I haven't experimented with this in the standard QCPlugin API, but I recently endeavored to setup "GFPlugin" / QCPatch / SkankySDK plugins so that they can't restore in the QC Editor...
...and it works. The plugins can also validate against a license file, or do "other stuff", but I haven't needed to take it any further. It did wind up taking a couple of extra steps from what I would have expected it to take to block QuartzComposer from loading the patch.
This is pretty handy for making a custom patch for your app that you don't necessarily want users to be able to work with in QuartzComposer, but that you want your own Application to be able to take advantage of.
If you make sure that the plugin has buried stuff in it's executable, the level of obsfucation makes it fairly difficult for prying hands to take advantage of. For example, if your plugin mainly uses shaders for it's function, you'll want to have the shader in your .m file instead of as separate vertex and fragment programs that get placed in the resources of your plugin, since someone can casually grab those. If you load the shaders as strings, someone will need to go into the actual executable of the plugin to retrieve them. If you want an extra step of protection, hash the strings, and it becomes even more of a hard time to deal with.
If your plugin has no kind of major resource or large strings that betrays it's function through simple cut&paste - and most don't - you don't even really have to worry about that.
If anyone finds that they need this function, feel free to contact me.