This simple idea is obviously not new but no one tries to implement it. It is because the "COLD" cannot calculate the transaction fee without first knowing the full details of the inputs. You will need lots of qr codes to do this.
If you omit this, a malicious or buggy "HOT" could trick the "COLD" to pay a huge amount of transaction fee.
Learn more:
https://github.com/bitcoin/bips/blob/master/bip-0010.mediawiki1. Modern operating systems on mobile phones like iOS and Android run apps in sandboxes. One app can hardly become malicious if the user has not rooted or jailbroke his device.
2. The hacker who do his best effort to get control over HOT can not benefit directly from his work. He can only give the miners more bitcoins but leave no extra income for himself.
If a sandbox is so safe you don't even need a cold wallet.
How about a bug in the HOT?
And in your protocol you say "transaction fee" will be part of the QR code. You should realize that's completely pointless if you understand the bitcoin protocol. You make the users feel like they could endorse the amount tx fee while they actually couldn't. That's very misleading.
This defeats the purpose of using cold wallet. Please do not develop snake oil bitcoin wallet which people will put their real money in.
Unfortunately Satoshi did not consider this and we can't fix this without a fork. This has been discussed before:
https://bitcointalk.org/index.php?topic=181734.0