET", Host: "localhost", URL: &url.URL{Path: "/foo"}})
+	assert.Equal(t, http.StatusNotFound, writer.Code)
+}
--- a/beacon-chain/gateway/log.go
+++ b/beacon-chain/gateway/log.go
--- a/api/gateway/modifiers.go
+++ b/api/gateway/modifiers.go
@@ -0,0 +1,30 @@
+package gateway
+
+import (
+	"context"
+	"net/http"
+	"strconv"
+
+	gwruntime "github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
+	"google.golang.org/protobuf/proto"
+)
+
+func HttpResponseModifier(ctx context.Context, w http.ResponseWriter, _ proto.Message) error {
+	md, ok := gwruntime.ServerMetadataFromContext(ctx)
+	if !ok {
+		return nil
+	}
+	// set http status code
+	if vals := md.HeaderMD.Get("x-http-code"); len(vals) > 0 {
+		code, err := strconv.Atoi(vals[0])
+		if err != nil {
+			return err
+		}
+		// delete the headers to not expose any grpc-metadata in http response
+		delete(md.HeaderMD, "x-http-code")
+		delete(w.Header(), "Grpc-Metadata-X-Http-Code")
+		w.WriteHeader(code)
+	}
+
+	return nil
+}
--- a/api/gateway/options.go
+++ b/api/gateway/options.go
@@ -0,0 +1,93 @@
+package gateway
+
+import (
+	"time"
+
+	"github.com/gorilla/mux"
+	gwruntime "github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
+	"github.com/prysmaticlabs/prysm/v3/api/gateway/apimiddleware"
+)
+
+type Option func(g *Gateway) error
+
+func (g *Gateway) SetRouter(r *mux.Router) *Gateway {
+	g.cfg.router = r
+	return g
+}
+
+func WithPbHandlers(handlers []*PbMux) Option {
+	return func(g *Gateway) error {
+		g.cfg.pbHandlers = handlers
+		return nil
+	}
+}
+
+func WithMuxHandler(m MuxHandler) Option {
+	return func(g *Gateway) error {
+		g.cfg.muxHandler = m
+		return nil
+	}
+}
+
+func WithGatewayAddr(addr string) Option {
+	return func(g *Gateway) error {
+		g.cfg.gatewayAddr = addr
+		return nil
+	}
+}
+
+func WithRemoteAddr(addr string) Option {
+	return func(g *Gateway) error {
+		g.cfg.remoteAddr = addr
+		return nil
+	}
+}
+
+// WithRouter allows adding a custom mux router to the gateway.
+func WithRouter(r *mux.Router) Option {
+	return func(g *Gateway) error {
+		g.cfg.router = r
+		return nil
+	}
+}
+
+// WithAllowedOrigins allows adding a set of allowed origins to the gateway.
+func WithAllowedOrigins(origins []string) Option {
+	return func(g *Gateway) error {
+		g.cfg.allowedOrigins = origins
+		return nil
+	}
+}
+
+// WithRemoteCert allows adding a custom certificate to the gateway,
+func WithRemoteCert(cert string) Option {
+	return func(g *Gateway) error {
+		g.cfg.remoteCert = cert
+		return nil
+	}
+}
+
+// WithMaxCallRecvMsgSize allows specifying the maximum allowed gRPC message size.
+func WithMaxCallRecvMsgSize(size uint64) Option {
+	return func(g *Gateway) error {
+		g.cfg.maxCallRecvMsgSize = size
+		return nil
+	}
+}
+
+// WithApiMiddleware allows adding an API middleware proxy to the gateway.
+func WithApiMiddleware(endpointFactory apimiddleware.EndpointFactory) Option {
+	return func(g *Gateway) error {
+		g.cfg.apiMiddlewareEndpointFactory = endpointFactory
+		return nil
+	}
+}
+
+// WithTimeout allows changing the timeout value for API calls.
+func WithTimeout(seconds uint64) Option {
+	return func(g *Gateway) error {
+		g.cfg.timeout = time.Second * time.Duration(seconds)
+		gwruntime.DefaultContextTimeout = time.Second * time.Duration(seconds)
+		return nil
+	}
+}
--- a/api/grpc/BUILD.bazel
+++ b/api/grpc/BUILD.bazel
@@ -0,0 +1,30 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "grpcutils.go",
+        "parameters.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/grpc",
+    visibility = ["//visibility:public"],
+    deps = [
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@org_golang_google_grpc//:go_default_library",
+        "@org_golang_google_grpc//metadata:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["grpcutils_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "@com_github_grpc_ecosystem_grpc_gateway_v2//runtime:go_default_library",
+        "@com_github_sirupsen_logrus//hooks/test:go_default_library",
+        "@org_golang_google_grpc//:go_default_library",
+        "@org_golang_google_grpc//metadata:go_default_library",
+    ],
+)
--- a/shared/grpcutils/grpcutils.go
+++ b/shared/grpcutils/grpcutils.go
@@ -1,7 +1,9 @@
-package grpcutils
+package grpc

 import (
 	"context"
+	"encoding/json"
+	"fmt"
 	"strings"
 	"time"

@@ -79,3 +81,16 @@ func AppendHeaders(parent context.Context, headers []string) context.Context {
 	}
 	return parent
 }
+
+// AppendCustomErrorHeader sets a CustomErrorMetadataKey gRPC header on the passed in context,
+// using the passed in error data as the header's value. The data is serialized as JSON.
+func AppendCustomErrorHeader(ctx context.Context, errorData interface{}) error {
+	j, err := json.Marshal(errorData)
+	if err != nil {
+		return fmt.Errorf("could not marshal error data into JSON: %w", err)
+	}
+	if err := grpc.SetHeader(ctx, metadata.Pairs(CustomErrorMetadataKey, string(j))); err != nil {
+		return fmt.Errorf("could not set custom error header: %w", err)
+	}
+	return nil
+}
--- a/api/grpc/grpcutils_test.go
+++ b/api/grpc/grpcutils_test.go
@@ -0,0 +1,78 @@
+package grpc
+
+import (
+	"context"
+	"encoding/json"
+	"strings"
+	"testing"
+
+	"github.com/grpc-ecosystem/grpc-gateway/v2/runtime"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	logTest "github.com/sirupsen/logrus/hooks/test"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/metadata"
+)
+
+type customErrorData struct {
+	Message string `json:"message"`
+}
+
+func TestAppendHeaders(t *testing.T) {
+	t.Run("one_header", func(t *testing.T) {
+		ctx := AppendHeaders(context.Background(), []string{"first=value1"})
+		md, ok := metadata.FromOutgoingContext(ctx)
+		require.Equal(t, true, ok, "Failed to read context metadata")
+		require.Equal(t, 1, md.Len(), "MetadataV0 contains wrong number of values")
+		assert.Equal(t, "value1", md.Get("first")[0])
+	})
+
+	t.Run("multiple_headers", func(t *testing.T) {
+		ctx := AppendHeaders(context.Background(), []string{"first=value1", "second=value2"})
+		md, ok := metadata.FromOutgoingContext(ctx)
+		require.Equal(t, true, ok, "Failed to read context metadata")
+		require.Equal(t, 2, md.Len(), "MetadataV0 contains wrong number of values")
+		assert.Equal(t, "value1", md.Get("first")[0])
+		assert.Equal(t, "value2", md.Get("second")[0])
+	})
+
+	t.Run("one_empty_header", func(t *testing.T) {
+		ctx := AppendHeaders(context.Background(), []string{"first=value1", ""})
+		md, ok := metadata.FromOutgoingContext(ctx)
+		require.Equal(t, true, ok, "Failed to read context metadata")
+		require.Equal(t, 1, md.Len(), "MetadataV0 contains wrong number of values")
+		assert.Equal(t, "value1", md.Get("first")[0])
+	})
+
+	t.Run("incorrect_header", func(t *testing.T) {
+		logHook := logTest.NewGlobal()
+		ctx := AppendHeaders(context.Background(), []string{"first=value1", "second"})
+		md, ok := metadata.FromOutgoingContext(ctx)
+		require.Equal(t, true, ok, "Failed to read context metadata")
+		require.Equal(t, 1, md.Len(), "MetadataV0 contains wrong number of values")
+		assert.Equal(t, "value1", md.Get("first")[0])
+		assert.LogsContain(t, logHook, "Skipping second")
+	})
+
+	t.Run("header_value_with_equal_sign", func(t *testing.T) {
+		ctx := AppendHeaders(context.Background(), []string{"first=value=1"})
+		md, ok := metadata.FromOutgoingContext(ctx)
+		require.Equal(t, true, ok, "Failed to read context metadata")
+		require.Equal(t, 1, md.Len(), "MetadataV0 contains wrong number of values")
+		assert.Equal(t, "value=1", md.Get("first")[0])
+	})
+}
+
+func TestAppendCustomErrorHeader(t *testing.T) {
+	stream := &runtime.ServerTransportStream{}
+	ctx := grpc.NewContextWithServerTransportStream(context.Background(), stream)
+	data := &customErrorData{Message: "foo"}
+	require.NoError(t, AppendCustomErrorHeader(ctx, data))
+	// The stream used in test setup sets the metadata key in lowercase.
+	value, ok := stream.Header()[strings.ToLower(CustomErrorMetadataKey)]
+	require.Equal(t, true, ok, "Failed to retrieve custom error metadata value")
+	expected, err := json.Marshal(data)
+	require.NoError(t, err)
+	assert.Equal(t, string(expected), value[0])
+
+}
--- a/api/grpc/parameters.go
+++ b/api/grpc/parameters.go
@@ -0,0 +1,8 @@
+package grpc
+
+// CustomErrorMetadataKey is the name of the metadata key storing additional error information.
+// Metadata value is expected to be a byte-encoded JSON object.
+const CustomErrorMetadataKey = "Custom-Error"
+
+// HttpCodeMetadataKey is the key to use when setting custom HTTP status codes in gRPC metadata.
+const HttpCodeMetadataKey = "X-Http-Code"
--- a/api/pagination/BUILD.bazel
+++ b/api/pagination/BUILD.bazel
@@ -0,0 +1,22 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["pagination.go"],
+    importpath = "github.com/prysmaticlabs/prysm/v3/api/pagination",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//config/params:go_default_library",
+        "@com_github_pkg_errors//:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["pagination_test.go"],
+    deps = [
+        ":go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+    ],
+)
--- a/shared/pagination/pagination.go
+++ b/shared/pagination/pagination.go
@@ -6,7 +6,7 @@ import (
 	"strconv"

 	"github.com/pkg/errors"
-	"github.com/prysmaticlabs/prysm/shared/params"
+	"github.com/prysmaticlabs/prysm/v3/config/params"
 )

 // StartAndEndPage takes in the requested page token, wanted page size, total page size.
--- a/shared/pagination/pagination_test.go
+++ b/shared/pagination/pagination_test.go
@@ -3,9 +3,9 @@ package pagination_test
 import (
 	"testing"

-	"github.com/prysmaticlabs/prysm/shared/pagination"
-	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
-	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	"github.com/prysmaticlabs/prysm/v3/api/pagination"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
 )

 func TestStartAndEndPage(t *testing.T) {
--- a/async/BUILD.bazel
+++ b/async/BUILD.bazel
@@ -0,0 +1,33 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "debounce.go",
+        "every.go",
+        "multilock.go",
+        "scatter.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/async",
+    visibility = ["//visibility:public"],
+    deps = ["@com_github_sirupsen_logrus//:go_default_library"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "benchmark_test.go",
+        "debounce_test.go",
+        "every_test.go",
+        "multilock_test.go",
+        "scatter_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "//testing/util:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+        "@com_github_stretchr_testify//assert:go_default_library",
+    ],
+)
--- a/async/abool/BUILD.bazel
+++ b/async/abool/BUILD.bazel
@@ -0,0 +1,14 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["abool.go"],
+    importpath = "github.com/prysmaticlabs/prysm/v3/async/abool",
+    visibility = ["//visibility:public"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = ["abool_test.go"],
+    embed = [":go_default_library"],
+)
--- a/shared/abool/abool.go
+++ b/shared/abool/abool.go
--- a/shared/abool/abool_test.go
+++ b/shared/abool/abool_test.go
--- a/async/benchmark_test.go
+++ b/async/benchmark_test.go
@@ -0,0 +1,63 @@
+package async_test
+
+import (
+	"crypto/rand"
+	"crypto/sha256"
+	"sync"
+	"testing"
+
+	"github.com/prysmaticlabs/prysm/v3/async"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	log "github.com/sirupsen/logrus"
+)
+
+var input [][]byte
+
+const (
+	benchmarkElements    = 65536
+	benchmarkElementSize = 32
+	benchmarkHashRuns    = 128
+)
+
+func init() {
+	input = make([][]byte, benchmarkElements)
+	for i := 0; i < benchmarkElements; i++ {
+		input[i] = make([]byte, benchmarkElementSize)
+		_, err := rand.Read(input[i])
+		if err != nil {
+			log.WithError(err).Debug("Cannot read from rand")
+		}
+	}
+}
+
+// hash repeatedly hashes the data passed to it
+func hash(input [][]byte) [][]byte {
+	output := make([][]byte, len(input))
+	for i := range input {
+		copy(output, input)
+		for j := 0; j < benchmarkHashRuns; j++ {
+			hash := sha256.Sum256(output[i])
+			output[i] = hash[:]
+		}
+	}
+	return output
+}
+
+func BenchmarkHash(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		hash(input)
+	}
+}
+
+func BenchmarkHashMP(b *testing.B) {
+	output := make([][]byte, len(input))
+	for i := 0; i < b.N; i++ {
+		workerResults, err := async.Scatter(len(input), func(offset int, entries int, _ *sync.RWMutex) (interface{}, error) {
+			return hash(input[offset : offset+entries]), nil
+		})
+		require.NoError(b, err)
+		for _, result := range workerResults {
+			copy(output[result.Offset:], result.Extent.([][]byte))
+		}
+	}
+}
--- a/shared/asyncutil/debounce.go
+++ b/shared/asyncutil/debounce.go
@@ -1,4 +1,4 @@
-package asyncutil
+package async

 import (
 	"context"
--- a/async/debounce_test.go
+++ b/async/debounce_test.go
@@ -0,0 +1,117 @@
+package async_test
+
+import (
+	"context"
+	"sync"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/prysmaticlabs/prysm/v3/async"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	"github.com/prysmaticlabs/prysm/v3/testing/util"
+)
+
+func TestDebounce_NoEvents(t *testing.T) {
+	eventsChan := make(chan interface{}, 100)
+	ctx, cancel := context.WithCancel(context.Background())
+	interval := time.Second
+	timesHandled := int32(0)
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	go func() {
+		time.AfterFunc(interval, func() {
+			cancel()
+		})
+	}()
+	go func() {
+		async.Debounce(ctx, interval, eventsChan, func(event interface{}) {
+			atomic.AddInt32(&timesHandled, 1)
+		})
+		wg.Done()
+	}()
+	if util.WaitTimeout(wg, interval*2) {
+		t.Fatalf("Test should have exited by now, timed out")
+	}
+	assert.Equal(t, int32(0), atomic.LoadInt32(&timesHandled), "Wrong number of handled calls")
+}
+
+func TestDebounce_CtxClosing(t *testing.T) {
+	eventsChan := make(chan interface{}, 100)
+	ctx, cancel := context.WithCancel(context.Background())
+	interval := time.Second
+	timesHandled := int32(0)
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	go func() {
+		ticker := time.NewTicker(time.Millisecond * 100)
+		defer ticker.Stop()
+		for {
+			select {
+			case <-ctx.Done():
+				return
+			case <-ticker.C:
+				eventsChan <- struct{}{}
+			}
+		}
+	}()
+	go func() {
+		time.AfterFunc(interval, func() {
+			cancel()
+		})
+	}()
+	go func() {
+		async.Debounce(ctx, interval, eventsChan, func(event interface{}) {
+			atomic.AddInt32(&timesHandled, 1)
+		})
+		wg.Done()
+	}()
+	if util.WaitTimeout(wg, interval*2) {
+		t.Fatalf("Test should have exited by now, timed out")
+	}
+	assert.Equal(t, int32(0), atomic.LoadInt32(&timesHandled), "Wrong number of handled calls")
+}
+
+func TestDebounce_SingleHandlerInvocation(t *testing.T) {
+	eventsChan := make(chan interface{}, 100)
+	ctx, cancel := context.WithCancel(context.Background())
+	interval := time.Second
+	timesHandled := int32(0)
+	go async.Debounce(ctx, interval, eventsChan, func(event interface{}) {
+		atomic.AddInt32(&timesHandled, 1)
+	})
+	for i := 0; i < 100; i++ {
+		eventsChan <- struct{}{}
+	}
+	// We should expect 100 rapid fire changes to only have caused
+	// 1 handler to trigger after the debouncing period.
+	time.Sleep(interval * 2)
+	assert.Equal(t, int32(1), atomic.LoadInt32(&timesHandled), "Wrong number of handled calls")
+	cancel()
+}
+
+func TestDebounce_MultipleHandlerInvocation(t *testing.T) {
+	eventsChan := make(chan interface{}, 100)
+	ctx, cancel := context.WithCancel(context.Background())
+	interval := time.Second
+	timesHandled := int32(0)
+	go async.Debounce(ctx, interval, eventsChan, func(event interface{}) {
+		atomic.AddInt32(&timesHandled, 1)
+	})
+	for i := 0; i < 100; i++ {
+		eventsChan <- struct{}{}
+	}
+	require.Equal(t, int32(0), atomic.LoadInt32(&timesHandled), "Events must prevent from handler execution")
+
+	// By this time the first event should be triggered.
+	time.Sleep(2 * time.Second)
+	assert.Equal(t, int32(1), atomic.LoadInt32(&timesHandled), "Wrong number of handled calls")
+
+	// Second event.
+	eventsChan <- struct{}{}
+	time.Sleep(2 * time.Second)
+	assert.Equal(t, int32(2), atomic.LoadInt32(&timesHandled), "Wrong number of handled calls")
+
+	cancel()
+}
--- a/async/event/BUILD.bazel
+++ b/async/event/BUILD.bazel
@@ -0,0 +1,29 @@
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "feed.go",
+        "subscription.go",
+    ],
+    importpath = "github.com/prysmaticlabs/prysm/v3/async/event",
+    visibility = ["//visibility:public"],
+    deps = ["//time/mclock:go_default_library"],
+)
+
+go_test(
+    name = "go_default_test",
+    size = "small",
+    srcs = [
+        "example_feed_test.go",
+        "example_scope_test.go",
+        "example_subscription_test.go",
+        "feed_test.go",
+        "subscription_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+    ],
+)
--- a/shared/event/example_feed_test.go
+++ b/shared/event/example_feed_test.go
@@ -19,7 +19,7 @@ package event_test
 import (
 	"fmt"

