"IN THE MEANTIME, PLEASE DO NOT MAKE DEPOSITS TO PREVIOUSLY ISSUED BITCOIN DEPOSIT ADDRESSES. THEY CANNOT BE HONORED!"
Shouldn't deposits go directly to cold storage addresses for exactly this reason, and in case someone makes a large deposit that exceeds their desired hot/cold wallet ratio?
Each user needs their own deposit address, for bookkeeping. If the cold storage is really offline, you'd have to manually create a new address for each new user.
"Hierarchical deterministic wallets" (BIP0032) support parallel generation of public and private keys on different systems.
The bookkeeping system can generate an unlimited number of addresses from the public "seed" that corresponds to the private keys that will eventually be generated using the private key seed stored in the cold wallet.
However, I didn't consider that the hot wallet needs to be replenished as people withdrawal, which would require a steady flow of bitcoins from cold to hot storage. I think it would make sense to have a "warm" wallet for all deposits, then immediately send deposits to hot or cold wallets depending on withdrawal demand.
This sort of bad PR for Bitcoin and crypto in general could all be avoided if decentralized exchanges became a bit more fashionable.
I posted a link to http://bitshares.org earlier but now realise that there isn't that much information immediately obvious there on how the decentralised BitShares exchange works.
This episode from BitShares.tv provides a bit more information than the homepage on the main website:
Shouldn't deposits go directly to cold storage addresses for exactly this reason, and in case someone makes a large deposit that exceeds their desired hot/cold wallet ratio?