If we are adding a new device requirement then it doesn't have to reduce privacy any more than it currently is. The setup could be like this (and works only for SegWit transactions since their txid doesn't change with signature):
1. The user creates a transaction, computes its transaction ID, signs it and sends it to the TrustedCoin servers to sign.
2. The TrustedCoin server does what it already does (verify tx,...) without signing. Instead it sends the transaction ID to that secondary device of the user (an SMS for instance) to verify before it signs it.
3. The user sees and verifies the txid is the same and approves it.
4. The TrustedCoin server receives the approval and signs the transaction and sends it back/broadcast it to the network.

To prevent the "middleman" from knowing the transaction ID and linking it to the phone owner for example we can send something else instead of the txid itself. It could be HMACSHA256 of the transaction ID by first communicating a "key" between the server and the user and compute the hash like this:
Now the SMS contains a hash that can not be connected to user's tx without knowing that "hmac key" but the user can still verify it.

1. Electrum is one of the oldest implementations of bitcoin
2. It has multiple active contributors that are always working on the code to improve it
3. It has no serious bugs
4. It is 100% open source with no hidden shenanigans like some of the other "wallets"
5. It is very easy to use for anyone from beginners to more advanced users
6. It is easy to sync since it is a SPV client and it is fast to sync
7. It has always been quick to implement any new feature that comes to bitcoin (eg. multisigs, P2SH, SegWit, Lightning Network,...)
8. It is one of the first HD wallets that let users only backup a "phrase" instead of having to backup their wallet file every time they create a new address
9. It has a very easy to use cold storage setup by easily pairing the cold and hot wallets.
10. It supports all hardware wallets
11. Electrum builds are deterministic so they can be reproduced, so you can trust the binaries they release even if you don't compile the code yourself

The problem is that no matter what you do, the user ends up having to enter that passphrase or decrypt the wallet on their system. If that system is compromised then the malware has the same access as the user and unless they verify things on both sides (the system and the 2FA where the second signature is generated) that malware can still do its thing by interrupting the communication and letting the user think they are communicating with the second party while the malware is.

Mining (aka finding a hash lower than the difficulty target) is partially a chance based operation. You can find the hash in a second or it could take hours more than usual. So even with a fixed hashrate you can end up finding x number of blocks in different time frames, eg. 15 days to find first 2016 blocks and 13 days to find second 2016 blocks.

When the hashrate is so much less than the difficulty, it can take significantly longer. The minimum difficulty can't go below 1 and it is possible that in early weeks there were more miners compared to following weeks hence the 4, 10 days in the beginning followed by 20-30 days in the next periods. It is also possible that miner(s) (Satoshi et al) shut down their computer for some time, maybe to upgrade to new version, test some change, etc. hence increasing the time between blocks.

You should always look at the percentage of the price changes not their amount. $1000 rise at this point is about 5% rise which is the smallest rise that bitcoin usually has. It is equivalent of price going up $50 back in 2016 when price was near $1000.

It is because $20k is the highest record price that bitcoin has reached so far and it was the peak of the bubble by the end of 2017 so today it has turned into an arbitrary but strong resistance. Just like all the previous bubble ATHs that turned into resistances before they were broken.

I think you need to revisit the 2017 price charts because there is nothing similar between the $19k today and $19k of 2017. in case you have forgotten price went from about $8000 to close to $20000 in about 3 weeks which is one of the main reasons why it was a bubble.
In comparison this rise to nearly $20k has taken 3 months and that is after a very slow rise to $10k.
The feeling these days have are the same feeling as the end of 2016 when price was getting close to the ATH of that time.

According to coinmarketcap.com the total bitcoin trading volume over the past 24 hours was around $24 billion (BTC1.25 million). Granted most of is the fake volume that CMC reports and a lot of it is from altcoin trading but at least $10 billion of it is from actual bitcoin exchanges and is fiat volume.
I'd say a one time 140k bitcoin is a drop in this bucket and the only thing it could cause is a weak hand panic sell and nothing more. And that is not something we can predict. So far the market doesn't care.

1. You can't multiply strings, you perform arithmetic on numbers. So you have to first convert the string representation of the number to an integer then start the "math". In this case you should convert the hexadecimal string to a 256 bit integer using the big endian notation.

2. Same as #1, the private key is also a number with at most 256 bits. Again you convert the string representation (in this case usually base58 instead of base16 since that's the common encoding for WIFs) then use that in the multiplication code.