-	"github.com/prysmaticlabs/prysm/shared/event"
+	"github.com/prysmaticlabs/prysm/v3/async/event"
 )

 func ExampleFeed_acknowledgedEvents() {
--- a/shared/event/example_scope_test.go
+++ b/shared/event/example_scope_test.go
@@ -20,7 +20,7 @@ import (
 	"fmt"
 	"sync"

-	"github.com/prysmaticlabs/prysm/shared/event"
+	"github.com/prysmaticlabs/prysm/v3/async/event"
 )

 // This example demonstrates how SubscriptionScope can be used to control the lifetime of
--- a/shared/event/example_subscription_test.go
+++ b/shared/event/example_subscription_test.go
@@ -19,7 +19,7 @@ package event_test
 import (
 	"fmt"

-	"github.com/prysmaticlabs/prysm/shared/event"
+	"github.com/prysmaticlabs/prysm/v3/async/event"
 )

 func ExampleNewSubscription() {
--- a/shared/event/feed.go
+++ b/shared/event/feed.go
@@ -98,6 +98,11 @@ func (f *Feed) typecheck(typ reflect.Type) bool {
 		f.etype = typ
 		return true
 	}
+	// In the event the feed's type is an actual interface, we
+	// perform an interface conformance check here.
+	if f.etype.Kind() == reflect.Interface && typ.Implements(f.etype) {
+		return true
+	}
 	return f.etype == typ
 }

@@ -196,6 +201,7 @@ type feedSub struct {
 	err     chan error
 }

+// Unsubscribe remove feed subscription.
 func (sub *feedSub) Unsubscribe() {
 	sub.errOnce.Do(func() {
 		sub.feed.remove(sub)
@@ -203,6 +209,7 @@ func (sub *feedSub) Unsubscribe() {
 	})
 }

+// Err returns error channel.
 func (sub *feedSub) Err() <-chan error {
 	return sub.err
 }
--- a/async/event/feed_test.go
+++ b/async/event/feed_test.go
@@ -0,0 +1,507 @@
+// Copyright 2016 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package event
+
+import (
+	"fmt"
+	"reflect"
+	"sync"
+	"testing"
+	"time"
+
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+)
+
+func TestFeedPanics(t *testing.T) {
+	{
+		var f Feed
+		f.Send(2)
+		want := feedTypeError{op: "Send", got: reflect.TypeOf(uint64(0)), want: reflect.TypeOf(0)}
+		assert.NoError(t, checkPanic(want, func() { f.Send(uint64(2)) }))
+	}
+	{
+		var f Feed
+		ch := make(chan int)
+		f.Subscribe(ch)
+		want := feedTypeError{op: "Send", got: reflect.TypeOf(uint64(0)), want: reflect.TypeOf(0)}
+		assert.NoError(t, checkPanic(want, func() { f.Send(uint64(2)) }))
+	}
+	{
+		var f Feed
+		f.Send(2)
+		want := feedTypeError{op: "Subscribe", got: reflect.TypeOf(make(chan uint64)), want: reflect.TypeOf(make(chan<- int))}
+		assert.NoError(t, checkPanic(want, func() { f.Subscribe(make(chan uint64)) }))
+	}
+	{
+		var f Feed
+		assert.NoError(t, checkPanic(errBadChannel, func() { f.Subscribe(make(<-chan int)) }))
+	}
+	{
+		var f Feed
+		assert.NoError(t, checkPanic(errBadChannel, func() { f.Subscribe(0) }))
+	}
+}
+
+func checkPanic(want error, fn func()) (err error) {
+	defer func() {
+		panicResult := recover()
+		if panicResult == nil {
+			err = fmt.Errorf("didn't panic")
+		} else if !reflect.DeepEqual(panicResult, want) {
+			err = fmt.Errorf("panicked with wrong error: got %q, want %q", panicResult, want)
+		}
+	}()
+	fn()
+	return nil
+}
+
+func TestFeed(t *testing.T) {
+	var feed Feed
+	var done, subscribed sync.WaitGroup
+	subscriber := func(i int) {
+		defer done.Done()
+
+		subchan := make(chan int)
+		sub := feed.Subscribe(subchan)
+		timeout := time.NewTimer(2 * time.Second)
+		subscribed.Done()
+
+		select {
+		case v := <-subchan:
+			if v != 1 {
+				t.Errorf("%d: received value %d, want 1", i, v)
+			}
+		case <-timeout.C:
+			t.Errorf("%d: receive timeout", i)
+		}
+
+		sub.Unsubscribe()
+		select {
+		case _, ok := <-sub.Err():
+			if ok {
+				t.Errorf("%d: error channel not closed after unsubscribe", i)
+			}
+		case <-timeout.C:
+			t.Errorf("%d: unsubscribe timeout", i)
+		}
+	}
+
+	const n = 1000
+	done.Add(n)
+	subscribed.Add(n)
+	for i := 0; i < n; i++ {
+		go subscriber(i)
+	}
+	subscribed.Wait()
+	if nsent := feed.Send(1); nsent != n {
+		t.Errorf("first send delivered %d times, want %d", nsent, n)
+	}
+	if nsent := feed.Send(2); nsent != 0 {
+		t.Errorf("second send delivered %d times, want 0", nsent)
+	}
+	done.Wait()
+}
+
+func TestFeedSubscribeSameChannel(t *testing.T) {
+	var (
+		feed Feed
+		done sync.WaitGroup
+		ch   = make(chan int)
+		sub1 = feed.Subscribe(ch)
+		sub2 = feed.Subscribe(ch)
+		_    = feed.Subscribe(ch)
+	)
+	expectSends := func(value, n int) {
+		if nsent := feed.Send(value); nsent != n {
+			t.Errorf("send delivered %d times, want %d", nsent, n)
+		}
+		done.Done()
+	}
+	expectRecv := func(wantValue, n int) {
+		for i := 0; i < n; i++ {
+			if v := <-ch; v != wantValue {
+				t.Errorf("received %d, want %d", v, wantValue)
+			}
+		}
+	}
+
+	done.Add(1)
+	go expectSends(1, 3)
+	expectRecv(1, 3)
+	done.Wait()
+
+	sub1.Unsubscribe()
+
+	done.Add(1)
+	go expectSends(2, 2)
+	expectRecv(2, 2)
+	done.Wait()
+
+	sub2.Unsubscribe()
+
+	done.Add(1)
+	go expectSends(3, 1)
+	expectRecv(3, 1)
+	done.Wait()
+}
+
+func TestFeedSubscribeBlockedPost(_ *testing.T) {
+	var (
+		feed   Feed
+		nsends = 2000
+		ch1    = make(chan int)
+		ch2    = make(chan int)
+		wg     sync.WaitGroup
+	)
+	defer wg.Wait()
+
+	feed.Subscribe(ch1)
+	wg.Add(nsends)
+	for i := 0; i < nsends; i++ {
+		go func() {
+			feed.Send(99)
+			wg.Done()
+		}()
+	}
+
+	sub2 := feed.Subscribe(ch2)
+	defer sub2.Unsubscribe()
+
+	// We're done when ch1 has received N times.
+	// The number of receives on ch2 depends on scheduling.
+	for i := 0; i < nsends; {
+		select {
+		case <-ch1:
+			i++
+		case <-ch2:
+		}
+	}
+}
+
+func TestFeedUnsubscribeBlockedPost(_ *testing.T) {
+	var (
+		feed   Feed
+		nsends = 200
+		chans  = make([]chan int, 2000)
+		subs   = make([]Subscription, len(chans))
+		bchan  = make(chan int)
+		bsub   = feed.Subscribe(bchan)
+		wg     sync.WaitGroup
+	)
+	for i := range chans {
+		chans[i] = make(chan int, nsends)
+	}
+
+	// Queue up some Sends. None of these can make progress while bchan isn't read.
+	wg.Add(nsends)
+	for i := 0; i < nsends; i++ {
+		go func() {
+			feed.Send(99)
+			wg.Done()
+		}()
+	}
+	// Subscribe the other channels.
+	for i, ch := range chans {
+		subs[i] = feed.Subscribe(ch)
+	}
+	// Unsubscribe them again.
+	for _, sub := range subs {
+		sub.Unsubscribe()
+	}
+	// Unblock the Sends.
+	bsub.Unsubscribe()
+	wg.Wait()
+}
+
+// Checks that unsubscribing a channel during Send works even if that
+// channel has already been sent on.
+func TestFeedUnsubscribeSentChan(_ *testing.T) {
+	var (
+		feed Feed
+		ch1  = make(chan int)
+		ch2  = make(chan int)
+		sub1 = feed.Subscribe(ch1)
+		sub2 = feed.Subscribe(ch2)
+		wg   sync.WaitGroup
+	)
+	defer sub2.Unsubscribe()
+
+	wg.Add(1)
+	go func() {
+		feed.Send(0)
+		wg.Done()
+	}()
+
+	// Wait for the value on ch1.
+	<-ch1
+	// Unsubscribe ch1, removing it from the send cases.
+	sub1.Unsubscribe()
+
+	// Receive ch2, finishing Send.
+	<-ch2
+	wg.Wait()
+
+	// Send again. This should send to ch2 only, so the wait group will unblock
+	// as soon as a value is received on ch2.
+	wg.Add(1)
+	go func() {
+		feed.Send(0)
+		wg.Done()
+	}()
+	<-ch2
+	wg.Wait()
+}
+
+func TestFeedUnsubscribeFromInbox(t *testing.T) {
+	var (
+		feed Feed
+		ch1  = make(chan int)
+		ch2  = make(chan int)
+		sub1 = feed.Subscribe(ch1)
+		sub2 = feed.Subscribe(ch1)
+		sub3 = feed.Subscribe(ch2)
+	)
+	assert.Equal(t, 3, len(feed.inbox))
+	assert.Equal(t, 1, len(feed.sendCases), "sendCases is non-empty after unsubscribe")
+
+	sub1.Unsubscribe()
+	sub2.Unsubscribe()
+	sub3.Unsubscribe()
+	assert.Equal(t, 0, len(feed.inbox), "Inbox is non-empty after unsubscribe")
+	assert.Equal(t, 1, len(feed.sendCases), "sendCases is non-empty after unsubscribe")
+}
+
+func BenchmarkFeedSend1000(b *testing.B) {
+	var (
+		done  sync.WaitGroup
+		feed  Feed
+		nsubs = 1000
+	)
+	subscriber := func(ch <-chan int) {
+		for i := 0; i < b.N; i++ {
+			<-ch
+		}
+		done.Done()
+	}
+	done.Add(nsubs)
+	for i := 0; i < nsubs; i++ {
+		ch := make(chan int, 200)
+		feed.Subscribe(ch)
+		go subscriber(ch)
+	}
+
+	// The actual benchmark.
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		if feed.Send(i) != nsubs {
+			panic("wrong number of sends")
+		}
+	}
+
+	b.StopTimer()
+	done.Wait()
+}
+
+func TestFeed_Send(t *testing.T) {
+	tests := []struct {
+		name        string
+		evFeed      *Feed
+		testSetup   func(fd *Feed, t *testing.T, o interface{})
+		obj         interface{}
+		expectPanic bool
+	}{
+		{
+			name:   "normal struct",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeedWithPointer, 1)
+				fd.Subscribe(testChan)
+			},
+			obj: testFeedWithPointer{
+				a: new(uint64),
+				b: new(string),
+			},
+			expectPanic: false,
+		},
+		{
+			name:   "un-implemented interface",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeedIface, 1)
+				fd.Subscribe(testChan)
+			},
+			obj: testFeedWithPointer{
+				a: new(uint64),
+				b: new(string),
+			},
+			expectPanic: true,
+		},
+		{
+			name:   "semi-implemented interface",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeedIface, 1)
+				fd.Subscribe(testChan)
+			},
+			obj: testFeed2{
+				a: 0,
+				b: "",
+				c: []byte{'A'},
+			},
+			expectPanic: true,
+		},
+		{
+			name:   "fully-implemented interface",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeedIface)
+				// Make it unbuffered to allow message to
+				// pass through
+				go func() {
+					a := <-testChan
+					if !reflect.DeepEqual(a, o) {
+						t.Errorf("Got = %v, want = %v", a, o)
+					}
+				}()
+				fd.Subscribe(testChan)
+			},
+			obj: testFeed{
+				a: 0,
+				b: "",
+			},
+			expectPanic: false,
+		},
+		{
+			name:   "fully-implemented interface with additional methods",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeedIface)
+				// Make it unbuffered to allow message to
+				// pass through
+				go func() {
+					a := <-testChan
+					if !reflect.DeepEqual(a, o) {
+						t.Errorf("Got = %v, want = %v", a, o)
+					}
+				}()
+				fd.Subscribe(testChan)
+			},
+			obj: testFeed3{
+				a: 0,
+				b: "",
+				c: []byte{'A'},
+				d: []byte{'B'},
+			},
+			expectPanic: false,
+		},
+		{
+			name:   "concrete types implementing the same interface",
+			evFeed: new(Feed),
+			testSetup: func(fd *Feed, t *testing.T, o interface{}) {
+				testChan := make(chan testFeed, 1)
+				// Make it unbuffered to allow message to
+				// pass through
+				go func() {
+					a := <-testChan
+					if !reflect.DeepEqual(a, o) {
+						t.Errorf("Got = %v, want = %v", a, o)
+					}
+				}()
+				fd.Subscribe(testChan)
+			},
+			obj: testFeed3{
+				a: 0,
+				b: "",
+				c: []byte{'A'},
+				d: []byte{'B'},
+			},
+			expectPanic: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			defer func() {
+				if r := recover(); r != nil {
+					if !tt.expectPanic {
+						t.Errorf("panic triggered when unexpected: %v", r)
+					}
+				} else {
+					if tt.expectPanic {
+						t.Error("panic not triggered when expected")
+					}
+				}
+			}()
+			tt.testSetup(tt.evFeed, t, tt.obj)
+			if gotNsent := tt.evFeed.Send(tt.obj); gotNsent != 1 {
+				t.Errorf("Send() = %v, want %v", gotNsent, 1)
+			}
+		})
+	}
+}
+
+// The following objects below are a collection of different
+// struct types to test with.
+type testFeed struct {
+	a uint64
+	b string
+}
+
+func (testFeed) method1() {
+
+}
+
+func (testFeed) method2() {
+
+}
+
+type testFeedWithPointer struct {
+	a *uint64
+	b *string
+}
+
+type testFeed2 struct {
+	a uint64
+	b string
+	c []byte
+}
+
+func (testFeed2) method1() {
+
+}
+
+type testFeed3 struct {
+	a    uint64
+	b    string
+	c, d []byte
+}
+
+func (testFeed3) method1() {
+
+}
+
+func (testFeed3) method2() {
+
+}
+
+func (testFeed3) method3() {
+
+}
+
+type testFeedIface interface {
+	method1()
+	method2()
+}
--- a/shared/event/subscription.go
+++ b/shared/event/subscription.go
@@ -21,7 +21,7 @@ import (
 	"sync"
 	"time"

-	"github.com/prysmaticlabs/prysm/shared/mclockutil"
+	"github.com/prysmaticlabs/prysm/v3/time/mclock"
 )

 // waitQuotient is divided against the max backoff time, in order to have N requests based on the full
@@ -74,6 +74,7 @@ type funcSub struct {
 	unsubscribed bool
 }

+// Unsubscribe unsubscribes from subscription.
 func (s *funcSub) Unsubscribe() {
 	s.mu.Lock()
 	if s.unsubscribed {
@@ -87,6 +88,7 @@ func (s *funcSub) Unsubscribe() {
 	<-s.err
 }

+// Err exposes error channel.
 func (s *funcSub) Err() <-chan error {
 	return s.err
 }
@@ -118,10 +120,11 @@ type resubscribeSub struct {
 	err                  chan error
 	unsub                chan struct{}
 	unsubOnce            sync.Once
-	lastTry              mclockutil.AbsTime
+	lastTry              mclock.AbsTime
 	waitTime, backoffMax time.Duration
 }

