Docs - Bitok

Technical Overview

Bitok is based on Bitcoin v0.3.19 (the last release by Satoshi) and finishes what was left undone: native privacy, full script opcodes, CPU mining, free transactions for real users. Security fixes and modern build compatibility included.

Privacy: OK Addresses

Native stealth addresses. Every payment creates a unique one-time address via ECDH. Nobody watching the chain can link payments to you. ok-prefix, built into the protocol -- not a layer-2 addon.

Script Engine

Every opcode Satoshi wrote -- OP_CAT, OP_MUL, OP_AND, OP_SUBSTR -- runs with strict execution limits. 10KB max, 201 opcodes, 1000 stack depth.

Free Transactions

Priority = sum(value * confirmations) / size. Coins held ~1 day qualify for free relay. First 27KB per block reserved for priority transactions.

CPU Mining

BitokPoW (modified YesPower): ~128KB memory per hash. Sequential initialization, random access, SIMD-optimized. GPUs get minimal advantage.

Pool Support (BIP 22)

getblocktemplate, submitblock, getwork. Full mining pool integration.

Specifications

Algorithm	BitokPoW (Yespower N=2048, r=32 key="BitokPow")
Block time	10 minutes
Block reward	50 BITOK
Halving	every 210,000 blocks
Max supply	21,000,000
Diff adjust	every 2016 blocks
Maturity	100 blocks
P2P port	18333
RPC port	8332

What's Different

Native privacy: OK addresses

Stealth addresses built into the protocol. Sender derives a one-time address via ECDH using your published ok-address. Every payment lands at a unique address. On-chain unlinkability, no layer-2 required.

All opcodes enabled

OP_CAT, OP_MUL, OP_AND, OP_SUBSTR, OP_CHECKMULTISIG -- everything Satoshi wrote runs inside a bounded VM with strict limits.

Free transactions

Coins held ~1 day move at no cost. Satoshi's priority system, as designed.

CPU mining

BitokPoW is memory-hard (~128KB/hash). GPUs don't gain much. Anyone with a laptop can mine. Important: Bitok has bnProofOfWorkLimit(~uint256(0) >> 17).

Quick Start

./bitokd # start node ./bitokd -gen # start node and mine ./bitokd getinfo # check status ./bitokd stop # stop ./bitok # launch GUI wallet

Genesis Block

Hash: 0x0290400ea28d3fe79d102ca6b7cd11cee5eba9f17f2046c303d92f65d6ed2617 Message: "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" nBits: 0x1effffff nNonce: 37137

Data Directories

Windows	%APPDATA%\Bitok\
Linux	~/.bitokd/
macOS	~/Library/Application Support/Bitok/

Security

Checkpoints added as the chain grows. Time warp protection active. Value overflow protection, DoS limits, anchor connections, network group diversity.

Back up your wallet.dat. If you lose it, the coins are gone. There is no recovery.

DNS seeds:

seed1.bitokd.run seed2.bitokd.run seed3.bitokd.run

License

MIT. Same as original Bitcoin.

-- Tom Elvis Jedusor

Full Documentation (GitHub)

PRIVACY.md	Native stealth addresses (OK addresses): ECDH protocol, scanning, change keys
SCRIPT_EXEC.md	Script execution rules, limits, separated evaluation
FEES.md	Priority-based fee policy
SECURITY_FIXES.md	Security hardening details
RPC_API.md	Complete JSON-RPC reference
BITOKPOW.md	Yespower algorithm details
RAW_TRANSACTIONS.md	Multisig and signing workflows
SCRIPT_DEV.md	Script development guide
POOL_INTEGRATION.md	Mining pool integration guide
BUILD_UNIX.md	Linux/Unix build instructions
BUILD_MACOS.md	macOS build instructions
BUILD_WINDOWS.md	Windows build instructions

Privacy: OK Addresses (Stealth Addresses)

Native protocol-level privacy. Every payment to an ok-address creates a unique one-time on-chain address. Nobody watching the blockchain can link payments to you -- even if your OK address is public.

This is not a layer-2. Not a proposal. Implemented in the Bitok core, today.

