6. Coinbase then attempts to locate address 36. How does this work?
Everything is correct so far till step 6.
Bitcoins exist as unspent outputs (UTXOs) which exist on the blockchain.
So when you're sending bitcoin, you're actually transferring Ownership of a certain UTXO(s) to someone else. A person can only claim a UTXO if he satisfies (a) particular condition (s)
When a bitcoin transaction is made, the scriptPubkey specifies the condition to redeem the output of that transaction.
If you're paying to an address, the output of that transaction specifies the recipient and the condition for claiming that transaction, namely providing the public key of the address (addresses are hashes of public keys), and signing the transaction (signature).
So when Coinbase sends you 1BTC, it's transferring possession of the UTXO (s) that make up 1 BTC to your address (actually to the private key of that address, since it's only the person with the private key of that address that can spend it)
9. Does it then publicize my received address?
No, it doesn't need to.
Coinbase already specified the address in the transaction.
You do not need to be online to receive it. Same with a bank transfer, you do not need to be online to receive money in your bank account. It's always there for you as long as you can prove you're the owner of the account. So a UTXO is always yours as long as you can prove you're the owner.
10. How does it get in touch with Coinbase?
Answered above.
11. Somewhere along the line Coinbase builds a transaction that says here is one Bitcoin for address 36
Exactly, years.
That's what happens when a transaction is made.
When A sends Bitcoins to B, in the transaction A makes it says: Give x amount of bitcoin to B, iff B provides the public key for this address (an address is a hash of a public key and it is impossible to get a public key from an address if the address hasn't made any transactions because it reveals the public key) and B must sign a transaction from that address (to sign a transaction you need the private key, and you can generate a public key from a private key easily)
12. What next?
The full process is this:
Coinbase sends x BTC to you, specifying that for you to spend it you must provide the public key for that address, and must sign a transaction too.
You and you alone in possession of the private key can do that because it is impossible to 1)get a public key from an address, and 2), get a private key from a public key (you reveal your public key whenever you make a transaction to prove the first requirement)
So for you to spend that transaction you must 1) provide your public key, and 2) sign the transaction claiming the UTXO (bitcoin)
It is validated and compared and if they match then you have spent that UTXO.
The next transaction you make does the same thing: it references the UTXO Coinbase sent you (this is your input for the transaction) and also specifies requirement for the recipient to fulfill before s/he can spend the bitcoin you sent.
The process is for P2PWKH (sending to an address). P2SH is slightly different.
While we are at it:
What keeps computer Joe from monitoring this all and claiming that he has address 36 and should get that bitcoin.
Like I said above you have to prove you control the address by having the private key.
Whoever has the private key can spend the funds -- bitcoin doesn't know or care if you're the "real" owner or not.
There's no "ownership" in bitcoin, just possession.