+// Unsubscribe unsubscribes from subscription.
 func (s *resubscribeSub) Unsubscribe() {
 	s.unsubOnce.Do(func() {
 		s.unsub <- struct{}{}
@@ -129,6 +132,7 @@ func (s *resubscribeSub) Unsubscribe() {
 	})
 }

+// Err exposes error channel.
 func (s *resubscribeSub) Err() <-chan error {
 	return s.err
 }
@@ -147,11 +151,11 @@ func (s *resubscribeSub) loop() {
 }

 func (s *resubscribeSub) subscribe() Subscription {
-	subscribed := make(chan error)
+	subscribed := make(chan error, 1)
 	var sub Subscription
 retry:
 	for {
-		s.lastTry = mclockutil.Now()
+		s.lastTry = mclock.Now()
 		ctx, cancel := context.WithCancel(context.TODO())
 		go func() {
 			rsub, err := s.fn(ctx)
@@ -190,7 +194,7 @@ func (s *resubscribeSub) waitForError(sub Subscription) bool {
 }

 func (s *resubscribeSub) backoffWait() bool {
-	if time.Duration(mclockutil.Now()-s.lastTry) > s.backoffMax {
+	if time.Duration(mclock.Now()-s.lastTry) > s.backoffMax {
 		s.waitTime = s.backoffMax / waitQuotient
 	} else {
 		s.waitTime *= 2
@@ -267,6 +271,7 @@ func (sc *SubscriptionScope) Count() int {
 	return len(sc.subs)
 }

+// Unsubscribe unsubscribes from subscription.
 func (s *scopeSub) Unsubscribe() {
 	s.s.Unsubscribe()
 	s.sc.mu.Lock()
@@ -274,6 +279,7 @@ func (s *scopeSub) Unsubscribe() {
 	delete(s.sc.subs, s)
 }

+// Err exposes error channel.
 func (s *scopeSub) Err() <-chan error {
 	return s.s.Err()
 }
--- a/shared/event/subscription_test.go
+++ b/shared/event/subscription_test.go
@@ -19,10 +19,11 @@ package event
 import (
 	"context"
 	"errors"
+	"runtime"
 	"testing"
 	"time"

-	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
 )

 var errInts = errors.New("error in subscribeInts")
@@ -108,3 +109,18 @@ func TestResubscribeAbort(t *testing.T) {
 	sub.Unsubscribe()
 	require.NoError(t, <-done)
 }
+
+func TestResubscribeNonBlocking(t *testing.T) {
+	done := make(chan struct{})
+	sub := Resubscribe(0, func(ctx context.Context) (Subscription, error) {
+		<-done
+		return nil, nil
+	})
+
+	resub, ok := sub.(*resubscribeSub)
+	require.Equal(t, true, ok)
+	currNum := runtime.NumGoroutine()
+	resub.unsub <- struct{}{}
+	done <- struct{}{}
+	require.Equal(t, currNum-1, runtime.NumGoroutine())
+}
--- a/shared/runutil/every.go
+++ b/shared/runutil/every.go
@@ -1,5 +1,5 @@
-// Package runutil includes helpers for scheduling runnable, periodic functions.
-package runutil
+// Package async includes helpers for scheduling runnable, periodic functions and contains useful helpers for converting multi-processor computation.
+package async

 import (
 	"context"
--- a/async/every_test.go
+++ b/async/every_test.go
@@ -0,0 +1,40 @@
+package async_test
+
+import (
+	"context"
+	"sync/atomic"
+	"testing"
+	"time"
+
+	"github.com/prysmaticlabs/prysm/v3/async"
+)
+
+func TestEveryRuns(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+
+	i := int32(0)
+	async.RunEvery(ctx, 100*time.Millisecond, func() {
+		atomic.AddInt32(&i, 1)
+	})
+
+	// Sleep for a bit and ensure the value has increased.
+	time.Sleep(200 * time.Millisecond)
+
+	if atomic.LoadInt32(&i) == 0 {
+		t.Error("Counter failed to increment with ticker")
+	}
+
+	cancel()
+
+	// Sleep for a bit to let the cancel take place.
+	time.Sleep(100 * time.Millisecond)
+
+	last := atomic.LoadInt32(&i)
+
+	// Sleep for a bit and ensure the value has not increased.
+	time.Sleep(200 * time.Millisecond)
+
+	if atomic.LoadInt32(&i) != last {
+		t.Error("Counter incremented after stop")
+	}
+}
--- a/shared/mputil/multilock.go
+++ b/shared/mputil/multilock.go
@@ -3,14 +3,16 @@ Copyright 2017 Albert Tedja
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
-package mputil
+package async

 import (
 	"runtime"
@@ -49,7 +51,7 @@ func (lk *Lock) Lock() {
 	lk.unlock <- 1
 }

-// Unlocks this lock. Must be called after Lock.
+// Unlock unlocks this lock. Must be called after Lock.
 // Can only be invoked if there is a previous call to Lock.
 func (lk *Lock) Unlock() {
 	<-lk.unlock
@@ -65,14 +67,14 @@ func (lk *Lock) Unlock() {
 	<-lk.lock
 }

-// Temporarily unlocks, gives up the cpu time to other goroutine, and attempts to lock again.
+// Yield temporarily unlocks, gives up the cpu time to other goroutine, and attempts to lock again.
 func (lk *Lock) Yield() {
 	lk.Unlock()
 	runtime.Gosched()
 	lk.Lock()
 }

-// Creates a new multilock for the specified keys
+// NewMultilock creates a new multilock for the specified keys
 func NewMultilock(locks ...string) *Lock {
 	if len(locks) == 0 {
 		return nil
@@ -87,7 +89,7 @@ func NewMultilock(locks ...string) *Lock {
 	}
 }

-// Cleans old unused locks. Returns removed keys.
+// Clean cleans old unused locks. Returns removed keys.
 func Clean() []string {
 	locks.lock <- 1
 	defer func() { <-locks.lock }()
--- a/shared/mputil/multilock_test.go
+++ b/shared/mputil/multilock_test.go
@@ -3,14 +3,16 @@ Copyright 2017 Albert Tedja
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
-package mputil
+package async

 import (
 	"sync"
@@ -22,22 +24,22 @@ import (

 func TestUnique(t *testing.T) {
 	var arr []string
-	assert := assert.New(t)
+	a := assert.New(t)

 	arr = []string{"a", "b", "c"}
-	assert.Equal(arr, unique(arr))
+	a.Equal(arr, unique(arr))

 	arr = []string{"a", "a", "a"}
-	assert.Equal([]string{"a"}, unique(arr))
+	a.Equal([]string{"a"}, unique(arr))

 	arr = []string{"a", "a", "b"}
-	assert.Equal([]string{"a", "b"}, unique(arr))
+	a.Equal([]string{"a", "b"}, unique(arr))

 	arr = []string{"a", "b", "a"}
-	assert.Equal([]string{"a", "b"}, unique(arr))
+	a.Equal([]string{"a", "b"}, unique(arr))

 	arr = []string{"a", "b", "c", "b", "d"}
-	assert.Equal([]string{"a", "b", "c", "d"}, unique(arr))
+	a.Equal([]string{"a", "b", "c", "d"}, unique(arr))
 }

 func TestGetChan(t *testing.T) {
@@ -45,12 +47,12 @@ func TestGetChan(t *testing.T) {
 	ch2 := getChan("aa")
 	ch3 := getChan("a")

-	assert := assert.New(t)
-	assert.NotEqual(ch1, ch2)
-	assert.Equal(ch1, ch3)
+	a := assert.New(t)
+	a.NotEqual(ch1, ch2)
+	a.Equal(ch1, ch3)
 }

-func TestLockUnlock(t *testing.T) {
+func TestLockUnlock(_ *testing.T) {
 	var wg sync.WaitGroup

 	wg.Add(5)
@@ -110,9 +112,8 @@ func TestLockUnlock_CleansUnused(t *testing.T) {
 		lock := NewMultilock("dog", "cat", "owl")
 		lock.Lock()
 		assert.Equal(t, 3, len(locks.list))
-		defer lock.Unlock()
+		lock.Unlock()

-		<-time.After(100 * time.Millisecond)
 		wg.Done()
 	}()
 	wg.Wait()
--- a/shared/mputil/scatter.go
+++ b/shared/mputil/scatter.go
@@ -1,6 +1,4 @@
-// Package mputil contains useful helpers for converting
-// multi-processor computation.
-package mputil
+package async

 import (
 	"errors"
--- a/shared/mputil/scatter_test.go
+++ b/shared/mputil/scatter_test.go
@@ -1,13 +1,13 @@
-package mputil_test
+package async_test

 import (
 	"errors"
 	"sync"
 	"testing"

-	"github.com/prysmaticlabs/prysm/shared/mputil"
-	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
-	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	"github.com/prysmaticlabs/prysm/v3/async"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
 )

 func TestDouble(t *testing.T) {
@@ -46,7 +46,7 @@ func TestDouble(t *testing.T) {
 				inValues[i] = i
 			}
 			outValues := make([]int, test.inValues)
-			workerResults, err := mputil.Scatter(len(inValues), func(offset int, entries int, _ *sync.RWMutex) (interface{}, error) {
+			workerResults, err := async.Scatter(len(inValues), func(offset int, entries int, _ *sync.RWMutex) (interface{}, error) {
 				extent := make([]int, entries)
 				for i := 0; i < entries; i++ {
 					extent[i] = inValues[offset+i] * 2
@@ -72,7 +72,7 @@ func TestDouble(t *testing.T) {
 func TestMutex(t *testing.T) {
 	totalRuns := 1048576
 	val := 0
-	_, err := mputil.Scatter(totalRuns, func(offset int, entries int, mu *sync.RWMutex) (interface{}, error) {
+	_, err := async.Scatter(totalRuns, func(offset int, entries int, mu *sync.RWMutex) (interface{}, error) {
 		for i := 0; i < entries; i++ {
 			mu.Lock()
 			val++
@@ -90,7 +90,7 @@ func TestMutex(t *testing.T) {
 func TestError(t *testing.T) {
 	totalRuns := 1024
 	val := 0
-	_, err := mputil.Scatter(totalRuns, func(offset int, entries int, mu *sync.RWMutex) (interface{}, error) {
+	_, err := async.Scatter(totalRuns, func(offset int, entries int, mu *sync.RWMutex) (interface{}, error) {
 		for i := 0; i < entries; i++ {
 			mu.Lock()
 			val++
--- a/bazel.sh
+++ b/bazel.sh
@@ -6,6 +6,6 @@

 env -i \
 PATH=/usr/bin:/bin \
- HOME=$HOME \
- GOOGLE_APPLICATION_CREDENTIALS=$GOOGLE_APPLICATION_CREDENTIALS \
+ HOME="$HOME" \
+ GOOGLE_APPLICATION_CREDENTIALS="$GOOGLE_APPLICATION_CREDENTIALS" \
 bazel "$@"
--- a/beacon-chain/README.md
+++ b/beacon-chain/README.md
@@ -1,9 +1,9 @@
 # Prysmatic Labs Beacon Chain Implementation

-This is the main project folder for the beacon chain implementation of eth2 written in Go by [Prysmatic Labs](https://prysmaticlabs.com).
+This is the main project folder for the beacon chain implementation of Ethereum written in Go by [Prysmatic Labs](https://prysmaticlabs.com).

 You can also read our main [README](https://github.com/prysmaticlabs/prysm/blob/master/README.md) and join our active chat room on Discord.

 [![Discord](https://user-images.githubusercontent.com/7288322/34471967-1df7808a-efbb-11e7-9088-ed0b04151291.png)](https://discord.gg/CTYGPUJ)

-Also, read the official beacon chain [specification](https://github.com/ethereum/eth2.0-specs/blob/master/specs/phase0/beacon-chain.md), this design spec serves as a source of truth for the beacon chain implementation we follow at Prysmatic Labs.
+Also, read the official beacon chain [specification](https://github.com/ethereum/consensus-specs/blob/master/specs/phase0/beacon-chain.md), this design spec serves as a source of truth for the beacon chain implementation we follow at Prysmatic Labs.
--- a/beacon-chain/blockchain/BUILD.bazel
+++ b/beacon-chain/blockchain/BUILD.bazel
@@ -1,15 +1,20 @@
-load("@prysm//tools/go:def.bzl", "go_library")
-load("@io_bazel_rules_go//go:def.bzl", "go_test")
+load("@prysm//tools/go:def.bzl", "go_library", "go_test")