How It Works

Sender side

ephemeral_secret = random_scalar() ephemeral_pubkey = G * ephemeral_secret # ECDH: shared secret from receiver's scan key shared_point = scan_pubkey * ephemeral_secret hash = SHA256d(point.x || point.y) # One-time destination dest_pubkey = spend_pubkey + G * hash # Embed 33-byte ephemeral key in OP_RETURN tx.add_output(OP_RETURN, ephemeral_pubkey)

Receiver scans

# For each OP_RETURN in each block: shared_point = ephemeral_pubkey * scan_privkey hash = SHA256d(point.x || point.y) expected_addr = pubkey_to_addr(spend_pubkey + G*hash) # Match? Payment is ours. spend_privkey = spend_privkey + hash

Address Format

Prefix	ok (version 0x01, Base58Check)
Scan pubkey	33 bytes (compressed secp256k1)
Spend pubkey	33 bytes (compressed secp256k1)
Total length	~95 characters
TX overhead	34-byte OP_RETURN output

Key roles

Scan key -- detects incoming payments. Can be shared with a watch-only service (no spending ability).

Spend key -- derives the private key for each payment. Never leaves your wallet.

Change privacy

Change outputs also use stealth addresses. Change keys are derived deterministically from your spend secret -- recoverable from a single backup.

Privacy Properties

Receiver unlinkability -- all payments to one OK address appear as unrelated on-chain addresses. An observer cannot connect them.

No address reuse -- every payment lands at a unique address. Structurally impossible to reuse.

Sender privacy -- ephemeral key is fresh per transaction. Reveals nothing about sender.

Watch-only scanning -- give scan key to a service to detect payments without spending ability.

Network-level: your node IP is visible to peers when broadcasting. On-chain only. Dandelion++ planned.

Regular vs. OK Address

Address reuse	visible / impossible
Payment linkable	yes / no
Publish publicly	risky / safe
TX overhead	none / 34 bytes
Full node needed	no / yes (to scan)

RPC Commands

getnewstealthaddress [label]	generate new OK address, stored in wallet
liststealthaddresses [show_secrets]	list all OK addresses, optionally show keys
sendtoaddress "ok..." amount	auto-detects OK address, performs full ECDH + OP_RETURN
decodestealthaddress "ok..."	show scan/spend pubkeys from address
dumpprivkey "ok..."	export stealth secret for backup
importprivkey "secret" [label]	import stealth secret + full rescan
scanstealthchangekeys "scan_hex"	recover change keys after wallet restore

Quick Usage

# Generate your OK address ./bitokd getnewstealthaddress "donations" # Send to someone's OK address (wallet handles ECDH automatically) ./bitokd sendtoaddress "okAbCdEfGh..." 5.0 # List your stealth addresses ./bitokd liststealthaddresses # Backup a stealth address private key ./bitokd dumpprivkey "okAbCdEfGh..." # Restore from backup (triggers full rescan) ./bitokd importprivkey "stealthsecret..." "my-wallet" # After restoring: recover change outputs ./bitokd scanstealthchangekeys "scan_secret_hex"

Solo Mining

GUI Wallet

Settings > Generate Coins. That's it.

Command Line

./bitokd -gen # all cores ./bitokd -gen -genproclimit=4 # 4 cores ./bitokd -gen -daemon # background

RPC Control

./bitokd setgenerate true 4 # enable, 4 threads ./bitokd setgenerate false # disable ./bitokd getmininginfo # status

cpuminer-opt (Better Performance)

Install

sudo apt-get install build-essential automake libssl-dev \ libcurl4-openssl-dev libjansson-dev libgmp-dev zlib1g-dev git git clone https://github.com/JayDDee/cpuminer-opt.git cd cpuminer-opt ./autogen.sh CFLAGS="-O3 -march=native" ./configure --with-curl make -j$(nproc)

bitok.conf

server=1 rpcuser=miner rpcpassword=YourSecurePasswordHere rpcport=8332 rpcallowip=127.0.0.1 gen=0

Run

./cpuminer -a yespower \ -o http://127.0.0.1:8332 \ -u miner -p YourSecurePasswordHere \ --param-n=2048 --param-r=32 \ --param-key="BitokPoW" -t 4

Yespower Parameters

version = YESPOWER_1_0 N = 2048 # ~128KB memory r = 32 pers = "BitokPoW" bnProofOfWorkLimit(~uint256(0) >> 17)

Sequential memory init + random access + SIMD (SSE2/AVX/AVX2/AVX512 auto-detected). GPUs: high bandwidth but poor random-access latency. 250-350W for ~2-3x improvement over a 50-100W CPU.