But that does NOT encrypt your mnemonic, it just extends it. Also considering the fact that PBKDF2 is a weak KDF and on top of that a very low iteration count (<10mil) is used, it is not really providing decent security.

The QR code size is not that big though.
Here is the last test vector of BIP39 with 24 words: https://i.imgur.com/eSdMuMA.jpg

You are wrong because the fiat currencies including US dollar being inflationary and losing their value more than usual these days is only one of the smaller factors that contributes to bitcoin price rise. The main factor is still the same as it has always been: adoption.
Institutional investors like others are also seeing this growth and want to join in at the early stages while the price still hasn't entered 7 figures.
After we reach mass adoption and bitcoin price reaches stability (which could take at least another decade) then the fiat inflation becomes the dominating factor for bitcoin price rise.

Correct. k is always usually big so you can't really add G by itself k times, that would take forever. But with these algorithms (like the one above) the number of operations is significantly reduced. For example you have 256 bits and if all were 1 you end up performing 256 point addition and 256 point double which isn't going to take that much compared to adding G to itself ~2²⁵⁶ times.

First of all no one knows how much bitcoin Satoshi really has, all these numbers are pure guesses that different people have made and are far off the mark.
Secondly if you read the links you can realize that it is not a single wallet or a single address (or even a handful of addresses) that contains that much which people could say "that is Satoshi's wallet". The 1 million balance is the total sum of tens of thousands of addresses that people guess belong to Satoshi containing block reward from early blocks.
Finally lots of coins from early days have already moved and are moving and will move in the future, none of them have ever affected bitcoin price apart from a handful of newbies panic selling.

Basically you add G by itself k times where k is the private key. But since that is not reasonable there are faster algorithms to perform this depending on the curve. A simple one would be "double and add" method where you convert k to its binary form and for each 1 you perform a point addition (add 2 points) then point double and for each 0 you perform a point doubling (adding to self).
https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication#Double-and-add
The point addition and point doubling is also explained in the above wikipedia link.

It is called double spending, which technically means spending the same transaction output in a different transaction. There are 3 forms of double spending:
1. The easiest one called Replace By Fee (RBF) only applied unconfirmed transactions that are also market by RBF (to put simply have lower than max sequence) and is usually used to bump the fee.

2. The harder one which again is applied to unconfirmed transactions but the tx is not market as RBF hence the nodes reject the new transaction they receive as a bad double spend and if the initial tx is propagated properly it is extremely hard to get the second on to propagate.

3. The impossible one which is applied to confirmed transactions which is impossible due to extremely high cost of it since it requires a 51% attack and controlling a huge amount of hashrate that costs a lot of money. It also gets harder with each block that is added on top of the block containing the transaction.

According to Standards for Efficient Cryptography the relationship between order of the generator point and co-factor and number of points on curve is as follows:
h=#E(F_q)/n
where h is the co-factor, #E(F_q) is the number of points on the curve E over F_q where q is an odd prime and n is the order of the base point G (the order of the sub-group generated by this point).
h for secp256k1 curve is equal to 1.

Every Elliptic Curve is an unlimited number of points that satisfy its equation. We select one of these points and use it as the generator point (we add this point to itself repeated times to generate all the other points) which will then limit the number of points on that curve to a finite group. The generator point for sek9256k1 curve can create a little less than 2²⁵⁶ points (known as the order of the curve or N) on its curve.

That is why I avoid calling them "wallets", they are simply accounts that people have with some centralized company and the moment they clicked "Accept" on their terms of service they gave up all their rights to freedom and their control.

I wonder how reliable the chart in OP is, because technically even if people were moving their funds out of exchanges we also have another reason why more people move to exchanges and that is the price rise. In that chart which shows most of 2019 the number was declining coincides with the biggest price swings that we had and ends with the biggest price rise  that took the price to the previous ATH ($20k). This situation has increased the volume on exchanges by a lot which translates into a lot more bitcoins being on exchanges.

There is nothing to "reverse engineer" about the generator point of an elliptic curve, they are just points that are located on the curve. On top of that the fact that private key to public key is an irreversible operation is not about the generator point G but about the fact that the math behind it is irreversible. In other words if you have a point P and know that P is k*G you have no way of finding k even though you have both P and G.

You an also put dog shit in a bag and use it as a medium of exchange and nobody can prevent you from doing so but also you can't force other people to use your "currency". However, if you create a market for the dog-shit-in-a-bag coin and pump and dump it some people will come and trade it for a while before it dies.

In the end only thing remains and that is the decentralized bitcoin that nobody owns or controls.