 go_library(
    name = "go_default_library",
    srcs = [
        "chain_info.go",
+        "error.go",
+        "execution_engine.go",
+        "forkchoice_update_execution.go",
        "head.go",
-        "info.go",
+        "head_sync_committee_info.go",
        "init_sync_process_block.go",
        "log.go",
+        "merge_ascii_art.go",
        "metrics.go",
+        "options.go",
+        "pow_block.go",
        "process_attestation.go",
        "process_attestation_helpers.go",
        "process_block.go",
@@ -19,49 +24,65 @@ go_library(
        "service.go",
        "weak_subjectivity_checks.go",
    ],
-    importpath = "github.com/prysmaticlabs/prysm/beacon-chain/blockchain",
+    importpath = "github.com/prysmaticlabs/prysm/v3/beacon-chain/blockchain",
    visibility = [
        "//beacon-chain:__subpackages__",
-        "//fuzz:__pkg__",
+        "//cmd/beacon-chain:__subpackages__",
+        "//testing/slasher/simulator:__pkg__",
+        "//testing/spectest:__subpackages__",
    ],
    deps = [
+        "//async:go_default_library",
+        "//async/event:go_default_library",
        "//beacon-chain/cache:go_default_library",
        "//beacon-chain/cache/depositcache:go_default_library",
+        "//beacon-chain/core/altair:go_default_library",
        "//beacon-chain/core/blocks:go_default_library",
        "//beacon-chain/core/epoch/precompute:go_default_library",
        "//beacon-chain/core/feed:go_default_library",
        "//beacon-chain/core/feed/state:go_default_library",
        "//beacon-chain/core/helpers:go_default_library",
-        "//beacon-chain/core/state:go_default_library",
+        "//beacon-chain/core/signing:go_default_library",
+        "//beacon-chain/core/time:go_default_library",
+        "//beacon-chain/core/transition:go_default_library",
        "//beacon-chain/db:go_default_library",
        "//beacon-chain/db/filters:go_default_library",
+        "//beacon-chain/db/kv:go_default_library",
+        "//beacon-chain/execution:go_default_library",
        "//beacon-chain/forkchoice:go_default_library",
-        "//beacon-chain/forkchoice/protoarray:go_default_library",
+        "//beacon-chain/forkchoice/doubly-linked-tree:go_default_library",
+        "//beacon-chain/forkchoice/types:go_default_library",
        "//beacon-chain/operations/attestations:go_default_library",
+        "//beacon-chain/operations/blstoexec:go_default_library",
        "//beacon-chain/operations/slashings:go_default_library",
        "//beacon-chain/operations/voluntaryexits:go_default_library",
        "//beacon-chain/p2p:go_default_library",
-        "//beacon-chain/powchain:go_default_library",
        "//beacon-chain/state:go_default_library",
-        "//beacon-chain/state/interface:go_default_library",
        "//beacon-chain/state/stategen:go_default_library",
-        "//cmd/beacon-chain/flags:go_default_library",
-        "//proto/beacon/p2p/v1:go_default_library",
-        "//shared/attestationutil:go_default_library",
-        "//shared/bls:go_default_library",
-        "//shared/bytesutil:go_default_library",
-        "//shared/featureconfig:go_default_library",
-        "//shared/mputil:go_default_library",
-        "//shared/params:go_default_library",
-        "//shared/slotutil:go_default_library",
-        "//shared/timeutils:go_default_library",
-        "//shared/traceutil:go_default_library",
-        "@com_github_emicklei_dot//:go_default_library",
+        "//config/features:go_default_library",
+        "//config/fieldparams:go_default_library",
+        "//config/params:go_default_library",
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/interfaces:go_default_library",
+        "//consensus-types/payload-attribute:go_default_library",
+        "//consensus-types/primitives:go_default_library",
+        "//crypto/bls:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//math:go_default_library",
+        "//monitoring/tracing:go_default_library",
+        "//proto/engine/v1:go_default_library",
+        "//proto/eth/v1:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//proto/prysm/v1alpha1/attestation:go_default_library",
+        "//runtime/version:go_default_library",
+        "//time:go_default_library",
+        "//time/slots:go_default_library",
+        "@com_github_ethereum_go_ethereum//common:go_default_library",
+        "@com_github_ethereum_go_ethereum//common/hexutil:go_default_library",
+        "@com_github_holiman_uint256//:go_default_library",
        "@com_github_pkg_errors//:go_default_library",
        "@com_github_prometheus_client_golang//prometheus:go_default_library",
        "@com_github_prometheus_client_golang//prometheus/promauto:go_default_library",
-        "@com_github_prysmaticlabs_eth2_types//:go_default_library",
-        "@com_github_prysmaticlabs_ethereumapis//eth/v1alpha1:go_default_library",
        "@com_github_sirupsen_logrus//:go_default_library",
        "@io_opencensus_go//trace:go_default_library",
    ],
@@ -82,9 +103,15 @@ go_test(
        "blockchain_test.go",
        "chain_info_test.go",
        "checktags_test.go",
+        "execution_engine_test.go",
+        "forkchoice_update_execution_test.go",
+        "head_sync_committee_info_test.go",
        "head_test.go",
-        "info_test.go",
+        "init_test.go",
+        "log_test.go",
        "metrics_test.go",
+        "mock_test.go",
+        "pow_block_test.go",
        "process_attestation_test.go",
        "process_block_test.go",
        "receive_attestation_test.go",
@@ -95,32 +122,37 @@ go_test(
    embed = [":go_default_library"],
    gotags = ["develop"],
    deps = [
+        "//async/event:go_default_library",
        "//beacon-chain/blockchain/testing:go_default_library",
        "//beacon-chain/cache/depositcache:go_default_library",
        "//beacon-chain/core/blocks:go_default_library",
        "//beacon-chain/core/helpers:go_default_library",
-        "//beacon-chain/core/state:go_default_library",
+        "//beacon-chain/core/transition:go_default_library",
        "//beacon-chain/db:go_default_library",
        "//beacon-chain/db/testing:go_default_library",
+        "//beacon-chain/execution:go_default_library",
+        "//beacon-chain/execution/testing:go_default_library",
+        "//beacon-chain/forkchoice/types:go_default_library",
        "//beacon-chain/p2p:go_default_library",
-        "//beacon-chain/powchain:go_default_library",
+        "//beacon-chain/state/state-native:go_default_library",
        "//beacon-chain/state/stateutil:go_default_library",
-        "//proto/beacon/db:go_default_library",
-        "//proto/beacon/p2p/v1:go_default_library",
-        "//shared/bytesutil:go_default_library",
-        "//shared/event:go_default_library",
-        "//shared/params:go_default_library",
-        "//shared/testutil:go_default_library",
-        "//shared/testutil/assert:go_default_library",
-        "//shared/testutil/require:go_default_library",
+        "//config/fieldparams:go_default_library",
+        "//config/params:go_default_library",
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/blocks/testing:go_default_library",
+        "//container/trie:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "//testing/util:go_default_library",
        "@com_github_ethereum_go_ethereum//:go_default_library",
        "@com_github_ethereum_go_ethereum//common:go_default_library",
        "@com_github_ethereum_go_ethereum//core/types:go_default_library",
-        "@com_github_gogo_protobuf//proto:go_default_library",
-        "@com_github_prysmaticlabs_ethereumapis//eth/v1alpha1:go_default_library",
        "@com_github_sirupsen_logrus//:go_default_library",
        "@com_github_sirupsen_logrus//hooks/test:go_default_library",
        "@in_gopkg_d4l3k_messagediff_v1//:go_default_library",
+        "@org_golang_google_protobuf//proto:go_default_library",
        "@org_golang_x_net//context:go_default_library",
    ],
 )
@@ -130,6 +162,8 @@ go_test(
    srcs = [
        "chain_info_norace_test.go",
        "checktags_test.go",
+        "init_test.go",
+        "mock_test.go",
        "receive_block_test.go",
        "service_norace_test.go",
    ],
@@ -145,29 +179,33 @@ go_test(
    race = "on",
    tags = ["race_on"],
    deps = [
+        "//async/event:go_default_library",
        "//beacon-chain/blockchain/testing:go_default_library",
        "//beacon-chain/cache/depositcache:go_default_library",
        "//beacon-chain/core/blocks:go_default_library",
        "//beacon-chain/core/helpers:go_default_library",
-        "//beacon-chain/core/state:go_default_library",
+        "//beacon-chain/core/transition:go_default_library",
        "//beacon-chain/db:go_default_library",
        "//beacon-chain/db/testing:go_default_library",
+        "//beacon-chain/execution:go_default_library",
+        "//beacon-chain/execution/testing:go_default_library",
+        "//beacon-chain/forkchoice/types:go_default_library",
        "//beacon-chain/p2p:go_default_library",
-        "//beacon-chain/powchain:go_default_library",
-        "//proto/beacon/p2p/v1:go_default_library",
-        "//shared/bytesutil:go_default_library",
-        "//shared/event:go_default_library",
-        "//shared/params:go_default_library",
-        "//shared/testutil:go_default_library",
-        "//shared/testutil/assert:go_default_library",
-        "//shared/testutil/require:go_default_library",
+        "//config/params:go_default_library",
+        "//consensus-types/blocks:go_default_library",
+        "//consensus-types/blocks/testing:go_default_library",
+        "//container/trie:go_default_library",
+        "//encoding/bytesutil:go_default_library",
+        "//proto/prysm/v1alpha1:go_default_library",
+        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
+        "//testing/util:go_default_library",
        "@com_github_ethereum_go_ethereum//:go_default_library",
        "@com_github_ethereum_go_ethereum//common:go_default_library",
        "@com_github_ethereum_go_ethereum//core/types:go_default_library",
-        "@com_github_gogo_protobuf//proto:go_default_library",
-        "@com_github_prysmaticlabs_ethereumapis//eth/v1alpha1:go_default_library",
        "@com_github_sirupsen_logrus//:go_default_library",
        "@com_github_sirupsen_logrus//hooks/test:go_default_library",
+        "@org_golang_google_protobuf//proto:go_default_library",
        "@org_golang_x_net//context:go_default_library",
    ],
 )
--- a/beacon-chain/blockchain/blockchain_test.go
+++ b/beacon-chain/blockchain/blockchain_test.go
@@ -1,7 +1,7 @@
 package blockchain

 import (
-	"io/ioutil"
+	"io"
 	"testing"

 	"github.com/sirupsen/logrus"
@@ -9,7 +9,7 @@ import (

 func TestMain(m *testing.M) {
 	logrus.SetLevel(logrus.DebugLevel)
-	logrus.SetOutput(ioutil.Discard)
+	logrus.SetOutput(io.Discard)

 	m.Run()
 }
--- a/beacon-chain/blockchain/chain_info.go
+++ b/beacon-chain/blockchain/chain_info.go
@@ -1,102 +1,125 @@
 package blockchain

 import (
+	"bytes"
 	"context"
 	"time"

-	types "github.com/prysmaticlabs/eth2-types"
-	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
-	"github.com/prysmaticlabs/prysm/beacon-chain/core/helpers"
-	"github.com/prysmaticlabs/prysm/beacon-chain/forkchoice/protoarray"
-	"github.com/prysmaticlabs/prysm/beacon-chain/state"
-	pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
-	"github.com/prysmaticlabs/prysm/shared/bytesutil"
-	"github.com/prysmaticlabs/prysm/shared/params"
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/helpers"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/forkchoice"
+	doublylinkedtree "github.com/prysmaticlabs/prysm/v3/beacon-chain/forkchoice/doubly-linked-tree"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
+	fieldparams "github.com/prysmaticlabs/prysm/v3/config/fieldparams"
+	"github.com/prysmaticlabs/prysm/v3/config/params"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/time/slots"
 	"go.opencensus.io/trace"
 )

 // ChainInfoFetcher defines a common interface for methods in blockchain service which
-// directly retrieves chain info related data.
+// directly retrieve chain info related data.
 type ChainInfoFetcher interface {
 	HeadFetcher
 	FinalizationFetcher
-	GenesisFetcher
 	CanonicalFetcher
+	ForkFetcher
+	HeadDomainFetcher
 }

-// TimeFetcher retrieves the Eth2 data that's related to time.
+// HeadUpdater defines a common interface for methods in blockchain service
+// which allow to update the head info
+type HeadUpdater interface {
+	UpdateHead(context.Context) error
+}
+
+// TimeFetcher retrieves the Ethereum consensus data that's related to time.
 type TimeFetcher interface {
 	GenesisTime() time.Time
-	CurrentSlot() types.Slot
+	CurrentSlot() primitives.Slot
 }

-// GenesisFetcher retrieves the eth2 data related to its genesis.
+// GenesisFetcher retrieves the Ethereum consensus data related to its genesis.
 type GenesisFetcher interface {
-	GenesisValidatorRoot() [32]byte
+	GenesisValidatorsRoot() [32]byte
 }

 // HeadFetcher defines a common interface for methods in blockchain service which
-// directly retrieves head related data.
+// directly retrieve head related data.
 type HeadFetcher interface {
-	HeadSlot() types.Slot
+	HeadSlot() primitives.Slot
 	HeadRoot(ctx context.Context) ([]byte, error)
-	HeadBlock(ctx context.Context) (*ethpb.SignedBeaconBlock, error)
-	HeadState(ctx context.Context) (*state.BeaconState, error)
-	HeadValidatorsIndices(ctx context.Context, epoch types.Epoch) ([]types.ValidatorIndex, error)
-	HeadSeed(ctx context.Context, epoch types.Epoch) ([32]byte, error)
-	HeadGenesisValidatorRoot() [32]byte
+	HeadBlock(ctx context.Context) (interfaces.ReadOnlySignedBeaconBlock, error)
+	HeadState(ctx context.Context) (state.BeaconState, error)
+	HeadStateReadOnly(ctx context.Context) (state.ReadOnlyBeaconState, error)
+	HeadValidatorsIndices(ctx context.Context, epoch primitives.Epoch) ([]primitives.ValidatorIndex, error)
+	HeadGenesisValidatorsRoot() [32]byte
 	HeadETH1Data() *ethpb.Eth1Data
-	ProtoArrayStore() *protoarray.Store
+	HeadPublicKeyToValidatorIndex(pubKey [fieldparams.BLSPubkeyLength]byte) (primitives.ValidatorIndex, bool)
+	HeadValidatorIndexToPublicKey(ctx context.Context, index primitives.ValidatorIndex) ([fieldparams.BLSPubkeyLength]byte, error)
+	ChainHeads() ([][32]byte, []primitives.Slot)
+	HeadSyncCommitteeFetcher
+	HeadDomainFetcher
 }

 // ForkFetcher retrieves the current fork information of the Ethereum beacon chain.
 type ForkFetcher interface {
-	CurrentFork() *pb.Fork
+	ForkChoicer() forkchoice.ForkChoicer
+	CurrentFork() *ethpb.Fork
+	GenesisFetcher
+	TimeFetcher
 }

 // CanonicalFetcher retrieves the current chain's canonical information.
 type CanonicalFetcher interface {
 	IsCanonical(ctx context.Context, blockRoot [32]byte) (bool, error)
-	VerifyBlkDescendant(ctx context.Context, blockRoot [32]byte) error
 }

 // FinalizationFetcher defines a common interface for methods in blockchain service which
-// directly retrieves finalization and justification related data.
+// directly retrieve finalization and justification related data.
 type FinalizationFetcher interface {
 	FinalizedCheckpt() *ethpb.Checkpoint
 	CurrentJustifiedCheckpt() *ethpb.Checkpoint
 	PreviousJustifiedCheckpt() *ethpb.Checkpoint
+	VerifyFinalizedBlkDescendant(ctx context.Context, blockRoot [32]byte) error
+	IsFinalized(ctx context.Context, blockRoot [32]byte) bool
 }

-// FinalizedCheckpt returns the latest finalized checkpoint from head state.
+// OptimisticModeFetcher retrieves information about optimistic status of the node.
+type OptimisticModeFetcher interface {
+	IsOptimistic(ctx context.Context) (bool, error)
+	IsOptimisticForRoot(ctx context.Context, root [32]byte) (bool, error)
+}
+
+// FinalizedCheckpt returns the latest finalized checkpoint from chain store.
 func (s *Service) FinalizedCheckpt() *ethpb.Checkpoint {
-	if s.finalizedCheckpt == nil {
-		return &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
-	}
-
-	return state.CopyCheckpoint(s.finalizedCheckpt)
+	cp := s.ForkChoicer().FinalizedCheckpoint()
+	return &ethpb.Checkpoint{Epoch: cp.Epoch, Root: bytesutil.SafeCopyBytes(cp.Root[:])}
 }

-// CurrentJustifiedCheckpt returns the current justified checkpoint from head state.
-func (s *Service) CurrentJustifiedCheckpt() *ethpb.Checkpoint {
-	if s.justifiedCheckpt == nil {
-		return &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
-	}
-
-	return state.CopyCheckpoint(s.justifiedCheckpt)
-}
-
-// PreviousJustifiedCheckpt returns the previous justified checkpoint from head state.
+// PreviousJustifiedCheckpt returns the current justified checkpoint from chain store.
 func (s *Service) PreviousJustifiedCheckpt() *ethpb.Checkpoint {
-	if s.prevJustifiedCheckpt == nil {
-		return &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
-	}
+	cp := s.ForkChoicer().PreviousJustifiedCheckpoint()
+	return &ethpb.Checkpoint{Epoch: cp.Epoch, Root: bytesutil.SafeCopyBytes(cp.Root[:])}
+}

-	return state.CopyCheckpoint(s.prevJustifiedCheckpt)
+// CurrentJustifiedCheckpt returns the current justified checkpoint from chain store.
+func (s *Service) CurrentJustifiedCheckpt() *ethpb.Checkpoint {
+	cp := s.ForkChoicer().JustifiedCheckpoint()
+	return &ethpb.Checkpoint{Epoch: cp.Epoch, Root: bytesutil.SafeCopyBytes(cp.Root[:])}
+}
+
+// BestJustifiedCheckpt returns the best justified checkpoint from store.
+func (s *Service) BestJustifiedCheckpt() *ethpb.Checkpoint {
+	cp := s.ForkChoicer().BestJustifiedCheckpoint()
+	return &ethpb.Checkpoint{Epoch: cp.Epoch, Root: bytesutil.SafeCopyBytes(cp.Root[:])}
 }

 // HeadSlot returns the slot of the head of the chain.
-func (s *Service) HeadSlot() types.Slot {
+func (s *Service) HeadSlot() primitives.Slot {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

@@ -112,20 +135,19 @@ func (s *Service) HeadRoot(ctx context.Context) ([]byte, error) {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

-	if s.headRoot() != params.BeaconConfig().ZeroHash {
-		r := s.headRoot()
-		return r[:], nil
+	if s.head != nil && s.head.root != params.BeaconConfig().ZeroHash {
+		return bytesutil.SafeCopyBytes(s.head.root[:]), nil
 	}

-	b, err := s.beaconDB.HeadBlock(ctx)
+	b, err := s.cfg.BeaconDB.HeadBlock(ctx)
 	if err != nil {
 		return nil, err
 	}
-	if b == nil {
+	if b == nil || b.IsNil() {
 		return params.BeaconConfig().ZeroHash[:], nil
 	}

-	r, err := b.Block.HashTreeRoot()
+	r, err := b.Block().HashTreeRoot()
 	if err != nil {
 		return nil, err
 	}
@@ -136,21 +158,21 @@ func (s *Service) HeadRoot(ctx context.Context) ([]byte, error) {
 // HeadBlock returns the head block of the chain.
 // If the head is nil from service struct,
 // it will attempt to get the head block from DB.
-func (s *Service) HeadBlock(ctx context.Context) (*ethpb.SignedBeaconBlock, error) {
+func (s *Service) HeadBlock(ctx context.Context) (interfaces.ReadOnlySignedBeaconBlock, error) {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

 	if s.hasHeadState() {
-		return s.headBlock(), nil
+		return s.headBlock()
 	}

-	return s.beaconDB.HeadBlock(ctx)
+	return s.cfg.BeaconDB.HeadBlock(ctx)
 }

 // HeadState returns the head state of the chain.
 // If the head is nil from service struct,
 // it will attempt to get the head state from DB.
-func (s *Service) HeadState(ctx context.Context) (*state.BeaconState, error) {
+func (s *Service) HeadState(ctx context.Context) (state.BeaconState, error) {
 	ctx, span := trace.StartSpan(ctx, "blockChain.HeadState")
 	defer span.End()
 	s.headLock.RLock()
@@ -163,34 +185,44 @@ func (s *Service) HeadState(ctx context.Context) (*state.BeaconState, error) {
 		return s.headState(ctx), nil
 	}

-	return s.stateGen.StateByRoot(ctx, s.headRoot())
+	return s.cfg.StateGen.StateByRoot(ctx, s.headRoot())
+}
+
+// HeadStateReadOnly returns the read only head state of the chain.
+// If the head is nil from service struct, it will attempt to get the
+// head state from DB. Any callers of this method MUST only use the
+// state instance to read fields from the state. Any type assertions back
+// to the concrete type and subsequent use of it could lead to corruption
+// of the state.
+func (s *Service) HeadStateReadOnly(ctx context.Context) (state.ReadOnlyBeaconState, error) {
+	ctx, span := trace.StartSpan(ctx, "blockChain.HeadStateReadOnly")
+	defer span.End()
+	s.headLock.RLock()
+	defer s.headLock.RUnlock()
+
+	ok := s.hasHeadState()
+	span.AddAttributes(trace.BoolAttribute("cache_hit", ok))
+
+	if ok {
+		return s.headStateReadOnly(ctx), nil
+	}
+
+	return s.cfg.StateGen.StateByRoot(ctx, s.headRoot())
 }