Script Engine

August 2010: Bitcoin Core disabled most scripting opcodes. Bitok keeps every opcode in a bounded VM.

Execution Limits

Max script size	10,000 bytes
Max stack depth	1,000 items
Max element size	520 bytes
Max opcodes/script	201
Max sigops/block	20,000
Max multisig keys	20

Enabled Opcodes

OP_CAT -- concatenation, covenant patterns

OP_MUL OP_DIV OP_MOD OP_LSHIFT OP_RSHIFT -- arithmetic

OP_AND OP_OR OP_XOR OP_INVERT -- bitwise logic

OP_SUBSTR OP_LEFT OP_RIGHT -- string manipulation

OP_CHECKMULTISIG -- bare m-of-n, standard relay

OP_RETURN -- provably unspendable (bug fixed)

Security Hardening

Strict DER + low-S signatures. Separated evaluation (scriptSig can't manipulate scriptPubKey). Minimal push encoding. SIGHASH_SINGLE fix. CHECKMULTISIG NULLDUMMY enforced. Any well-formed script up to 10KB is standard and relayable.

RPC API

JSON-RPC 1.0 over HTTP POST. Port 8332, localhost only, HTTP Basic Auth.

Blockchain

getinfo	node status, balance, connections
getblockcount	chain height
getblockhash <n>	hash at height
getblock <hash>	block details
getblockheader <hash>	header only
getbestblockhash	tip hash
getdifficulty	current difficulty

Wallet

getbalance	total balance
getnewaddress [label]	new receive address
sendtoaddress <addr> <amt>	send (auto-handles OK addresses)
listtransactions [n]	recent wallet txs
listunspent	UTXOs
dumpprivkey <addr>	export key or stealth secret
importprivkey <wif>	import key or stealth secret + rescan

Stealth / OK Addresses

getnewstealthaddress [label]	generate ok-address
liststealthaddresses [true]	list OK addresses
decodestealthaddress <ok>	show scan/spend pubkeys
scanstealthchangekeys <hex>	recover change keys after restore

Network

getconnectioncount	peer count
getpeerinfo	connected peers
addnode <ip> add\|remove	manage peers
stop	graceful shutdown

Transactions

gettransaction <txid>	wallet tx details
getrawtransaction <txid> [1]	raw hex or JSON
createrawtransaction	build unsigned tx
signrawtransaction <hex>	sign with wallet keys
sendrawtransaction <hex>	broadcast to network
decodescript <hex>	analyze script

Mining

setgenerate <bool> [n]	enable/disable mining
getgenerate	mining status
getmininginfo	hashrate, difficulty
getblocktemplate	BIP 22 template
submitblock <hex>	submit mined block
getwork	legacy mining

Python Example

import requests, json rpc_url = 'http://127.0.0.1:8332/' auth = ('yourusername', 'yourpassword') def rpc(method, params=[]): r = requests.post(rpc_url, auth=auth, headers={'content-type': 'application/json'}, data=json.dumps({'jsonrpc':'1.0','id':1,'method':method,'params':params})) return r.json()['result'] info = rpc('getinfo') print(f"Balance: {info['balance']} BITOK") print(f"Blocks: {info['blocks']}")

Full reference: RPC_API.md

Script Developer Guide

Complete reference for writing, testing, and deploying custom script contracts on Bitok. Script execution activated at block 18,000.

Bitok HAS

All original opcodes enabled -- OP_CAT, OP_MUL, OP_DIV, OP_AND, OP_OR, OP_LSHIFT, OP_SUBSTR, OP_INVERT, OP_XOR, OP_MOD, OP_RSHIFT, OP_LEFT, OP_RIGHT, OP_2MUL, OP_2DIV

Bounded execution with deterministic limits

Separated evaluation -- scriptSig is push-only, scriptPubKey runs all logic

nLockTime (block height or Unix timestamp gating)

All six sighash types: ALL, NONE, SINGLE + ANYONECANPAY variants

Permissive standardness -- any parseable script relayed post-activation

Full raw transaction RPC toolkit (buildscript, validatescript, verifyscriptpair)

Bitok does NOT Have

No P2SH (no BIP16, no redeemScript, no script-hash addresses)

No SegWit (no witness data, no bech32)

No OP_CHECKLOCKTIMEVERIFY -- use nLockTime on the transaction itself

No OP_CHECKSEQUENCEVERIFY (no relative timelocks)

No Taproot, no Schnorr signatures

No post-2010 Bitcoin soft forks

What you write in scriptPubKey is executed directly -- no P2SH wrapping, no witness program.

