Things like CDN and DoS protection: you'll need to operate massive networks and machines distributed around the globe.
Until someone creates a well-thought decentralized CF alternative from the ground up, which solves bad actor, slow and unstable node problems, with clever incentives, et cetera et cetera, we'll be stuck with centralized solutions.
Decentralized solutions here don't really make sense. CFs entire value proposition is around being close enough to users you can shave something like 20ms off your latency.
P2P is a lot of things, but latency optimized is definitely not it. Things like DHT involve lots of hops, you also can't control the quality of nodes.
This is a unique case where it could make sense... if the value proposition is having a server in every region/city, then a decentralized solution could work. A blockchain is slow and problematic but if you could incentivize "seeders" to be the entire file, you could get that regionalization. It'd never work because you'd need to handle the routing, and you can't practically do that safely. I'd never open my domain to be hosted by a variety of 3rd parties.
The value proposition isn't just a server in every city, but a highly optimized reliable low latency server.
I understand why you thought of blockchain when i said p2p has bad latency. Blockchain of course has latency that is beyond terrible, but that is not what i was thinking of. I was thinking of bit torrent. Bit torrent is amazingly fast for a bulk download once it gets going, but is really slow to get going. Even just figuring out which nodes have your files is unacceptably slow for this usecase with the current distributed technologies (DHT). CDN is all about serving small static files with very low latency. P2P simply involves too many layers of indirection to work for that use case. I also don't see a way around it without centralizing things.
As far as security goes. Its actually not that bad and largely a solved problem using combinations of digital signatures and hashes. (Preventing DoS is a bit trickier although i think there are solutions for that albeit probably ones that prevent using geolocated nodes)
It is solvable, but any solution that spreads resources out across many different targets in the DHT is slow. Basically anything that was inspired by BitTorrent, but isn't BitTorrent itself does this, because they get overly excited by deduplication of data.