 // HeadValidatorsIndices returns a list of active validator indices from the head view of a given epoch.
-func (s *Service) HeadValidatorsIndices(ctx context.Context, epoch types.Epoch) ([]types.ValidatorIndex, error) {
+func (s *Service) HeadValidatorsIndices(ctx context.Context, epoch primitives.Epoch) ([]primitives.ValidatorIndex, error) {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

 	if !s.hasHeadState() {
-		return []types.ValidatorIndex{}, nil
+		return []primitives.ValidatorIndex{}, nil
 	}
-	return helpers.ActiveValidatorIndices(s.headState(ctx), epoch)
+	return helpers.ActiveValidatorIndices(ctx, s.headState(ctx), epoch)
 }

-// HeadSeed returns the seed from the head view of a given epoch.
-func (s *Service) HeadSeed(ctx context.Context, epoch types.Epoch) ([32]byte, error) {
-	s.headLock.RLock()
-	defer s.headLock.RUnlock()
-
-	if !s.hasHeadState() {
-		return [32]byte{}, nil
-	}
-
-	return helpers.Seed(s.headState(ctx), epoch, params.BeaconConfig().DomainBeaconAttester)
-}
-
-// HeadGenesisValidatorRoot returns genesis validator root of the head state.
-func (s *Service) HeadGenesisValidatorRoot() [32]byte {
+// HeadGenesisValidatorsRoot returns genesis validators root of the head state.
+func (s *Service) HeadGenesisValidatorsRoot() [32]byte {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

@@ -198,7 +230,7 @@ func (s *Service) HeadGenesisValidatorRoot() [32]byte {
 		return [32]byte{}
 	}

-	return s.headGenesisValidatorRoot()
+	return s.headGenesisValidatorsRoot()
 }

 // HeadETH1Data returns the eth1data of the current head state.
@@ -212,35 +244,30 @@ func (s *Service) HeadETH1Data() *ethpb.Eth1Data {
 	return s.head.state.Eth1Data()
 }

-// ProtoArrayStore returns the proto array store object.
-func (s *Service) ProtoArrayStore() *protoarray.Store {
-	return s.forkChoiceStore.Store()
-}
-
 // GenesisTime returns the genesis time of beacon chain.
 func (s *Service) GenesisTime() time.Time {
 	return s.genesisTime
 }

-// GenesisValidatorRoot returns the genesis validator
+// GenesisValidatorsRoot returns the genesis validators
 // root of the chain.
-func (s *Service) GenesisValidatorRoot() [32]byte {
+func (s *Service) GenesisValidatorsRoot() [32]byte {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

 	if !s.hasHeadState() {
 		return [32]byte{}
 	}
-	return bytesutil.ToBytes32(s.head.state.GenesisValidatorRoot())
+	return bytesutil.ToBytes32(s.head.state.GenesisValidatorsRoot())
 }

 // CurrentFork retrieves the latest fork information of the beacon chain.
-func (s *Service) CurrentFork() *pb.Fork {
+func (s *Service) CurrentFork() *ethpb.Fork {
 	s.headLock.RLock()
 	defer s.headLock.RUnlock()

 	if !s.hasHeadState() {
-		return &pb.Fork{
+		return &ethpb.Fork{
 			PreviousVersion: params.BeaconConfig().GenesisForkVersion,
 			CurrentVersion:  params.BeaconConfig().GenesisForkVersion,
 		}
@@ -250,11 +277,152 @@ func (s *Service) CurrentFork() *pb.Fork {

 // IsCanonical returns true if the input block root is part of the canonical chain.
 func (s *Service) IsCanonical(ctx context.Context, blockRoot [32]byte) (bool, error) {
+	// If the block has not been finalized, check fork choice store to see if the block is canonical
+	if s.cfg.ForkChoiceStore.HasNode(blockRoot) {
+		return s.cfg.ForkChoiceStore.IsCanonical(blockRoot), nil
+	}
+
 	// If the block has been finalized, the block will always be part of the canonical chain.
-	if s.beaconDB.IsFinalizedBlock(ctx, blockRoot) {
+	return s.cfg.BeaconDB.IsFinalizedBlock(ctx, blockRoot), nil
+}
+
+// ChainHeads returns all possible chain heads (leaves of fork choice tree).
+// Heads roots and heads slots are returned.
+func (s *Service) ChainHeads() ([][32]byte, []primitives.Slot) {
+	return s.cfg.ForkChoiceStore.Tips()
+}
+
+// HeadPublicKeyToValidatorIndex returns the validator index of the `pubkey` in current head state.
+func (s *Service) HeadPublicKeyToValidatorIndex(pubKey [fieldparams.BLSPubkeyLength]byte) (primitives.ValidatorIndex, bool) {
+	s.headLock.RLock()
+	defer s.headLock.RUnlock()
+	if !s.hasHeadState() {
+		return 0, false
+	}
+	return s.headValidatorIndexAtPubkey(pubKey)
+}
+
+// HeadValidatorIndexToPublicKey returns the pubkey of the validator `index`  in current head state.
+func (s *Service) HeadValidatorIndexToPublicKey(_ context.Context, index primitives.ValidatorIndex) ([fieldparams.BLSPubkeyLength]byte, error) {
+	s.headLock.RLock()
+	defer s.headLock.RUnlock()
+	if !s.hasHeadState() {
+		return [fieldparams.BLSPubkeyLength]byte{}, nil
+	}
+	v, err := s.headValidatorAtIndex(index)
+	if err != nil {
+		return [fieldparams.BLSPubkeyLength]byte{}, err
+	}
+	return v.PublicKey(), nil
+}
+
+// ForkChoicer returns the forkchoice interface.
+func (s *Service) ForkChoicer() forkchoice.ForkChoicer {
+	return s.cfg.ForkChoiceStore
+}
+
+// IsOptimistic returns true if the current head is optimistic.
+func (s *Service) IsOptimistic(ctx context.Context) (bool, error) {
+	if slots.ToEpoch(s.CurrentSlot()) < params.BeaconConfig().BellatrixForkEpoch {
+		return false, nil
+	}
+	s.headLock.RLock()
+	headRoot := s.head.root
+	s.headLock.RUnlock()
+
+	optimistic, err := s.cfg.ForkChoiceStore.IsOptimistic(headRoot)
+	if err == nil {
+		return optimistic, nil
+	}
+	if !errors.Is(err, doublylinkedtree.ErrNilNode) {
+		return true, err
+	}
+	// If fockchoice does not have the headroot, then the node is considered
+	// optimistic
+	return true, nil
+}
+
+// IsFinalized returns true if the input root is finalized.
+// It first checks latest finalized root then checks finalized root index in DB.
+func (s *Service) IsFinalized(ctx context.Context, root [32]byte) bool {
+	if s.ForkChoicer().FinalizedCheckpoint().Root == root {
+		return true
+	}
+	// If node exists in our store, then it is not
+	// finalized.
+	if s.ForkChoicer().HasNode(root) {
+		return false
+	}
+	return s.cfg.BeaconDB.IsFinalizedBlock(ctx, root)
+}
+
+// IsOptimisticForRoot takes the root as argument instead of the current head
+// and returns true if it is optimistic.
+func (s *Service) IsOptimisticForRoot(ctx context.Context, root [32]byte) (bool, error) {
+	optimistic, err := s.cfg.ForkChoiceStore.IsOptimistic(root)
+	if err == nil {
+		return optimistic, nil
+	}
+	if !errors.Is(err, doublylinkedtree.ErrNilNode) {
+		return false, err
+	}
+	// if the requested root is the headroot and the root is not found in
+	// forkchoice, the node should respond that it is optimistic
+	headRoot, err := s.HeadRoot(ctx)
+	if err != nil {
+		return true, err
+	}
+	if bytes.Equal(headRoot, root[:]) {
 		return true, nil
 	}

-	// If the block has not been finalized, check fork choice store to see if the block is canonical
-	return s.forkChoiceStore.IsCanonical(blockRoot), nil
+	ss, err := s.cfg.BeaconDB.StateSummary(ctx, root)
+	if err != nil {
+		return false, err
+	}
+
+	if ss == nil {
+		return true, errInvalidNilSummary
+	}
+	validatedCheckpoint, err := s.cfg.BeaconDB.LastValidatedCheckpoint(ctx)
+	if err != nil {
+		return false, err
+	}
+	if slots.ToEpoch(ss.Slot) > validatedCheckpoint.Epoch {
+		return true, nil
+	}
+
+	// Historical non-canonical blocks here are returned as optimistic for safety.
+	isCanonical, err := s.IsCanonical(ctx, root)
+	if err != nil {
+		return false, err
+	}
+
+	if slots.ToEpoch(ss.Slot)+1 < validatedCheckpoint.Epoch {
+		return !isCanonical, nil
+	}
+
+	// Checkpoint root could be zeros before the first finalized epoch. Use genesis root if the case.
+	lastValidated, err := s.cfg.BeaconDB.StateSummary(ctx, s.ensureRootNotZeros(bytesutil.ToBytes32(validatedCheckpoint.Root)))
+	if err != nil {
+		return false, err
+	}
+	if lastValidated == nil {
+		return false, errInvalidNilSummary
+	}
+
+	if ss.Slot > lastValidated.Slot {
+		return true, nil
+	}
+	return !isCanonical, nil
+}
+
+// SetGenesisTime sets the genesis time of beacon chain.
+func (s *Service) SetGenesisTime(t time.Time) {
+	s.genesisTime = t
+}
+
+// ForkChoiceStore returns the fork choice store in the service.
+func (s *Service) ForkChoiceStore() forkchoice.ForkChoicer {
+	return s.cfg.ForkChoiceStore
 }
--- a/beacon-chain/blockchain/chain_info_norace_test.go
+++ b/beacon-chain/blockchain/chain_info_norace_test.go
@@ -4,60 +4,93 @@ import (
 	"context"
 	"testing"

-	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
-	testDB "github.com/prysmaticlabs/prysm/beacon-chain/db/testing"
-	"github.com/prysmaticlabs/prysm/beacon-chain/state/stategen"
-	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	testDB "github.com/prysmaticlabs/prysm/v3/beacon-chain/db/testing"
+	doublylinkedtree "github.com/prysmaticlabs/prysm/v3/beacon-chain/forkchoice/doubly-linked-tree"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state/stategen"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	"github.com/prysmaticlabs/prysm/v3/testing/util"
 )

 func TestHeadSlot_DataRace(t *testing.T) {
 	beaconDB := testDB.SetupDB(t)
 	s := &Service{
-		beaconDB: beaconDB,
+		cfg: &config{BeaconDB: beaconDB},
 	}
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	st, _ := util.DeterministicGenesisState(t, 1)
+	wait := make(chan struct{})
 	go func() {
-		require.NoError(t, s.saveHead(context.Background(), [32]byte{}))
+		defer close(wait)
+		require.NoError(t, s.saveHead(context.Background(), [32]byte{}, b, st))
 	}()
 	s.HeadSlot()
+	<-wait
 }

 func TestHeadRoot_DataRace(t *testing.T) {
 	beaconDB := testDB.SetupDB(t)
 	s := &Service{
-		beaconDB: beaconDB,
-		head:     &head{root: [32]byte{'A'}},
-		stateGen: stategen.New(beaconDB),
+		cfg:  &config{BeaconDB: beaconDB, StateGen: stategen.New(beaconDB, doublylinkedtree.New())},
+		head: &head{root: [32]byte{'A'}},
 	}
-	go func() {
-		require.NoError(t, s.saveHead(context.Background(), [32]byte{}))
-	}()
-	_, err := s.HeadRoot(context.Background())
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
 	require.NoError(t, err)
+	wait := make(chan struct{})
+	st, _ := util.DeterministicGenesisState(t, 1)
+	go func() {
+		defer close(wait)
+		require.NoError(t, s.saveHead(context.Background(), [32]byte{}, b, st))
+
+	}()
+	_, err = s.HeadRoot(context.Background())
+	require.NoError(t, err)
+	<-wait
 }

 func TestHeadBlock_DataRace(t *testing.T) {
 	beaconDB := testDB.SetupDB(t)
-	s := &Service{
-		beaconDB: beaconDB,
-		head:     &head{block: &ethpb.SignedBeaconBlock{}},
-		stateGen: stategen.New(beaconDB),
-	}
-	go func() {
-		require.NoError(t, s.saveHead(context.Background(), [32]byte{}))
-	}()
-	_, err := s.HeadBlock(context.Background())
+	wsb, err := blocks.NewSignedBeaconBlock(&ethpb.SignedBeaconBlock{Block: &ethpb.BeaconBlock{Body: &ethpb.BeaconBlockBody{}}})
 	require.NoError(t, err)
+	s := &Service{
+		cfg:  &config{BeaconDB: beaconDB, StateGen: stategen.New(beaconDB, doublylinkedtree.New())},
+		head: &head{block: wsb},
+	}
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	wait := make(chan struct{})
+	st, _ := util.DeterministicGenesisState(t, 1)
+	go func() {
+		defer close(wait)
+		require.NoError(t, s.saveHead(context.Background(), [32]byte{}, b, st))
+
+	}()
+	_, err = s.HeadBlock(context.Background())
+	require.NoError(t, err)
+	<-wait
 }

 func TestHeadState_DataRace(t *testing.T) {
 	beaconDB := testDB.SetupDB(t)
 	s := &Service{
-		beaconDB: beaconDB,
-		stateGen: stategen.New(beaconDB),
+		cfg: &config{BeaconDB: beaconDB, StateGen: stategen.New(beaconDB, doublylinkedtree.New())},
 	}
-	go func() {
-		require.NoError(t, s.saveHead(context.Background(), [32]byte{}))
-	}()
-	_, err := s.HeadState(context.Background())
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
 	require.NoError(t, err)
+	wait := make(chan struct{})
+	st, _ := util.DeterministicGenesisState(t, 1)
+	root := bytesutil.ToBytes32(bytesutil.PadTo([]byte{'s'}, 32))
+	require.NoError(t, beaconDB.SaveGenesisBlockRoot(context.Background(), root))
+	require.NoError(t, beaconDB.SaveState(context.Background(), st, root))
+	go func() {
+		defer close(wait)
+		require.NoError(t, s.saveHead(context.Background(), [32]byte{}, b, st))
+
+	}()
+	_, err = s.HeadState(context.Background())
+	require.NoError(t, err)
+	<-wait
 }
--- a/beacon-chain/blockchain/chain_info_test.go
+++ b/beacon-chain/blockchain/chain_info_test.go
@@ -5,19 +5,23 @@ import (
 	"testing"
 	"time"

-	"github.com/gogo/protobuf/proto"
-	types "github.com/prysmaticlabs/eth2-types"
-	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
-	"github.com/prysmaticlabs/prysm/beacon-chain/core/helpers"
-	testDB "github.com/prysmaticlabs/prysm/beacon-chain/db/testing"
-	"github.com/prysmaticlabs/prysm/beacon-chain/forkchoice/protoarray"
-	"github.com/prysmaticlabs/prysm/beacon-chain/state"
-	pb "github.com/prysmaticlabs/prysm/proto/beacon/p2p/v1"
-	"github.com/prysmaticlabs/prysm/shared/bytesutil"
-	"github.com/prysmaticlabs/prysm/shared/params"
-	"github.com/prysmaticlabs/prysm/shared/testutil"
-	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
-	"github.com/prysmaticlabs/prysm/shared/testutil/require"
+	testDB "github.com/prysmaticlabs/prysm/v3/beacon-chain/db/testing"
+	doublylinkedtree "github.com/prysmaticlabs/prysm/v3/beacon-chain/forkchoice/doubly-linked-tree"
+	forkchoicetypes "github.com/prysmaticlabs/prysm/v3/beacon-chain/forkchoice/types"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
+	state_native "github.com/prysmaticlabs/prysm/v3/beacon-chain/state/state-native"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state/stategen"
+	fieldparams "github.com/prysmaticlabs/prysm/v3/config/fieldparams"
+	"github.com/prysmaticlabs/prysm/v3/config/params"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	enginev1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
+	ethpb "github.com/prysmaticlabs/prysm/v3/proto/prysm/v1alpha1"
+	"github.com/prysmaticlabs/prysm/v3/testing/assert"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+	"github.com/prysmaticlabs/prysm/v3/testing/util"
+	"google.golang.org/protobuf/proto"
 )

 // Ensure Service implements chain info interface.
@@ -25,10 +29,38 @@ var _ ChainInfoFetcher = (*Service)(nil)
 var _ TimeFetcher = (*Service)(nil)
 var _ ForkFetcher = (*Service)(nil)

-func TestFinalizedCheckpt_Nil(t *testing.T) {
-	beaconDB := testDB.SetupDB(t)
-	c := setupBeaconChain(t, beaconDB)
-	assert.DeepEqual(t, params.BeaconConfig().ZeroHash[:], c.FinalizedCheckpt().Root, "Incorrect pre chain start value")
+// prepareForkchoiceState prepares a beacon state with the given data to mock
+// insert into forkchoice
+func prepareForkchoiceState(
+	_ context.Context,
+	slot primitives.Slot,
+	blockRoot [32]byte,
+	parentRoot [32]byte,
+	payloadHash [32]byte,
+	justified *ethpb.Checkpoint,
+	finalized *ethpb.Checkpoint,
+) (state.BeaconState, [32]byte, error) {
+	blockHeader := &ethpb.BeaconBlockHeader{
+		ParentRoot: parentRoot[:],
+	}
+
+	executionHeader := &enginev1.ExecutionPayloadHeader{
+		BlockHash: payloadHash[:],
+	}
+
+	base := &ethpb.BeaconStateBellatrix{
+		Slot:                         slot,
+		RandaoMixes:                  make([][]byte, params.BeaconConfig().EpochsPerHistoricalVector),
+		BlockRoots:                   make([][]byte, 1),
+		CurrentJustifiedCheckpoint:   justified,
+		FinalizedCheckpoint:          finalized,
+		LatestExecutionPayloadHeader: executionHeader,
+		LatestBlockHeader:            blockHeader,
+	}
+
+	base.BlockRoots[0] = append(base.BlockRoots[0], blockRoot[:]...)
+	st, err := state_native.InitializeFromProtoBellatrix(base)
+	return st, blockRoot, err
 }

 func TestHeadRoot_Nil(t *testing.T) {
@@ -39,121 +71,141 @@ func TestHeadRoot_Nil(t *testing.T) {
 	assert.DeepEqual(t, params.BeaconConfig().ZeroHash[:], headRoot, "Incorrect pre chain start value")
 }