Evaluation Model

Separated evaluation (post block 18,000):

1. scriptSig executes first # push-only; produces the data stack 2. scriptPubKey executes second # uses stack from step 1; contains all logic 3. Verify: stack non-empty, top element truthy

scriptSig can only push data. OP_DUP, OP_ADD etc. in scriptSig = fail. All logic goes in scriptPubKey.

False: empty byte vector, all-zero bytes, or negative-zero (0x80 suffix). Everything else is true.

Execution Limits

Script size	10,000 bytes
Stack + altstack	1,000 elements combined
Element size	520 bytes
Opcodes/script	201 non-push
Numeric operand	4 bytes max
Shift amount	0-31 only
Multisig keys	20 max
Sigops/block	20,000
Dust threshold	0.01 BITOK
Fee per KB	0.01 BITOK

Number Encoding

Little-endian signed magnitude. High bit of the last byte is the sign bit. Maximum 4 bytes. Minimal encoding enforced.

0 OP_0 (empty) 1-16 OP_1 .. OP_16 -1 OP_1NEGATE 17 0x11 1 byte 127 0x7f 1 byte 128 0x8000 2 bytes (sign bit conflict) -5 0x85 1 byte -128 0x8080 2 bytes 2147483647 0xffffff7f max -2147483647 0xffffffff min

RPC Toolkit

buildscript '["OP_ADD","OP_5","OP_EQUAL"]'	assemble script from opcode names + hex data -- returns hex, asm, type, withinLimits
validatescript <hex> '["03","02"]'	sandbox test: load stack (first=bottom, last=top), run scriptPubKey, check result
verifyscriptpair <tx_hex> <idx> <spk_hex>	full consensus verify with real tx context -- the only way to test OP_CHECKSIG
analyzescript <hex>	deep static analysis: opcodes by category, sigops, limit usage, type
decodescript <hex>	disassemble + classify; returns asm, type, reqSigs, addresses
setscriptsig <tx> <idx> <scriptsig>	inject scriptSig into unsigned tx -- array ["03","02"] or raw hex
getscriptsighash <tx> <idx> <spk> [type]	get 32-byte digest for manual/offline signing
createmultisig <m> '["pub1","pub2"]'	build m-of-n script; max 20 keys
addpreimage <hex>	register preimage; enables auto-sign for hashlock outputs in signrawtransaction
decodescriptsig <sig_hex> <spk_hex>	label each push element by role (signature, pubkey, preimage...)

Contract Patterns

Arithmetic puzzle

scriptPubKey: OP_ADD OP_5 OP_EQUAL scriptSig: <a> <b> # a + b must equal 5 buildscript: ["OP_ADD","OP_5","OP_EQUAL"] test: validatescript "935587" '["03","02"]'

Hashlock + signature

scriptPubKey: OP_HASH160 <h160> OP_EQUALVERIFY OP_DUP OP_HASH160 <pkh> OP_EQUALVERIFY OP_CHECKSIG scriptSig: <sig> <pubkey> <preimage>

OP_CAT covenant

scriptPubKey: OP_CAT OP_SHA256 <hash> OP_EQUAL scriptSig: <part1> <part2> # concat must hash correctly # result must be <= 520 bytes

IF/ELSE branch

scriptPubKey: OP_IF <pubA> OP_CHECKSIG OP_ELSE OP_HASH160 <h> OP_EQUALVERIFY <pubB> OP_CHECKSIG OP_ENDIF Path A: <sigA> OP_1 Path B: <sigB> <pub> <preimage> OP_0

Time-locked payment

# nLockTime on the TX, not the script createrawtransaction \ '[{"txid":"...","vout":0,"sequence":0}]' \ '{"<dest>":1.0}' \ 25000 # invalid before block 25000

2-of-2 multisig

createmultisig 2 '["<pubA>","<pubB>"]' # hex: 5221<A>21<B>52ae # Alice signs partial; Bob merges to complete

Common Mistakes

Stack order

scriptSig pushes left-to-right; last push = top. setscriptsig '["05","03"]' with OP_SUB computes 5 - 3 (not 3 - 5). First push is deeper.

