diff --git a/komrade/backend/crypt.py b/komrade/backend/crypt.py
index ec76b1e..1d76214 100644
--- a/komrade/backend/crypt.py
+++ b/komrade/backend/crypt.py
@@ -16,8 +16,11 @@ LOG_GET_SET = True
 
 
 class Crypt(Logger):
-    def __init__(self,name=None,fn=None,cell=None,init_d=None,use_secret=CRYPT_USE_SECRET,path_secret=PATH_CRYPT_SECRET):
+    def __init__(self,name=None,fn=None,cell=None,init_d=None,use_secret=CRYPT_USE_SECRET,path_secret=PATH_CRYPT_SECRET,encrypt_values=True,path_encrypt_key=PATH_CRYPT_SECRET_KEY):
         if not name and fn: name=os.path.basename(fn).replace('.','_')
+        self.name,self.fn,self.cell=name,fn,cell
+        self.encryptor_key = None
+
 
         if use_secret and path_secret:
             if not os.path.exists(path_secret):
@@ -32,7 +35,32 @@ class Crypt(Logger):
         else:
             self.secret = b''
 
-        self.name,self.fn,self.cell = name,fn,cell
+        self.encrypt_values = encrypt_values
+        
+        if encrypt_values:
+            if self.cell:
+                pass
+            elif path_encrypt_key:
+                if not os.path.exists(path_encrypt_key):
+                    from komrade.backend.keymaker import KomradeSymmetricKeyWithoutPassphrase
+                    self.encryptor_key = KomradeSymmetricKeyWithoutPassphrase()
+                    with open(path_encrypt_key,'wb') as of:
+                        of.write(self.encryptor_key.data)
+                        from komrade.backend.keymaker import make_key_discreet_str
+                        self.log(f'shhh! creating secret at {path_encrypt_key}:',make_key_discreet_str(self.encryptor_key.data_b64_s))
+                else:
+                    with open(path_encrypt_key,'rb') as f:
+                        self.encryptor_key = KomradeSymmetricKeyWithoutPassphrase(
+                            key=f.read()
+                        )
+            else:
+                self.log('cannot encrypt values!')
+        else:
+            self.encryptor_key=None
+
+        if self.encryptor_key and not self.cell: self.cell = self.encryptor_key.cell
+        
+
         self.store = FilesystemStore(self.fn)
         if init_d:
             for k,v in init_d.items():
diff --git a/komrade/backend/the_operator.py b/komrade/backend/the_operator.py
index 628a722..154c6e6 100644
--- a/komrade/backend/the_operator.py
+++ b/komrade/backend/the_operator.py
@@ -85,8 +85,6 @@ class TheOperator(Operator):
         return msg_sealed
 
 
-    # def find_pubkey(self):
-        # return self.operator_keychain['pubkey']
 
 
     def send(self,encr_data_b):
diff --git a/komrade/backend/the_telephone.py b/komrade/backend/the_telephone.py
index b56076a..636266d 100644
--- a/komrade/backend/the_telephone.py
+++ b/komrade/backend/the_telephone.py
@@ -16,8 +16,6 @@ class TheTelephone(Operator):
         keychain = check_phonelines()[TELEPHONE_NAME]
         self._keychain = self.load_keychain_from_bytes(keychain)
 
-    # def find_pubkey(self):
-        # return self.telephone_keychain.get('pubkey')
 
     def send_and_receive(self,msg_d,**y):
         msg_b=msg_d["msg"]
diff --git a/komrade/constants.py b/komrade/constants.py
index 6d2b623..a0a3325 100644
--- a/komrade/constants.py
+++ b/komrade/constants.py
@@ -21,12 +21,15 @@ PATH_CRYPT_OP_DATA = os.path.join(PATH_KOMRADE_DATA,'.op.db.data.encr')
 PATH_CRYPT_CA_KEYS = PATH_CRYPT_OP_KEYS
 PATH_CRYPT_CA_DATA = PATH_CRYPT_OP_DATA
 PATH_QRCODES = os.path.join(PATH_KOMRADE,'.contacts')
-for x in [PATH_KOMRADE,PATH_KOMRADE_DATA,PATH_KOMRADE_KEYS,PATH_QRCODES]:
+PATH_SECRETS = os.path.join(PATH_KOMRADE,'.secret')
+
+for x in [PATH_KOMRADE,PATH_KOMRADE_DATA,PATH_KOMRADE_KEYS,PATH_QRCODES,PATH_SECRETS]:
     if not os.path.exists(x):
         os.makedirs(x)
 
 CRYPT_USE_SECRET = True
-PATH_CRYPT_SECRET = os.path.join(PATH_KOMRADE,'.secret')
+PATH_CRYPT_SECRET = os.path.join(PATH_SECRETS,'.salt')
+PATH_CRYPT_SECRET_KEY = os.path.join(PATH_SECRETS,'.key')
 
 # etc
 BSEP=b'||||||||||'