-func TestFinalizedCheckpt_CanRetrieve(t *testing.T) {
-	beaconDB := testDB.SetupDB(t)
-
-	cp := &ethpb.Checkpoint{Epoch: 5, Root: bytesutil.PadTo([]byte("foo"), 32)}
-	c := setupBeaconChain(t, beaconDB)
-	c.finalizedCheckpt = cp
-
-	assert.Equal(t, cp.Epoch, c.FinalizedCheckpt().Epoch, "Unexpected finalized epoch")
+func TestService_ForkChoiceStore(t *testing.T) {
+	c := &Service{cfg: &config{ForkChoiceStore: doublylinkedtree.New()}}
+	p := c.ForkChoiceStore()
+	require.Equal(t, primitives.Epoch(0), p.FinalizedCheckpoint().Epoch)
 }

 func TestFinalizedCheckpt_GenesisRootOk(t *testing.T) {
+	ctx := context.Background()
 	beaconDB := testDB.SetupDB(t)
+	fcs := doublylinkedtree.New()
+	opts := []Option{
+		WithDatabase(beaconDB),
+		WithForkChoiceStore(fcs),
+		WithStateGen(stategen.New(beaconDB, fcs)),
+	}
+	service, err := NewService(ctx, opts...)
+	require.NoError(t, err)
+
+	gs, _ := util.DeterministicGenesisState(t, 32)
+	require.NoError(t, service.saveGenesisData(ctx, gs))
+	cp := service.FinalizedCheckpt()
+	assert.DeepEqual(t, [32]byte{}, bytesutil.ToBytes32(cp.Root))
+	cp = service.CurrentJustifiedCheckpt()
+	assert.DeepEqual(t, [32]byte{}, bytesutil.ToBytes32(cp.Root))
+	// check that forkchoice has the right genesis root as the node root
+	root, err := fcs.Head(ctx)
+	require.NoError(t, err)
+	require.Equal(t, service.originBlockRoot, root)

-	genesisRoot := [32]byte{'A'}
-	cp := &ethpb.Checkpoint{Root: genesisRoot[:]}
-	c := setupBeaconChain(t, beaconDB)
-	c.finalizedCheckpt = cp
-	c.genesisRoot = genesisRoot
-	assert.DeepEqual(t, c.genesisRoot[:], c.FinalizedCheckpt().Root)
 }

 func TestCurrentJustifiedCheckpt_CanRetrieve(t *testing.T) {
+	ctx := context.Background()
 	beaconDB := testDB.SetupDB(t)
+	fcs := doublylinkedtree.New()
+	opts := []Option{
+		WithDatabase(beaconDB),
+		WithForkChoiceStore(fcs),
+		WithStateGen(stategen.New(beaconDB, fcs)),
+	}
+	service, err := NewService(ctx, opts...)
+	require.NoError(t, err)

-	c := setupBeaconChain(t, beaconDB)
-	assert.Equal(t, params.BeaconConfig().ZeroHash, bytesutil.ToBytes32(c.CurrentJustifiedCheckpt().Root), "Unexpected justified epoch")
-	cp := &ethpb.Checkpoint{Epoch: 6, Root: bytesutil.PadTo([]byte("foo"), 32)}
-	c.justifiedCheckpt = cp
-	assert.Equal(t, cp.Epoch, c.CurrentJustifiedCheckpt().Epoch, "Unexpected justified epoch")
-}
+	jroot := [32]byte{'j'}
+	cp := &forkchoicetypes.Checkpoint{Epoch: 6, Root: jroot}
+	bState, _ := util.DeterministicGenesisState(t, 10)
+	require.NoError(t, beaconDB.SaveState(ctx, bState, jroot))

-func TestJustifiedCheckpt_GenesisRootOk(t *testing.T) {
-	beaconDB := testDB.SetupDB(t)
-
-	c := setupBeaconChain(t, beaconDB)
-	genesisRoot := [32]byte{'B'}
-	cp := &ethpb.Checkpoint{Root: genesisRoot[:]}
-	c.justifiedCheckpt = cp
-	c.genesisRoot = genesisRoot
-	assert.DeepEqual(t, c.genesisRoot[:], c.CurrentJustifiedCheckpt().Root)
-}
-
-func TestPreviousJustifiedCheckpt_CanRetrieve(t *testing.T) {
-	beaconDB := testDB.SetupDB(t)
-
-	cp := &ethpb.Checkpoint{Epoch: 7, Root: bytesutil.PadTo([]byte("foo"), 32)}
-	c := setupBeaconChain(t, beaconDB)
-	assert.Equal(t, params.BeaconConfig().ZeroHash, bytesutil.ToBytes32(c.CurrentJustifiedCheckpt().Root), "Unexpected justified epoch")
-	c.prevJustifiedCheckpt = cp
-	assert.Equal(t, cp.Epoch, c.PreviousJustifiedCheckpt().Epoch, "Unexpected previous justified epoch")
-}
-
-func TestPrevJustifiedCheckpt_GenesisRootOk(t *testing.T) {
-	beaconDB := testDB.SetupDB(t)
-
-	genesisRoot := [32]byte{'C'}
-	cp := &ethpb.Checkpoint{Root: genesisRoot[:]}
-	c := setupBeaconChain(t, beaconDB)
-	c.prevJustifiedCheckpt = cp
-	c.genesisRoot = genesisRoot
-	assert.DeepEqual(t, c.genesisRoot[:], c.PreviousJustifiedCheckpt().Root)
+	require.NoError(t, fcs.UpdateJustifiedCheckpoint(ctx, cp))
+	jp := service.CurrentJustifiedCheckpt()
+	assert.Equal(t, cp.Epoch, jp.Epoch, "Unexpected justified epoch")
+	require.Equal(t, cp.Root, bytesutil.ToBytes32(jp.Root))
 }

 func TestHeadSlot_CanRetrieve(t *testing.T) {
 	c := &Service{}
-	s, err := state.InitializeFromProto(&pb.BeaconState{})
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{})
 	require.NoError(t, err)
-	c.head = &head{slot: 100, state: s}
-	assert.Equal(t, types.Slot(100), c.HeadSlot())
+	b, err := blocks.NewSignedBeaconBlock(util.NewBeaconBlock())
+	require.NoError(t, err)
+	b.SetSlot(100)
+	c.head = &head{block: b, state: s}
+	assert.Equal(t, primitives.Slot(100), c.HeadSlot())
 }

 func TestHeadRoot_CanRetrieve(t *testing.T) {
-	c := &Service{}
-	c.head = &head{root: [32]byte{'A'}}
-	r, err := c.HeadRoot(context.Background())
+	ctx := context.Background()
+	beaconDB := testDB.SetupDB(t)
+	fcs := doublylinkedtree.New()
+	opts := []Option{
+		WithDatabase(beaconDB),
+		WithForkChoiceStore(fcs),
+		WithStateGen(stategen.New(beaconDB, fcs)),
+	}
+	service, err := NewService(ctx, opts...)
 	require.NoError(t, err)
-	assert.Equal(t, [32]byte{'A'}, bytesutil.ToBytes32(r))
+	gs, _ := util.DeterministicGenesisState(t, 32)
+	require.NoError(t, service.saveGenesisData(ctx, gs))
+
+	r, err := service.HeadRoot(ctx)
+	require.NoError(t, err)
+	assert.Equal(t, service.originBlockRoot, bytesutil.ToBytes32(r))
 }

 func TestHeadRoot_UseDB(t *testing.T) {
+	ctx := context.Background()
 	beaconDB := testDB.SetupDB(t)
-	c := &Service{beaconDB: beaconDB}
-	c.head = &head{root: params.BeaconConfig().ZeroHash}
-	b := testutil.NewBeaconBlock()
+	fcs := doublylinkedtree.New()
+	opts := []Option{
+		WithDatabase(beaconDB),
+		WithForkChoiceStore(fcs),
+		WithStateGen(stategen.New(beaconDB, fcs)),
+	}
+	service, err := NewService(ctx, opts...)
+	require.NoError(t, err)
+
+	service.head = &head{root: params.BeaconConfig().ZeroHash}
+	b := util.NewBeaconBlock()
 	br, err := b.Block.HashTreeRoot()
 	require.NoError(t, err)
-	require.NoError(t, beaconDB.SaveBlock(context.Background(), b))
-	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &pb.StateSummary{Root: br[:]}))
-	require.NoError(t, beaconDB.SaveHeadBlockRoot(context.Background(), br))
-	r, err := c.HeadRoot(context.Background())
+	wsb, err := blocks.NewSignedBeaconBlock(b)
+	require.NoError(t, err)
+	require.NoError(t, beaconDB.SaveBlock(ctx, wsb))
+	require.NoError(t, beaconDB.SaveStateSummary(ctx, &ethpb.StateSummary{Root: br[:]}))
+	require.NoError(t, beaconDB.SaveHeadBlockRoot(ctx, br))
+	r, err := service.HeadRoot(ctx)
 	require.NoError(t, err)
 	assert.Equal(t, br, bytesutil.ToBytes32(r))
 }

 func TestHeadBlock_CanRetrieve(t *testing.T) {
-	b := testutil.NewBeaconBlock()
+	b := util.NewBeaconBlock()
 	b.Block.Slot = 1
-	s, err := state.InitializeFromProto(&pb.BeaconState{})
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{})
+	require.NoError(t, err)
+	wsb, err := blocks.NewSignedBeaconBlock(b)
 	require.NoError(t, err)
 	c := &Service{}
-	c.head = &head{block: b, state: s}
+	c.head = &head{block: wsb, state: s}

-	recevied, err := c.HeadBlock(context.Background())
+	received, err := c.HeadBlock(context.Background())
 	require.NoError(t, err)
-	assert.DeepEqual(t, b, recevied, "Incorrect head block received")
+	pb, err := received.Proto()
+	require.NoError(t, err)
+	assert.DeepEqual(t, b, pb, "Incorrect head block received")
 }

 func TestHeadState_CanRetrieve(t *testing.T) {
-	s, err := state.InitializeFromProto(&pb.BeaconState{Slot: 2, GenesisValidatorsRoot: params.BeaconConfig().ZeroHash[:]})
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{Slot: 2, GenesisValidatorsRoot: params.BeaconConfig().ZeroHash[:]})
 	require.NoError(t, err)
 	c := &Service{}
 	c.head = &head{state: s}
 	headState, err := c.HeadState(context.Background())
 	require.NoError(t, err)
-	assert.DeepEqual(t, headState.InnerStateUnsafe(), s.InnerStateUnsafe(), "Incorrect head state received")
+	assert.DeepEqual(t, headState.ToProtoUnsafe(), s.ToProtoUnsafe(), "Incorrect head state received")
 }

 func TestGenesisTime_CanRetrieve(t *testing.T) {
@@ -163,8 +215,8 @@ func TestGenesisTime_CanRetrieve(t *testing.T) {
 }

 func TestCurrentFork_CanRetrieve(t *testing.T) {
-	f := &pb.Fork{Epoch: 999}
-	s, err := state.InitializeFromProto(&pb.BeaconState{Fork: f})
+	f := &ethpb.Fork{Epoch: 999}
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{Fork: f})
 	require.NoError(t, err)
 	c := &Service{}
 	c.head = &head{state: s}
@@ -174,7 +226,7 @@ func TestCurrentFork_CanRetrieve(t *testing.T) {
 }

 func TestCurrentFork_NilHeadSTate(t *testing.T) {
-	f := &pb.Fork{
+	f := &ethpb.Fork{
 		PreviousVersion: params.BeaconConfig().GenesisForkVersion,
 		CurrentVersion:  params.BeaconConfig().GenesisForkVersion,
 	}
@@ -184,15 +236,15 @@ func TestCurrentFork_NilHeadSTate(t *testing.T) {
 	}
 }

-func TestGenesisValidatorRoot_CanRetrieve(t *testing.T) {
+func TestGenesisValidatorsRoot_CanRetrieve(t *testing.T) {
 	// Should not panic if head state is nil.
 	c := &Service{}
-	assert.Equal(t, [32]byte{}, c.GenesisValidatorRoot(), "Did not get correct genesis validator root")
+	assert.Equal(t, [32]byte{}, c.GenesisValidatorsRoot(), "Did not get correct genesis validators root")

-	s, err := state.InitializeFromProto(&pb.BeaconState{GenesisValidatorsRoot: []byte{'a'}})
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{GenesisValidatorsRoot: []byte{'a'}})
 	require.NoError(t, err)
 	c.head = &head{state: s}
-	assert.Equal(t, [32]byte{'a'}, c.GenesisValidatorRoot(), "Did not get correct genesis validator root")
+	assert.Equal(t, [32]byte{'a'}, c.GenesisValidatorsRoot(), "Did not get correct genesis validators root")
 }

 func TestHeadETH1Data_Nil(t *testing.T) {
@@ -203,7 +255,7 @@ func TestHeadETH1Data_Nil(t *testing.T) {

 func TestHeadETH1Data_CanRetrieve(t *testing.T) {
 	d := &ethpb.Eth1Data{DepositCount: 999}
-	s, err := state.InitializeFromProto(&pb.BeaconState{Eth1Data: d})
+	s, err := state_native.InitializeFromProtoPhase0(&ethpb.BeaconState{Eth1Data: d})
 	require.NoError(t, err)
 	c := &Service{}
 	c.head = &head{state: s}
@@ -217,11 +269,11 @@ func TestIsCanonical_Ok(t *testing.T) {
 	beaconDB := testDB.SetupDB(t)
 	c := setupBeaconChain(t, beaconDB)

-	blk := testutil.NewBeaconBlock()
+	blk := util.NewBeaconBlock()
 	blk.Block.Slot = 0
 	root, err := blk.Block.HashTreeRoot()
 	require.NoError(t, err)
-	require.NoError(t, beaconDB.SaveBlock(ctx, blk))
+	util.SaveBlock(t, ctx, beaconDB, blk)
 	require.NoError(t, beaconDB.SaveGenesisBlockRoot(ctx, root))
 	can, err := c.IsCanonical(ctx, root)
 	require.NoError(t, err)
@@ -233,7 +285,7 @@ func TestIsCanonical_Ok(t *testing.T) {
 }

 func TestService_HeadValidatorsIndices(t *testing.T) {
-	s, _ := testutil.DeterministicGenesisState(t, 10)
+	s, _ := util.DeterministicGenesisState(t, 10)
 	c := &Service{}

 	c.head = &head{}
@@ -247,38 +299,279 @@ func TestService_HeadValidatorsIndices(t *testing.T) {
 	require.Equal(t, 10, len(indices))
 }

-func TestService_HeadSeed(t *testing.T) {
-	s, _ := testutil.DeterministicGenesisState(t, 1)
-	c := &Service{}
-	seed, err := helpers.Seed(s, 0, params.BeaconConfig().DomainBeaconAttester)
-	require.NoError(t, err)
-
-	c.head = &head{}
-	root, err := c.HeadSeed(context.Background(), 0)
-	require.NoError(t, err)
-	require.Equal(t, [32]byte{}, root)
-
-	c.head = &head{state: s}
-	root, err = c.HeadSeed(context.Background(), 0)
-	require.NoError(t, err)
-	require.DeepEqual(t, seed, root)
-}
-
-func TestService_HeadGenesisValidatorRoot(t *testing.T) {
-	s, _ := testutil.DeterministicGenesisState(t, 1)
+func TestService_HeadGenesisValidatorsRoot(t *testing.T) {
+	s, _ := util.DeterministicGenesisState(t, 1)
 	c := &Service{}

 	c.head = &head{}
-	root := c.HeadGenesisValidatorRoot()
+	root := c.HeadGenesisValidatorsRoot()
 	require.Equal(t, [32]byte{}, root)

 	c.head = &head{state: s}
-	root = c.HeadGenesisValidatorRoot()
-	require.DeepEqual(t, root[:], s.GenesisValidatorRoot())
+	root = c.HeadGenesisValidatorsRoot()
+	require.DeepEqual(t, root[:], s.GenesisValidatorsRoot())
 }