EQUAL vs EQUALVERIFY

OP_EQUAL leaves true/false on stack but does not fail. Use OP_EQUALVERIFY when you want it to abort on mismatch. Same for NUMEQUAL vs NUMEQUALVERIFY.

CHECKMULTISIG dummy

OP_0 before signatures is mandatory -- consumed by the off-by-one bug. Post-activation it must be empty (size 0). Omitting it misaligns signature matching.

Arithmetic overflow

Operands max 4 bytes. 2147483647 + 1 fails. OP_MUL of two large values overflows. Plan arithmetic to stay within [-2147483647, +2147483647].

OP_CAT size

Result must be <= 520 bytes. Two 300-byte items cannot be concatenated. Plan fragment sizes accordingly.

validatescript != sig verify

validatescript has no transaction context -- OP_CHECKSIG always fails. Use verifyscriptpair for scripts containing OP_CHECKSIG or OP_CHECKMULTISIG.

Debug Workflow

# Step 1: static analysis bitokd analyzescript "<your_script_hex>" # check: withinLimits:true, opcodes.counted < 201 # Step 2: sandbox (no signatures) bitokd validatescript "<spk_hex>" '["<top>","<mid>","<bottom>"]' "exec" # array: first=bottom, last=top; check finalStack # Step 3: full verify with real tx bitokd verifyscriptpair "<signed_tx_hex>" 0 "<spk_hex>" "exec" # verified:true = network will accept it # Step 4: inspect scriptSig roles bitokd decodescriptsig "<sig_hex>" "<spk_hex>"

Sighash Types

ALL (0x01)	All inputs + all outputs
NONE (0x02)	This input only; no outputs committed
SINGLE (0x03)	This input + output at same index
ALL\|ANYONECANPAY (0x81)	Only this input; all outputs
NONE\|ACP (0x82)	Only this input; no outputs
SINGLE\|ACP (0x83)	Only this input; output at same index

Build from Source

Bitok is Bitcoin v0.3.19 modernized for current toolchains. Compiles on Ubuntu 24.04 LTS, macOS 11+, and Windows via MinGW. Dependencies: GCC 11+, OpenSSL 3.x, Berkeley DB 5.3, Boost 1.74+, wxWidgets 3.2 (optional, GUI only).

Linux macOS Windows

1. Install Dependencies

Core (required for daemon):

sudo apt-get update sudo apt-get install build-essential libssl-dev sudo apt-get install libdb-dev libdb5.3-dev sudo apt-get install libboost-all-dev

GUI wallet (optional):

sudo apt-get install libwxgtk3.2-dev libgtk-3-dev

2. Build

make -f makefile.unix clean make -f makefile.unix # bitokd daemon only make -f makefile.unix gui # bitok GUI wallet (needs wxWidgets) make -f makefile.unix all # both

3. CPU Optimization

Default uses -march=native for your CPU. For distributable binaries:

make -f makefile.unix all YESPOWER_ARCH=x86-64-v3 # modern CPUs (2015+) make -f makefile.unix all YESPOWER_ARCH=x86-64 # max compatibility

4. Install

sudo make -f makefile.unix install # to /usr/local/bin/

Data directory: ~/.bitokd/

1. Install Dependencies

Supports macOS 11.0+ on Apple Silicon (arm64) and Intel (x86_64).

xcode-select --install brew install boost berkeley-db@4 openssl@3 wxwidgets

2. Build

make -f makefile.osx bitokd # daemon only make -f makefile.osx bitok # GUI wallet make -f makefile.osx all # both make -f makefile.osx clean

3. CPU Optimization

make -f makefile.osx ARCH=arm64 all # Apple Silicon make -f makefile.osx ARCH=x86_64 all # Intel make -f makefile.osx ARCH=x86_64 YESPOWER_ARCH=x86-64-v3 all # Intel + AVX2

4. Install

sudo make -f makefile.osx install # daemon to /usr/local/bin sudo make -f makefile.osx install-gui # GUI to /usr/local/bin make -f makefile.osx bundle # create Bitok.app sudo cp -r Bitok.app /Applications/

Data directory: ~/Library/Application Support/Bitok/

Troubleshooting

# If deps not found: export HOMEBREW_PREFIX=$(brew --prefix) make -f makefile.osx # Verify wxWidgets: wx-config --version # should show 3.2+

1. Install Visual Studio

Visual Studio 2019 or newer. During install select the Desktop development with C++ workload.

