There have been discussions on validator privacy in p2p in general, but as far as I know not for gossipsub in particular. To start some thoughts on that topic:
The main difference between floodsub and gossipsub is that in floodsub messages spread uniformly through the network whereas for gossipsub they preferably take certain routes. Therefore, the main question from a privacy point of view is if this fact can be used to identify the source of a message. I think the answer is yes because one can probably find the routes by connecting to a lot of nodes and comparing arrival times of messages. Once you know the paths (and are able to connect to nodes on them) you can do a binary search on them to find the source of a message (or rather, a set of messages you know belong to the same validator). The difference to similar attacks on a uniform network is that searching a path is much more efficient.
Maybe one can prevent this by randomly delaying messages so that arrival times become less insightful. The attack also depends on the time it takes to setup these routes and their lifetime: If the setup takes a long time, validators who quickly jump between networks essentially don’t participate in gossipsub at all, but do plain floodsub. If the lifetime is shorter than the time it takes to identify the paths, the attack also doesn’t work.
I’d also be interested to see some numbers on the performance.