How secure are they? How do they keep the keys private while still being able to verify them?
Bitcoins still go into accounts which are identified by private keys. One of the problems with Bitcoins is that there is literally no other information to identify an account’s owner other than its key-- which means if someone gets a copy of your key, nothing prevents that person from transferring all your Bitcoins out of your account. Since transactions are irreversible (short of issuing a new transaction in the opposite direction) you have no resource if/when this happens to you.
Compounding that problem is that a lot of Bitcoin services online that, by necessity, need to know your account’s private key have not put a priority on security. So, definitely be very, very careful when handling Bitcoins.
Bitcoin is an abstract money system. Basically, there’s a transactional structure that’s been defined based on certain properties of math that are very hard to fake. The whole thing is supported by a sort of democratic system of all the computers that are on the bitcoin network. If a majority of them agree on something, then that something is the way it is.
It’s based on public/private key cryptography, which is a branch of math and information theory that relies on the fact that there are certain math problems that are easy to do in one direction, but very hard to do in the other. Thus, you can make claims like “Bob is giving $10 to Henry”, and anyone can verify that Bob did indeed make that message, but no one except Bob can make such a message (particularly not Henry, which would make for a poor money system).
Within the network, there are a few things that have been defined.
-
You can transfer some bitcoins from one wallet to another. In order to do so, you have to have the private key of the originating wallet (that’s the thing you absolutely have to keep secret) to generate the transaction and the outgoing address, and an address for the destination wallet. Each wallet can have a large number of addresses that point to it, so you don’t have to reuse them.
-
You can “mine” bitcoins. This essentially means that you have discovered them, and they are now yours. Again, the math for this is complicated, but basically you can prove that you figured out a math problem before other people, and everyone involved in bitcoin agreed that certain problems are worth some bitcoins.
The whole transactional history is public, which is how you can figure out who has what. Individual bitcoins aren’t identifiable, but the flow of them is. You can look through the history and see that wallet A generated a bitcoin by mining, then sent it to wallet B, which sent half a bitcoin to wallet C, and so on. All the way down to the present. You add all those up and you can see that wallet SSYYXXXZ has 2.2352 bitcoins.
There’s some amount of anonymity built into the fact that a person can have any number of wallets (they’re just files associated with private keys), and a wallet can have a very large number of addresses. But, at the same time, all the transactions are public, which means that statistical analysis can de-anonymize it to some extent.
The wallets are as secure as your computer or storage is. If someone hacks into it, they can take your wallet file with secret key. You can take steps to secure it by, say, encrypting it, or splitting the bitcoins into several different wallets and keeping most of them on disks in a safety deposit box, etc.