My pool's website, dogehouse.org, currently has a warning up against using Cryptsy:
Cryptsy broke their promise of resolving deposits/withdrawals again - so we are again warning you - stop using them until they fix their issues!
Also, I have a wallet set up with the Dogecoin app -- do I need to have it running whenever I expect to receive a dogecoin transfer from the pool? Does encrypting the wallet have any effect on receiving transactions? I encrypted it after receiving the first transaction. I'm also uncertain where the dogecoins are stored locally on my PC, and how.
Yeah, sorry, I put up an edit about Cryptsy. There are other exchanges out there though.
No, you don't have to have the app running to receive your Doge.
The way it works is, they are never really "stored" on your computer, or anywhere. They are only shown to be under your address on the public ledger. So at this moment, the public ledger shows 927.69 Doge have been attributed to your address. These were sent from another address (belonging to the pool), but coins can also be mined directly, and these coins show up somewhat differently in the ledger.
But your address is just the public key to a private key/public key encryption system. The private key is what is kept secret in your wallet. It is just a string of numbers and letters, much like what your public address looks like. It is not even very long. This private key is what is encrypted.
The private key "unlocks" the public key. It is kind of complicated to explain, but I'll give it a go.
It is easy to figure out the public key from the private key, but almost impossible to figure out the private key from the public key. This is why it is no problem to give out your public key. Somebody would have to work for millions of years to be able to figure out your private key based on your public key -- all by trial and error.
But since you have access to the private key, you can generate messages that are "signed" with it -- that have its unique signature in the messages. These messages can be verified, using your public key, as coming from you. (This is how pretty much all forms of computer encryption work, from SSL in your browser to PGP for emails.) The way that this all works is based on some complicated mathematics that I'm not sure I ever really understood, and if I did then I forgot it years ago. I think it has to do with large prime numbers being multiplied together.
So, anyway. You can sign messages using your private key. This is built in to the QT client for most coins; click on the "Receive" tab, then choose an incoming address, then "Sign Message" down at the bottom. You can paste a message into the "Message" part, and then click "Sign Message", and it will create a hash of that message (signature) that verifies that this message comes from the wallet with this address. It has been signed with your private key, and it can be verified against your public key, so people can confirm that it came from your address.
Now, a transaction is just a special message, signed with your private key, that can be verified against your public key, that says "I'm sending 200.00 Doge from my account D315jsfaj902 to account D9safj3iL", and this message is sent out to all of the Dogecoin nodes that your wallet is connected to. This message propagates across the Dogecoin network, and soon enough it will be added into a Block by a miner.
Once that happens, the transaction is recorded permanently. It takes some time to be "verified" (confirmed after a certain number of blocks). At this point, it is permanently in the Dogecoin public ledger, and everybody can see it forever. The ledger is like a bank that keeps everybody's account balances out in the open, along with every transaction that ever occurred. Everybody can see that your account started with 927.69 Doge, and now it has 200.00 less, so now your account has 727.69 Doge. Every node in the Dogecoin network knows this equally; including your wallet. However, your wallet is the only node that has your private key.
So now you can see why there are the warnings about storing your coins on "online wallets" -- the private keys for those wallets are stored on the servers for those services. They can much more easily be stolen from some web server than from your own computer (assuming you don't leave your computer lying around in public places).