Question no 1: What do you guys gonna do about polymorphic malware? Considering the core of MalwareChain concept (as I have understood it from WP) is about storing hashes of suspicious files on blockchain. I mean, any teenager or noob can and likely will take that extra step if writing malware (dead simple example - picture Windows EXE that updates own resources using Win32 API - so easy to write, and the EXE/DLL can change it's own hash every launch or every minute or whatever). And that's where heuristics have to kick in, system call analysis etc., so I'd be interested in how's that going to be addressed in your project ...

Question no 2: How would you prevent bad actor (eg. me) from running several Discovery nodes, and submitting false matches to your antivirus database, eg. hashes of wallets of competitor's coins or even your own wallet/client, some common Windows DLL etc.? How are the inputs going to be validated, if the DB is supposed to be updated real-time, according to your WP.

No trolling just genuine interest, that's some of the questions I would ask myself if building such a system.