I suppose then that the root certificate private key should be destroyed immediately after creating a sufficient number of intermediate certificates. The system treats the root certificate as it treats the blockchain. Each is widely replicated and tamper-evident by way of comparing the local copy with what all the other peers have. This notion is resistant to byzantine faults up to 50% invalid peers.
It won't help - the corruption (or cheating) is not possible to stop with any system (that is why Bitcoin is what it is).
Basically you'd need another Bitcoin blockchain to stop any fault with your CA system which means you are back at square one.