2. Setup vcpkg

git clone https://github.com/Microsoft/vcpkg.git C:\vcpkg C:\vcpkg\bootstrap-vcpkg.bat C:\vcpkg\vcpkg integrate install

3. Install Dependencies

Daemon only:

vcpkg install boost:x64-windows-static ^ berkeleydb:x64-windows-static ^ openssl:x64-windows-static ^ zlib:x64-windows-static

GUI wallet (all daemon deps + wxWidgets):

vcpkg install boost:x64-windows-static ^ berkeleydb:x64-windows-static ^ openssl:x64-windows-static ^ zlib:x64-windows-static ^ expat:x64-windows-static ^ liblzma:x64-windows-static ^ libpng:x64-windows-static ^ libjpeg-turbo:x64-windows-static ^ tiff:x64-windows-static ^ wxwidgets:x64-windows-static

4. Build

Open x64 Native Tools Command Prompt for VS from the Start menu:

set VCPKG_ROOT=C:\vcpkg nmake -f makefile.vc check rem verify setup, shows missing deps nmake -f makefile.vc USE_LTCG=1 daemon rem bitokd.exe nmake -f makefile.vc USE_LTCG=1 gui rem bitok.exe nmake -f makefile.vc USE_LTCG=1 both rem both nmake -f makefile.vc clean

Output: bitok.exe (GUI), bitokd.exe (daemon) Data: %APPDATA%\Bitok\

Troubleshooting

Berkeley DB wallet format

vcpkg provides BDB 4.8 -- different from Linux builds (BDB 5.3). If migrating a wallet from another build, run recovery first:

bitokd.exe -recover rem verify BDB was installed correctly: dir C:\vcpkg\installed\x64-windows-static\lib\libdb*.lib rem should show libdb48.lib

wxWidgets version mismatch

Check the installed version and update WX_VER in makefile.vc if needed:

dir C:\vcpkg\installed\x64-windows-static\lib\wx*.lib rem wxmsw32u_* = WX_VER=32 (wxWidgets 3.2) rem wxmsw33u_* = WX_VER=33 (wxWidgets 3.3)

Windows Defender may flag crypto software -- add a folder exclusion in Settings if needed.

Running the Daemon

./bitokd # start (foreground) ./bitokd -daemon # start in background ./bitokd --help # list all options ./bitokd stop # shut down

Check logs: ~/.bitokd/debug.log Port used: 8333 (p2p), 8332 (rpc)

Configuration (bitok.conf)

Config file locations:

Linux	~/.bitokd/bitok.conf
macOS	~/Library/Application Support/Bitok/bitok.conf
Windows	%APPDATA%\Bitok\bitok.conf

Secure it on Linux/macOS:

chmod 600 ~/.bitokd/bitok.conf

Example config:

server=1 rpcuser=yourusername rpcpassword=yourpassword rpcport=8332 rpcallowip=127.0.0.1 gen=1 # enable mining

Common RPC Commands

INFORMATION

./bitokd getinfo ./bitokd getblockcount ./bitokd getconnectioncount ./bitokd getdifficulty

WALLET

./bitokd getbalance ./bitokd getnewaddress [label] ./bitokd sendtoaddress <addr> <amount> ./bitokd listunspent [minconf]

MINING

./bitokd getgenerate ./bitokd setgenerate true [threads] ./bitokd setgenerate false

CURL EXAMPLE

curl --user user:pass \ --data-binary \ '{"method":"getinfo","params":[],"id":1}' \ -H 'content-type: application/json' \ http://127.0.0.1:8332/

Troubleshooting

OpenSSL warnings

OPENSSL_SUPPRESS_DEPRECATED is already set in the makefile. Deprecation warnings are expected on OpenSSL 3.x and do not affect functionality.

Berkeley DB errors

C++ bindings removed from modern Ubuntu. The code uses db_cxx_compat.h wrapper via C API. Ensure libdb5.3-dev is installed, not just libdb-dev.

Daemon won't start

Check port 8333 is free. Verify ~/.bitokd/ exists and is writable. Check debug.log for the exact error message.

Missing wxWidgets

GUI is optional. If building daemon only, wxWidgets is not required. Only run "make -f makefile.unix gui" if you need the wallet UI.