-func TestService_ProtoArrayStore(t *testing.T) {
-	c := &Service{forkChoiceStore: protoarray.New(0, 0, [32]byte{})}
-	p := c.ProtoArrayStore()
-	require.Equal(t, 0, int(p.FinalizedEpoch()))
+//
+//  A <- B <- C
+//   \    \
+//    \    ---------- E
+//     ---------- D
+
+func TestService_ChainHeads(t *testing.T) {
+	ctx := context.Background()
+	c := &Service{cfg: &config{ForkChoiceStore: doublylinkedtree.New()}}
+	ojc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	ofc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	st, blkRoot, err := prepareForkchoiceState(ctx, 0, [32]byte{}, [32]byte{}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 100, [32]byte{'a'}, [32]byte{}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 101, [32]byte{'b'}, [32]byte{'a'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 102, [32]byte{'c'}, [32]byte{'b'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 103, [32]byte{'d'}, [32]byte{'a'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 104, [32]byte{'e'}, [32]byte{'b'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+
+	roots, slots := c.ChainHeads()
+	require.Equal(t, 3, len(roots))
+	rootMap := map[[32]byte]primitives.Slot{{'c'}: 102, {'d'}: 103, {'e'}: 104}
+	for i, root := range roots {
+		slot, ok := rootMap[root]
+		require.Equal(t, true, ok)
+		require.Equal(t, slot, slots[i])
+	}
+}
+
+func TestService_HeadPublicKeyToValidatorIndex(t *testing.T) {
+	s, _ := util.DeterministicGenesisState(t, 10)
+	c := &Service{}
+	c.head = &head{state: s}
+
+	_, e := c.HeadPublicKeyToValidatorIndex([fieldparams.BLSPubkeyLength]byte{})
+	require.Equal(t, false, e)
+
+	v, err := s.ValidatorAtIndex(0)
+	require.NoError(t, err)
+
+	i, e := c.HeadPublicKeyToValidatorIndex(bytesutil.ToBytes48(v.PublicKey))
+	require.Equal(t, true, e)
+	require.Equal(t, primitives.ValidatorIndex(0), i)
+}
+
+func TestService_HeadPublicKeyToValidatorIndexNil(t *testing.T) {
+	c := &Service{}
+	c.head = nil
+
+	idx, e := c.HeadPublicKeyToValidatorIndex([fieldparams.BLSPubkeyLength]byte{})
+	require.Equal(t, false, e)
+	require.Equal(t, primitives.ValidatorIndex(0), idx)
+
+	c.head = &head{state: nil}
+	i, e := c.HeadPublicKeyToValidatorIndex([fieldparams.BLSPubkeyLength]byte{})
+	require.Equal(t, false, e)
+	require.Equal(t, primitives.ValidatorIndex(0), i)
+}
+
+func TestService_HeadValidatorIndexToPublicKey(t *testing.T) {
+	s, _ := util.DeterministicGenesisState(t, 10)
+	c := &Service{}
+	c.head = &head{state: s}
+
+	p, err := c.HeadValidatorIndexToPublicKey(context.Background(), 0)
+	require.NoError(t, err)
+
+	v, err := s.ValidatorAtIndex(0)
+	require.NoError(t, err)
+
+	require.Equal(t, bytesutil.ToBytes48(v.PublicKey), p)
+}
+
+func TestService_HeadValidatorIndexToPublicKeyNil(t *testing.T) {
+	c := &Service{}
+	c.head = nil
+
+	p, err := c.HeadValidatorIndexToPublicKey(context.Background(), 0)
+	require.NoError(t, err)
+	require.Equal(t, [fieldparams.BLSPubkeyLength]byte{}, p)
+
+	c.head = &head{state: nil}
+	p, err = c.HeadValidatorIndexToPublicKey(context.Background(), 0)
+	require.NoError(t, err)
+	require.Equal(t, [fieldparams.BLSPubkeyLength]byte{}, p)
+}
+
+func TestService_IsOptimistic(t *testing.T) {
+	params.SetupTestConfigCleanup(t)
+	cfg := params.BeaconConfig()
+	cfg.BellatrixForkEpoch = 0
+	params.OverrideBeaconConfig(cfg)
+
+	ctx := context.Background()
+	ojc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	ofc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	c := &Service{cfg: &config{ForkChoiceStore: doublylinkedtree.New()}, head: &head{root: [32]byte{'b'}}}
+	st, blkRoot, err := prepareForkchoiceState(ctx, 100, [32]byte{'a'}, [32]byte{}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 101, [32]byte{'b'}, [32]byte{'a'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+
+	opt, err := c.IsOptimistic(ctx)
+	require.NoError(t, err)
+	require.Equal(t, true, opt)
+}
+
+func TestService_IsOptimisticBeforeBellatrix(t *testing.T) {
+	ctx := context.Background()
+	c := &Service{genesisTime: time.Now()}
+	opt, err := c.IsOptimistic(ctx)
+	require.NoError(t, err)
+	require.Equal(t, false, opt)
+}
+
+func TestService_IsOptimisticForRoot(t *testing.T) {
+	ctx := context.Background()
+	c := &Service{cfg: &config{ForkChoiceStore: doublylinkedtree.New()}, head: &head{root: [32]byte{'b'}}}
+	ojc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	ofc := &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	st, blkRoot, err := prepareForkchoiceState(ctx, 100, [32]byte{'a'}, [32]byte{}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+	st, blkRoot, err = prepareForkchoiceState(ctx, 101, [32]byte{'b'}, [32]byte{'a'}, params.BeaconConfig().ZeroHash, ojc, ofc)
+	require.NoError(t, err)
+	require.NoError(t, c.cfg.ForkChoiceStore.InsertNode(ctx, st, blkRoot))
+
+	opt, err := c.IsOptimisticForRoot(ctx, [32]byte{'a'})
+	require.NoError(t, err)
+	require.Equal(t, true, opt)
+}
+
+func TestService_IsOptimisticForRoot_DB(t *testing.T) {
+	beaconDB := testDB.SetupDB(t)
+	ctx := context.Background()
+	c := &Service{cfg: &config{BeaconDB: beaconDB, ForkChoiceStore: doublylinkedtree.New()}, head: &head{root: [32]byte{'b'}}}
+	c.head = &head{root: params.BeaconConfig().ZeroHash}
+	b := util.NewBeaconBlock()
+	b.Block.Slot = 10
+	br, err := b.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, b)
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: br[:], Slot: 10}))
+
+	optimisticBlock := util.NewBeaconBlock()
+	optimisticBlock.Block.Slot = 97
+	optimisticRoot, err := optimisticBlock.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, optimisticBlock)
+
+	validatedBlock := util.NewBeaconBlock()
+	validatedBlock.Block.Slot = 9
+	validatedRoot, err := validatedBlock.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, validatedBlock)
+
+	validatedCheckpoint := &ethpb.Checkpoint{Root: br[:]}
+	require.NoError(t, beaconDB.SaveLastValidatedCheckpoint(ctx, validatedCheckpoint))
+
+	_, err = c.IsOptimisticForRoot(ctx, optimisticRoot)
+	require.ErrorContains(t, "nil summary returned from the DB", err)
+
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: optimisticRoot[:], Slot: 11}))
+	optimistic, err := c.IsOptimisticForRoot(ctx, optimisticRoot)
+	require.NoError(t, err)
+	require.Equal(t, true, optimistic)
+
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: validatedRoot[:], Slot: 9}))
+	cp := &ethpb.Checkpoint{
+		Epoch: 1,
+		Root:  validatedRoot[:],
+	}
+	require.NoError(t, beaconDB.SaveGenesisBlockRoot(ctx, validatedRoot))
+	require.NoError(t, beaconDB.SaveFinalizedCheckpoint(ctx, cp))
+	validated, err := c.IsOptimisticForRoot(ctx, validatedRoot)
+	require.NoError(t, err)
+	require.Equal(t, false, validated)
+
+	// Before the first finalized epoch, finalized root could be zeros.
+	validatedCheckpoint = &ethpb.Checkpoint{Root: params.BeaconConfig().ZeroHash[:]}
+	require.NoError(t, beaconDB.SaveGenesisBlockRoot(ctx, br))
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: params.BeaconConfig().ZeroHash[:], Slot: 10}))
+	require.NoError(t, beaconDB.SaveLastValidatedCheckpoint(ctx, validatedCheckpoint))
+
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: optimisticRoot[:], Slot: 11}))
+	optimistic, err = c.IsOptimisticForRoot(ctx, optimisticRoot)
+	require.NoError(t, err)
+	require.Equal(t, true, optimistic)
+}
+
+func TestService_IsOptimisticForRoot_DB_non_canonical(t *testing.T) {
+	beaconDB := testDB.SetupDB(t)
+	ctx := context.Background()
+	c := &Service{cfg: &config{BeaconDB: beaconDB, ForkChoiceStore: doublylinkedtree.New()}, head: &head{root: [32]byte{'b'}}}
+	c.head = &head{root: params.BeaconConfig().ZeroHash}
+	b := util.NewBeaconBlock()
+	b.Block.Slot = 10
+	br, err := b.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, b)
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: br[:], Slot: 10}))
+
+	optimisticBlock := util.NewBeaconBlock()
+	optimisticBlock.Block.Slot = 97
+	optimisticRoot, err := optimisticBlock.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, optimisticBlock)
+
+	validatedBlock := util.NewBeaconBlock()
+	validatedBlock.Block.Slot = 9
+	validatedRoot, err := validatedBlock.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, context.Background(), beaconDB, validatedBlock)
+
+	validatedCheckpoint := &ethpb.Checkpoint{Root: br[:]}
+	require.NoError(t, beaconDB.SaveLastValidatedCheckpoint(ctx, validatedCheckpoint))
+
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: optimisticRoot[:], Slot: 11}))
+	optimistic, err := c.IsOptimisticForRoot(ctx, optimisticRoot)
+	require.NoError(t, err)
+	require.Equal(t, true, optimistic)
+
+	require.NoError(t, beaconDB.SaveStateSummary(context.Background(), &ethpb.StateSummary{Root: validatedRoot[:], Slot: 9}))
+	validated, err := c.IsOptimisticForRoot(ctx, validatedRoot)
+	require.NoError(t, err)
+	require.Equal(t, true, validated)
+
+}
+
+func TestService_IsFinalized(t *testing.T) {
+	beaconDB := testDB.SetupDB(t)
+	ctx := context.Background()
+	c := &Service{cfg: &config{BeaconDB: beaconDB, ForkChoiceStore: doublylinkedtree.New()}}
+	r1 := [32]byte{'a'}
+	require.NoError(t, c.ForkChoiceStore().UpdateFinalizedCheckpoint(&forkchoicetypes.Checkpoint{
+		Root: r1,
+	}))
+	b := util.NewBeaconBlock()
+	br, err := b.Block.HashTreeRoot()
+	require.NoError(t, err)
+	util.SaveBlock(t, ctx, beaconDB, b)
+	require.NoError(t, beaconDB.SaveStateSummary(ctx, &ethpb.StateSummary{Root: br[:], Slot: 10}))
+	require.NoError(t, beaconDB.SaveGenesisBlockRoot(ctx, br))
+	require.NoError(t, beaconDB.SaveFinalizedCheckpoint(ctx, &ethpb.Checkpoint{
+		Root: br[:],
+	}))
+	require.Equal(t, true, c.IsFinalized(ctx, r1))
+	require.Equal(t, true, c.IsFinalized(ctx, br))
+	require.Equal(t, false, c.IsFinalized(ctx, [32]byte{'c'}))
 }
--- a/beacon-chain/blockchain/checktags_test.go
+++ b/beacon-chain/blockchain/checktags_test.go
@@ -1,4 +1,4 @@
-// +build !develop
+//go:build !develop

