1.How does the poster verify a solution?
2.If verification involves looking at the code, what's stopping the poster from just copying the code?
An unscrupulous bounty creator could indeed steal a working solution and post it as their own. However, any attempt would be quite obvious, as there is a "Timeline" for each Bounty that shows every revision of every solution in the order it was created. In practice, there have been no disputes or stolen solutions on the site thus far.
Hope that answered your questions!