The proliferation of massive IoT networks has created an environment where distributed AI can be achieved. At the same time, it introduces serious privacy and security challenges. Federated learning (FL) allows training local models on IoT devices and aggregating them without sharing data, but still suffers from problems such as gradient inference attack, Byzantine model poisoning attack and the failure in single point of failure centralized aggregation point. In this paper, we propose QFL-BC, a framework combining Quantum Key Distribution (QKD) and a permissioned blockchain to holistically tackle the problem. Using the BB84 protocol with decoy states, QKD generates a One-Time Pad key to encrypt the model update and achieve information-theoretic security with provable security against a quantum attacker. The central aggregator is replaced by the permissioned blockchain with a smart contract, which ensures an immutable audit trail and distributes the orchestration of FL training decent rally, as well as imposes a penalty on malicious participants by automatic reputation score maintenance. The experiments with MNIST and CIFAR-10 on 100 IoT clients under Non-IID conditions show QFL-BC obtains an accuracy of 96.8% against 41.5% for classic FL under 10% poisoning attack (133% relative improvement). We have tested its robustness across adversary percentages of 10%-40% with accuracy above 87.3% and measured scalability up to 500 clients, showing good degradation, communications overhead of 5.84 MB per round, which is only 12.3% higher than the classic FL and analysed latency and energy to evaluate its feasibility on resource-constrained IoT devices.