 package blockchain

--- a/beacon-chain/blockchain/error.go
+++ b/beacon-chain/blockchain/error.go
@@ -0,0 +1,95 @@
+package blockchain
+
+import "github.com/pkg/errors"
+
+var (
+	// ErrInvalidPayload is returned when the payload is invalid
+	ErrInvalidPayload = invalidBlock{error: errors.New("received an INVALID payload from execution engine")}
+	// ErrInvalidBlockHashPayloadStatus is returned when the payload has invalid block hash.
+	ErrInvalidBlockHashPayloadStatus = invalidBlock{error: errors.New("received an INVALID_BLOCK_HASH payload from execution engine")}
+	// ErrUndefinedExecutionEngineError is returned when the execution engine returns an error that is not defined
+	ErrUndefinedExecutionEngineError = errors.New("received an undefined execution engine error")
+	// errNilFinalizedInStore is returned when a nil finalized checkpt is returned from store.
+	errNilFinalizedInStore = errors.New("nil finalized checkpoint returned from store")
+	// errNilFinalizedCheckpoint is returned when a nil finalized checkpt is returned from a state.
+	errNilFinalizedCheckpoint = errors.New("nil finalized checkpoint returned from state")
+	// errNilJustifiedCheckpoint is returned when a nil justified checkpt is returned from a state.
+	errNilJustifiedCheckpoint = errors.New("nil justified checkpoint returned from state")
+	// errInvalidNilSummary is returned when a nil summary is returned from the DB.
+	errInvalidNilSummary = errors.New("nil summary returned from the DB")
+	// errWrongBlockCount is returned when the wrong number of blocks or block roots is used
+	errWrongBlockCount = errors.New("wrong number of blocks or block roots")
+	// errBlockNotFoundInCacheOrDB is returned when a block is not found in the cache or DB.
+	errBlockNotFoundInCacheOrDB = errors.New("block not found in cache or db")
+	// errWSBlockNotFound is returned when a block is not found in the WS cache or DB.
+	errWSBlockNotFound = errors.New("weak subjectivity root not found in db")
+	// errWSBlockNotFoundInEpoch is returned when a block is not found in the WS cache or DB within epoch.
+	errWSBlockNotFoundInEpoch = errors.New("weak subjectivity root not found in db within epoch")
+	// errNotDescendantOfFinalized is returned when a block is not a descendant of the finalized checkpoint
+	errNotDescendantOfFinalized = invalidBlock{error: errors.New("not descendant of finalized checkpoint")}
+)
+
+// An invalid block is the block that fails state transition based on the core protocol rules.
+// The beacon node shall not be accepting nor building blocks that branch off from an invalid block.
+// Some examples of invalid blocks are:
+// The block violates state transition rules.
+// The block is deemed invalid according to execution layer client.
+// The block violates certain fork choice rules (before finalized slot, not finalized ancestor)
+type invalidBlock struct {
+	invalidAncestorRoots [][32]byte
+	error
+	root [32]byte
+}
+
+type invalidBlockError interface {
+	Error() string
+	InvalidAncestorRoots() [][32]byte
+	BlockRoot() [32]byte
+}
+
+// BlockRoot returns the invalid block root.
+func (e invalidBlock) BlockRoot() [32]byte {
+	return e.root
+}
+
+// InvalidAncestorRoots returns an optional list of invalid roots of the invalid block which leads up last valid root.
+func (e invalidBlock) InvalidAncestorRoots() [][32]byte {
+	return e.invalidAncestorRoots
+}
+
+// IsInvalidBlock returns true if the error has `invalidBlock`.
+func IsInvalidBlock(e error) bool {
+	if e == nil {
+		return false
+	}
+	_, ok := e.(invalidBlockError)
+	if !ok {
+		return IsInvalidBlock(errors.Unwrap(e))
+	}
+	return true
+}
+
+// InvalidBlockRoot returns the invalid block root. If the error
+// doesn't have an invalid blockroot. [32]byte{} is returned.
+func InvalidBlockRoot(e error) [32]byte {
+	if e == nil {
+		return [32]byte{}
+	}
+	d, ok := e.(invalidBlockError)
+	if !ok {
+		return [32]byte{}
+	}
+	return d.BlockRoot()
+}
+
+// InvalidAncestorRoots returns a list of invalid roots up to last valid root.
+func InvalidAncestorRoots(e error) [][32]byte {
+	if e == nil {
+		return [][32]byte{}
+	}
+	d, ok := e.(invalidBlockError)
+	if !ok {
+		return [][32]byte{}
+	}
+	return d.InvalidAncestorRoots()
+}
--- a/beacon-chain/blockchain/error_test.go
+++ b/beacon-chain/blockchain/error_test.go
@@ -0,0 +1,36 @@
+package blockchain
+
+import (
+	"testing"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/testing/require"
+)
+
+func TestIsInvalidBlock(t *testing.T) {
+	require.Equal(t, true, IsInvalidBlock(ErrInvalidPayload)) // Already wrapped.
+	err := invalidBlock{error: ErrInvalidPayload}
+	require.Equal(t, true, IsInvalidBlock(err))
+
+	newErr := errors.Wrap(err, "wrap me")
+	require.Equal(t, true, IsInvalidBlock(newErr))
+	require.DeepEqual(t, [][32]byte(nil), InvalidAncestorRoots(err))
+}
+
+func TestInvalidBlockRoot(t *testing.T) {
+	require.Equal(t, [32]byte{}, InvalidBlockRoot(ErrUndefinedExecutionEngineError))
+	require.Equal(t, [32]byte{}, InvalidBlockRoot(ErrInvalidPayload))
+
+	err := invalidBlock{error: ErrInvalidPayload, root: [32]byte{'a'}}
+	require.Equal(t, [32]byte{'a'}, InvalidBlockRoot(err))
+	require.DeepEqual(t, [][32]byte(nil), InvalidAncestorRoots(err))
+}
+
+func TestInvalidRoots(t *testing.T) {
+	roots := [][32]byte{{'d'}, {'b'}, {'c'}}
+	err := invalidBlock{error: ErrInvalidPayload, root: [32]byte{'a'}, invalidAncestorRoots: roots}
+
+	require.Equal(t, true, IsInvalidBlock(err))
+	require.Equal(t, [32]byte{'a'}, InvalidBlockRoot(err))
+	require.DeepEqual(t, roots, InvalidAncestorRoots(err))
+}
--- a/beacon-chain/blockchain/execution_engine.go
+++ b/beacon-chain/blockchain/execution_engine.go
@@ -0,0 +1,353 @@
+package blockchain
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/pkg/errors"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/blocks"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/helpers"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/time"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/core/transition"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/db/kv"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/execution"
+	"github.com/prysmaticlabs/prysm/v3/beacon-chain/state"
+	"github.com/prysmaticlabs/prysm/v3/config/params"
+	consensusblocks "github.com/prysmaticlabs/prysm/v3/consensus-types/blocks"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/interfaces"
+	payloadattribute "github.com/prysmaticlabs/prysm/v3/consensus-types/payload-attribute"
+	"github.com/prysmaticlabs/prysm/v3/consensus-types/primitives"
+	"github.com/prysmaticlabs/prysm/v3/encoding/bytesutil"
+	enginev1 "github.com/prysmaticlabs/prysm/v3/proto/engine/v1"
+	"github.com/prysmaticlabs/prysm/v3/runtime/version"
+	"github.com/prysmaticlabs/prysm/v3/time/slots"
+	"github.com/sirupsen/logrus"
+	"go.opencensus.io/trace"
+)
+
+var defaultLatestValidHash = bytesutil.PadTo([]byte{0xff}, 32)
+
+// notifyForkchoiceUpdateArg is the argument for the forkchoice update notification `notifyForkchoiceUpdate`.
+type notifyForkchoiceUpdateArg struct {
+	headState state.BeaconState
+	headRoot  [32]byte
+	headBlock interfaces.ReadOnlyBeaconBlock
+}
+
+// notifyForkchoiceUpdate signals execution engine the fork choice updates. Execution engine should:
+// 1. Re-organizes the execution payload chain and corresponding state to make head_block_hash the head.
+// 2. Applies finality to the execution state: it irreversibly persists the chain of all execution payloads and corresponding state, up to and including finalized_block_hash.
+func (s *Service) notifyForkchoiceUpdate(ctx context.Context, arg *notifyForkchoiceUpdateArg) (*enginev1.PayloadIDBytes, error) {
+	ctx, span := trace.StartSpan(ctx, "blockChain.notifyForkchoiceUpdate")
+	defer span.End()
+
+	headBlk := arg.headBlock
+	if headBlk == nil || headBlk.IsNil() || headBlk.Body().IsNil() {
+		log.Error("Head block is nil")
+		return nil, nil
+	}
+	// Must not call fork choice updated until the transition conditions are met on the Pow network.
+	isExecutionBlk, err := blocks.IsExecutionBlock(headBlk.Body())
+	if err != nil {
+		log.WithError(err).Error("Could not determine if head block is execution block")
+		return nil, nil
+	}
+	if !isExecutionBlk {
+		return nil, nil
+	}
+	headPayload, err := headBlk.Body().Execution()
+	if err != nil {
+		log.WithError(err).Error("Could not get execution payload for head block")
+		return nil, nil
+	}
+	finalizedHash := s.ForkChoicer().FinalizedPayloadBlockHash()
+	justifiedHash := s.ForkChoicer().JustifiedPayloadBlockHash()
+	fcs := &enginev1.ForkchoiceState{
+		HeadBlockHash:      headPayload.BlockHash(),
+		SafeBlockHash:      justifiedHash[:],
+		FinalizedBlockHash: finalizedHash[:],
+	}
+
+	nextSlot := s.CurrentSlot() + 1 // Cache payload ID for next slot proposer.
+	hasAttr, attr, proposerId := s.getPayloadAttribute(ctx, arg.headState, nextSlot)
+
+	payloadID, lastValidHash, err := s.cfg.ExecutionEngineCaller.ForkchoiceUpdated(ctx, fcs, attr)
+	if err != nil {
+		switch err {
+		case execution.ErrAcceptedSyncingPayloadStatus:
+			forkchoiceUpdatedOptimisticNodeCount.Inc()
+			log.WithFields(logrus.Fields{
+				"headSlot":                  headBlk.Slot(),
+				"headPayloadBlockHash":      fmt.Sprintf("%#x", bytesutil.Trunc(headPayload.BlockHash())),
+				"finalizedPayloadBlockHash": fmt.Sprintf("%#x", bytesutil.Trunc(finalizedHash[:])),
+			}).Info("Called fork choice updated with optimistic block")
+			return payloadID, nil
+		case execution.ErrInvalidPayloadStatus:
+			forkchoiceUpdatedInvalidNodeCount.Inc()
+			headRoot := arg.headRoot
+			if len(lastValidHash) == 0 {
+				lastValidHash = defaultLatestValidHash
+			}
+			invalidRoots, err := s.ForkChoicer().SetOptimisticToInvalid(ctx, headRoot, headBlk.ParentRoot(), bytesutil.ToBytes32(lastValidHash))
+			if err != nil {
+				log.WithError(err).Error("Could not set head root to invalid")
+				return nil, nil
+			}
+			if err := s.removeInvalidBlockAndState(ctx, invalidRoots); err != nil {
+				log.WithError(err).Error("Could not remove invalid block and state")
+				return nil, nil
+			}
+
+			r, err := s.cfg.ForkChoiceStore.Head(ctx)
+			if err != nil {
+				log.WithFields(logrus.Fields{
+					"slot":                 headBlk.Slot(),
+					"blockRoot":            fmt.Sprintf("%#x", bytesutil.Trunc(headRoot[:])),
+					"invalidChildrenCount": len(invalidRoots),
+				}).Warn("Pruned invalid blocks, could not update head root")
+				return nil, invalidBlock{error: ErrInvalidPayload, root: arg.headRoot, invalidAncestorRoots: invalidRoots}
+			}
+			b, err := s.getBlock(ctx, r)
+			if err != nil {
+				log.WithError(err).Error("Could not get head block")
+				return nil, nil
+			}
+			st, err := s.cfg.StateGen.StateByRoot(ctx, r)
+			if err != nil {
+				log.WithError(err).Error("Could not get head state")
+				return nil, nil
+			}
+			pid, err := s.notifyForkchoiceUpdate(ctx, &notifyForkchoiceUpdateArg{
+				headState: st,
+				headRoot:  r,
+				headBlock: b.Block(),
+			})
+			if err != nil {
+				return nil, err // Returning err because it's recursive here.
+			}
+
+			if err := s.saveHead(ctx, r, b, st); err != nil {
+				log.WithError(err).Error("could not save head after pruning invalid blocks")
+			}
+
+			log.WithFields(logrus.Fields{
+				"slot":                 headBlk.Slot(),
+				"blockRoot":            fmt.Sprintf("%#x", bytesutil.Trunc(headRoot[:])),
+				"invalidChildrenCount": len(invalidRoots),
+				"newHeadRoot":          fmt.Sprintf("%#x", bytesutil.Trunc(r[:])),
+			}).Warn("Pruned invalid blocks")
+			return pid, invalidBlock{error: ErrInvalidPayload, root: arg.headRoot, invalidAncestorRoots: invalidRoots}
+
+		default:
+			log.WithError(err).Error(ErrUndefinedExecutionEngineError)
+			return nil, nil
+		}
+	}
+	forkchoiceUpdatedValidNodeCount.Inc()
+	if err := s.cfg.ForkChoiceStore.SetOptimisticToValid(ctx, arg.headRoot); err != nil {
+		log.WithError(err).Error("Could not set head root to valid")
+		return nil, nil
+	}
+	// If the forkchoice update call has an attribute, update the proposer payload ID cache.
+	if hasAttr && payloadID != nil {
+		var pId [8]byte
+		copy(pId[:], payloadID[:])
+		s.cfg.ProposerSlotIndexCache.SetProposerAndPayloadIDs(nextSlot, proposerId, pId, arg.headRoot)
+	} else if hasAttr && payloadID == nil {
+		log.WithFields(logrus.Fields{
+			"blockHash": fmt.Sprintf("%#x", headPayload.BlockHash()),
+			"slot":      headBlk.Slot(),
+		}).Error("Received nil payload ID on VALID engine response")
+	}
+	return payloadID, nil
+}
+
+// getPayloadHash returns the payload hash given the block root.
+// if the block is before bellatrix fork epoch, it returns the zero hash.
+func (s *Service) getPayloadHash(ctx context.Context, root []byte) ([32]byte, error) {
+	blk, err := s.getBlock(ctx, s.ensureRootNotZeros(bytesutil.ToBytes32(root)))
+	if err != nil {
+		return [32]byte{}, err
+	}
+	if blocks.IsPreBellatrixVersion(blk.Block().Version()) {
+		return params.BeaconConfig().ZeroHash, nil
+	}
+	payload, err := blk.Block().Body().Execution()
+	if err != nil {
+		return [32]byte{}, errors.Wrap(err, "could not get execution payload")
+	}
+	return bytesutil.ToBytes32(payload.BlockHash()), nil
+}
+
+// notifyNewPayload signals execution engine on a new payload.
+// It returns true if the EL has returned VALID for the block
+func (s *Service) notifyNewPayload(ctx context.Context, postStateVersion int,
+	postStateHeader interfaces.ExecutionData, blk interfaces.ReadOnlySignedBeaconBlock) (bool, error) {
+	ctx, span := trace.StartSpan(ctx, "blockChain.notifyNewPayload")
+	defer span.End()
+
+	// Execution payload is only supported in Bellatrix and beyond. Pre
+	// merge blocks are never optimistic
+	if blocks.IsPreBellatrixVersion(postStateVersion) {
+		return true, nil
+	}
+	if err := consensusblocks.BeaconBlockIsNil(blk); err != nil {
+		return false, err
+	}
+	body := blk.Block().Body()
+	enabled, err := blocks.IsExecutionEnabledUsingHeader(postStateHeader, body)
+	if err != nil {
+		return false, errors.Wrap(invalidBlock{error: err}, "could not determine if execution is enabled")
+	}
+	if !enabled {
+		return true, nil
+	}
+	payload, err := body.Execution()
+	if err != nil {
+		return false, errors.Wrap(invalidBlock{error: err}, "could not get execution payload")
+	}
+	lastValidHash, err := s.cfg.ExecutionEngineCaller.NewPayload(ctx, payload)
+	switch err {
+	case nil:
+		newPayloadValidNodeCount.Inc()
+		return true, nil
+	case execution.ErrAcceptedSyncingPayloadStatus:
+		newPayloadOptimisticNodeCount.Inc()
+		log.WithFields(logrus.Fields{
+			"slot":             blk.Block().Slot(),
+			"payloadBlockHash": fmt.Sprintf("%#x", bytesutil.Trunc(payload.BlockHash())),
+		}).Info("Called new payload with optimistic block")
+		return false, nil
+	case execution.ErrInvalidPayloadStatus:
+		newPayloadInvalidNodeCount.Inc()
+		root, err := blk.Block().HashTreeRoot()
+		if err != nil {
+			return false, err
+		}
+		invalidRoots, err := s.ForkChoicer().SetOptimisticToInvalid(ctx, root, blk.Block().ParentRoot(), bytesutil.ToBytes32(lastValidHash))
+		if err != nil {
+			return false, err
+		}
+		if err := s.removeInvalidBlockAndState(ctx, invalidRoots); err != nil {
+			return false, err
+		}
+		log.WithFields(logrus.Fields{
+			"slot":                 blk.Block().Slot(),
+			"blockRoot":            fmt.Sprintf("%#x", root),
+			"invalidChildrenCount": len(invalidRoots),
+		}).Warn("Pruned invalid blocks")
+		return false, invalidBlock{
+			invalidAncestorRoots: invalidRoots,
+			error:                ErrInvalidPayload,
+		}
+	case execution.ErrInvalidBlockHashPayloadStatus:
+		newPayloadInvalidNodeCount.Inc()
+		return false, ErrInvalidBlockHashPayloadStatus
+	default:
+		return false, errors.WithMessage(ErrUndefinedExecutionEngineError, err.Error())
+	}
+}
+
+// getPayloadAttributes returns the payload attributes for the given state and slot.
+// The attribute is required to initiate a payload build process in the context of an `engine_forkchoiceUpdated` call.
+func (s *Service) getPayloadAttribute(ctx context.Context, st state.BeaconState, slot primitives.Slot) (bool, payloadattribute.Attributer, primitives.ValidatorIndex) {
+	emptyAttri := payloadattribute.EmptyWithVersion(st.Version())
+	// Root is `[32]byte{}` since we are retrieving proposer ID of a given slot. During insertion at assignment the root was not known.
+	proposerID, _, ok := s.cfg.ProposerSlotIndexCache.GetProposerPayloadIDs(slot, [32]byte{} /* root */)
+	if !ok { // There's no need to build attribute if there is no proposer for slot.
+		return false, emptyAttri, 0
+	}
+
+	// Get previous randao.
+	st = st.Copy()
+	st, err := transition.ProcessSlotsIfPossible(ctx, st, slot)
+	if err != nil {
+		log.WithError(err).Error("Could not process slots to get payload attribute")
+		return false, emptyAttri, 0
+	}
+	prevRando, err := helpers.RandaoMix(st, time.CurrentEpoch(st))
+	if err != nil {
+		log.WithError(err).Error("Could not get randao mix to get payload attribute")
+		return false, emptyAttri, 0
+	}
+
+	// Get fee recipient.
+	feeRecipient := params.BeaconConfig().DefaultFeeRecipient
+	recipient, err := s.cfg.BeaconDB.FeeRecipientByValidatorID(ctx, proposerID)
+	switch {
+	case errors.Is(err, kv.ErrNotFoundFeeRecipient):
+		if feeRecipient.String() == params.BeaconConfig().EthBurnAddressHex {
+			logrus.WithFields(logrus.Fields{
+				"validatorIndex": proposerID,
+				"burnAddress":    params.BeaconConfig().EthBurnAddressHex,
+			}).Warn("Fee recipient is currently using the burn address, " +
+				"you will not be rewarded transaction fees on this setting. " +
+				"Please set a different eth address as the fee recipient. " +
+				"Please refer to our documentation for instructions")
+		}
+	case err != nil:
+		log.WithError(err).Error("Could not get fee recipient to get payload attribute")
+		return false, emptyAttri, 0
+	default:
+		feeRecipient = recipient
+	}
+
+	// Get timestamp.
+	t, err := slots.ToTime(uint64(s.genesisTime.Unix()), slot)
+	if err != nil {
+		log.WithError(err).Error("Could not get timestamp to get payload attribute")
+		return false, emptyAttri, 0
+	}
+
+	var attr payloadattribute.Attributer
+	switch st.Version() {
+	case version.Capella:
+		withdrawals, err := st.ExpectedWithdrawals()
+		if err != nil {
+			log.WithError(err).Error("Could not get expected withdrawals to get payload attribute")
+			return false, emptyAttri, 0
+		}
+		attr, err = payloadattribute.New(&enginev1.PayloadAttributesV2{
+			Timestamp:             uint64(t.Unix()),
+			PrevRandao:            prevRando,
+			SuggestedFeeRecipient: feeRecipient.Bytes(),
+			Withdrawals:           withdrawals,
+		})
+		if err != nil {
+			log.WithError(err).Error("Could not get payload attribute")
+			return false, emptyAttri, 0
+		}
+	case version.Bellatrix:
+		attr, err = payloadattribute.New(&enginev1.PayloadAttributes{
+			Timestamp:             uint64(t.Unix()),
+			PrevRandao:            prevRando,
+			SuggestedFeeRecipient: feeRecipient.Bytes(),
+		})
+		if err != nil {
+			log.WithError(err).Error("Could not get payload attribute")
+			return false, emptyAttri, 0
+		}
+	default:
+		log.WithField("version", st.Version()).Error("Could not get payload attribute due to unknown state version")
+		return false, emptyAttri, 0
+	}
+
+	return true, attr, proposerID
+}
+
+// removeInvalidBlockAndState removes the invalid block and its corresponding state from the cache and DB.
+func (s *Service) removeInvalidBlockAndState(ctx context.Context, blkRoots [][32]byte) error {
+	for _, root := range blkRoots {
+		if err := s.cfg.StateGen.DeleteStateFromCaches(ctx, root); err != nil {
+			return err
+		}
+
+		// Delete block also deletes the state as well.
+		if err := s.cfg.BeaconDB.DeleteBlock(ctx, root); err != nil {
+			// TODO(10487): If a caller requests to delete a root that's justified and finalized. We should gracefully shutdown.
+			// This is an irreparable condition, it would me a justified or finalized block has become invalid.
+			return err
+		}
+	}
+	return nil
+}
--- a/beacon-chain/blockchain/execution_engine_test.go
+++ b/beacon-chain/blockchain/execution_engine_test.go
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .7.0
 .3.0
				`@@ -0,0 +1 @@`
				{"parent_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","fee_recipient":"0xabcf8e0d4e9587369b2301d0790347320302cc09","state_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","receipts_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","logs_bloom":"0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","prev_randao":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","block_number":"1","gas_limit":"1","gas_used":"1","timestamp":"1","extra_data":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","base_fee_per_gas":"14074904626401341155369551180448584754667373453244490859944217516317499064576","block_hash":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","transactions_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2","withdrawals_root":"0xcf8e0d4e9587369b2301d0790347320302cc0943d5a1884560367e8208d920f2"}