Thanks everyone for the answers.
You're welcome.
Ok, the wallet contains private keys to spend coins. But that must mean that each wallet has a different key, right?
Actually, a wallet is a collection of one
or more private keys. Each wallet has a different
set of private keys.
Does that mean that each individual wallet must have a different blockchain address?
Yes. Or more specifically, a wallet has one
or more addresses (each private key has exactly one bitcoin address). Each wallet therefore has a different
set of addresses.
In other words, if I send 1 BTC from wallet A to wallet B, what I actually did was sending 1 BTC from blockchain address A to blockchain address B?
At a basic user level, this is a pretty good way to think of it. The technical details are a bit more complex than that.
And the wallets just store the keys to controlling the addresses?
Correct. The wallet has the private keys that allow you to create digital signatures that can be verified with a matching public key. The signatures prove that you have the authorization to re-assign that value.
What do you mean about "bitcoin addresses generated from the private keys"? How exactly does a "private key" (btw what is a private key in the first place) generates a "bitcoin address"?
You are asking about some VERY COMPLEX mathematics. You either need to learn a lot of maths, or you need to be willing to except that the following process has been worked out by expert mathematicians and that it works.
A private key is a VERY BIG number. A number so big and random that nobody can ever guess it. From that number using the ECDSA (Elliptic Curve Digital Signature Algorithm) a public key can be generated. The public key can be safely given out to anybody, and they won't be able to calculate what the private key was that was used to generate it. Any data (such as a bitcoin transaction for example) can be converted into a numeric representation. Using the private key and the numeric representation of the data, it is possible to calculate another number (a digital signature of that data). Using the public key, it is possible for anyone to validate that the matching private key was used to generate the signature, even though the private key isn't know. If any of the data changes (even a single bit), then the digital signature will no longer match, and everyone will know that the data presented was not the data that was signed. Therefore, it is possible to create and then sign a transaction, and nobody can modify the transaction on you without re-signing the transaction with the private key. As long as you are the only person that knows the private key, you are the only person that can create valid verifiably signed transactions.
A bitcoin address is a public key that has been converted (through a function called a hash) to a numeric representation. This number is then represented in base58 resulting in a sequence of letters and numbers. As such, any private key can generate a single matching public key (through ECDSA) and then that public key converts to a single bitcoin address (through hashing and bas358).
And I´m assuming that means that for every different private key there is a unique BTC address,
Correct.
which means that for each wallet there is at least one unique BTC address, right?
Correct. Each wallet has a collection of one or more private keys, and therefore has one or more bitcoin addresses.
So far, I understand that the only thing thieves shouldn´t be able to steal are my "keys", but how can I be sure about that?
It is your responsibility to protect your private keys from theft. Just like it is your responsibility to protect the physical cash in your physical wallet from theft.
Isn´t there always a possibility of some keylogger spying what I´m doing?
If you are using a computer that has malware (such as a keylogger on it), then it is absolutely possible for the private keys (and therefore the bitcoins) to be stolen. This is why the people who are working with significant amounts of bitcoins will generally use a computer that is not connected to the internet at all. They will disconnect the internet, completely wipe the hard drive, install a fresh copy of a trusted clean operating system, and use this to generate and store their private keys.
Ops, I guess this answers at least one of my questions, so each wallet does control a unique address in the blockchain, right?
Correct. Each wallet controls a set of one or more unique addresses.
So does that mean that a "paper" wallet is a wallet which key is not stored on any computer, and that key is associated with an address on the blockchain?
Correct. The private key (and frequently the associated bitcoin address) is printed on the paper for safe keeping. The private key is then wiped from any and all computer systems so that it is impossible for any hacker to access the private key.
But at least before you note the key down or print, it will have to be shown on the computer, so does that mean keyloggers can still steal it?
If you are using a computer that has malware (such as a keylogger on it), then it is absolutely possible for the private keys (and therefore the bitcoins) to be stolen. This is why the people who are working with significant amounts of bitcoins will generally use a computer that is not connected to the internet at all. They will disconnect the internet, completely wipe the hard drive, install a fresh copy of a trusted clean operating system, and use this to generate and store their private keys.
How can I be 100% sure it will not be stolen, even during the small amount of time I take to put the key on a piece of paper?
There is no such thing as 100% sure in this world. You can get close if you use a computer that is not connected to the internet, has never been connected to the internet, and never will be connected to the internet. Then wipe all traces of the private key from the hard drive when you are done. Even then though, it is possible that sombody might have a spy camera watching what you are doing and they can see the paper, or somebody might find where you've hidden the paper.
Yes, but aren´t there cases of BTC stolen from offline wallets too?
Yes.
How can that happen
If the user allowed malware (or any other method) to leak their private keys to someone else, then the bitcoins can be stolen since the person that has the private keys can create transactions and sign them.
and how that can be prevented with certainty?
Protect your private keys.
And more questions: What prevents the total number of BTC to be higher than 21 million?
Consensus.
The entire bitcoin system runs on consensus. The protocol that every peer is running would refuse to recognize any transaction that creates more than the appropriate amount of bitcoins. If you could convince enough users to run a different protocol that allows extra bitcoins, then you would have two separate consensus systems, one that recognizes the additional "bitcoins" and one that refuses to recognize them. This would essentially be another "altcoin". The creators and users of this system might try to call thier system "bitcoin", and this might cause confusion between users of the "old bitcoin" and users of the "new bitcoin", but the two systems would be incompatible with each other. They would essentially be two distinct crypto-currencies that are fighting over the same name.
If you could convince EVERYBODY to use software that runs the new protocol that allows additional bitcoins, then bitcoin would allow additional bitcoins. Fortunately that would be impossible, because I can already tell you with certainty that I will not run such a new protocol. I'm pretty sure you can find many others that would do the same as me. As such, while it might be "technically possible" to modify the protocol to allow additional bitcoins, it isn't "realistically possible" since you can't convince EVERY SINGLE BITCOIN USER IN THE ENTIRE WORLD to run a protocol that is modified in that way.
And what prevents anyone from creating bitcoin?
The protocol defines the acceptable way to put new bitcoin value into circulation. Any other attempt will be rejected by all peers.
And another question: What if Satoshi Nakamoto or whoever made BTC actually, secretly has the control of BTC and can e.g. change the software or take control of certain amounts of BTC? How can anyone be sure no one has control of BTC? Is BTC a software that was designed to be impossible to control? Including by the creators?
The software is open source. All computer programmers in the world have access to the program so that they can see exactly how it works. They can compile that program and verify that the resulting executable is exactly the same as the one that is provided for download. As such, it is impossible to "hide" anything about how bitcoin works.
If it was possible for someone to "take control of certain amounts of BTC", then some programmer somewhere would point that out and other programmers would verify what was being said. Then nobody would have ever decided to use such a system since it couldn't be trusted.
Thanks for the answers.
You're welcome.