Index: crypt.fs
==================================================================
--- crypt.fs
+++ crypt.fs
@@ -48,11 +48,10 @@
     state2#   uvar voutkey \ for keydump
     keysize   uvar keygendh
     keysize   uvar vpk
     keysize   uvar vsk
     tf_ctx_256 uvar tf-key
-    keysize   uvar tf-in
     keysize   uvar tf-out
     $10       uvar tf-hashout
     1 64s     uvar last-mykey
     cell      uvar keytmp-up
 end-class keytmp-c
@@ -628,13 +627,13 @@
 \ Vault support code (generic and more compact)
 
 \ principle: use Threefish_256.
 \ block layout:
 \ 1. 32 byte ephemeral key -> use for DHE.
-\ 2. 16 byte IV, used for all blocks as tweak
+\ 2. 16 byte IV, used for all blocks as incrementing tweak
 \ 3. 16 byte hash, to check for success
-\ 4. 32 byte each blocks, decrypted by DHE+tweak
+\ 4. 32 byte each blocks, decrypted by DHE+tweak in ECB mode
 
 : >vdhe ( addr -- )  sk@ drop swap tf-key tf_ctx_256-key ed-dh 2drop ;
 : >viv  ( addr -- )  tf-key tf_ctx_256-tweak $10 move ;
 : v-dec-loop ( addr u -- session-key u / 0 0 )
     over { chk } $10 /string  $C { mode }
@@ -641,26 +640,28 @@
     bounds U+DO
 	tf-key I tf-out mode tf_decrypt_256
 	c:0key tf-out keysize c:hash tf-hashout $10 c:hash@
 	tf-hashout $10 chk over str= IF
 	    tf-out keysize  unloop  EXIT  THEN
-	0 to mode
+	tf-key tf_tweak256++
+	4 to mode
     keysize +LOOP  0 0 ;
 : v-dec$ ( addr u -- session-key u / 0 0 )
     over >vdhe keysize /string
     over >viv  $10 /string
     v-dec-loop ;
 
 : vdhe ( -- )  vsk vpk ed-keypair  vpk keysize type ;
 : viv  ( -- )  $10 rng$ 2dup type  tf-key tf_ctx_256-tweak swap move ;
 : vsessionkey ( -- )
-    keysize rng$ tf-in swap move
-    c:0key tf-in keysize c:hash tf-hashout $10 2dup c:hash@ type ;
+    keysize rng$ vkey state# move-rep
+    c:0key vkey keysize c:hash tf-hashout $10 2dup c:hash@ type ;
 : v-enc-loop ( keylist -- )
     [:  drop vsk swap tf-key tf_ctx_256-key ed-dh 2drop
-	tf-key tf-in tf-out $C tf_encrypt_256
+	tf-key vkey tf-out $C tf_encrypt_256
 	tf-out keysize type
+	tf-key tf_tweak256++
     ;] $[]map ;
 : v-enc-gen ( keylist -- )
     vdhe viv vsessionkey v-enc-loop ;
 : v-enc$ ( keylist -- addr u )
     ['] v-enc-gen $tmp ;

Index: debugging.fs
==================================================================
--- debugging.fs
+++ debugging.fs
@@ -80,14 +80,16 @@
 debug: wallet( \ debug wallet stuff
 debug: qr( \ qr code stuff
 debug: deprecated( \ deprecated stuff
 debug: unhandled( \ unhandled commands
 debug: syncfile( \ synchronous file operations
+debug: newvault( \ new style vault keys
 
 -db profile( \ don't profile by default )
 +db ipv6( \ ipv6 should be on by default )
 +db ipv4( \ ipv4 should be on by default )
+-db newvault( \ new vault disabled for now )
 +db syncfile( \ disable async file operations for now )
 
 \ key debugging task
 
 : toggle ( addr -- )  dup @ 0= swap ! ;

Index: ed25519-donnalib.fs
==================================================================
--- ed25519-donnalib.fs
+++ ed25519-donnalib.fs
@@ -31,10 +31,11 @@
 c-function raw>sc25519 expand_raw256_modm a a -- void ( sc char[32] -- )
 c-function nb>sc25519 expand256_modm a a n -- void ( sc char[64] n -- )
 c-function sc25519>32b contract256_modm a a -- void ( char[32] sc -- )
 c-function sc25519* mul256_modm a a a -- void ( r x y -- )
 c-function sc25519+ add256_modm a a a -- void ( r x y -- )
+c-function sc25519/ invert256_modm a a -- void ( recip s -- )
 
 c-function ge25519*base ge25519_scalarmult_base a a -- void ( ger x -- )
 c-function ge25519-pack ge25519_pack a a -- void ( r ger -- )
 c-function ge25519+ ge25519_add a a a -- void ( a a a -- )
 c-function ge25519-unpack- ge25519_unpack_negative_vartime a a -- n ( r p -- flag )

Index: n2o.fs
==================================================================
--- n2o.fs
+++ n2o.fs
@@ -204,10 +204,15 @@
     \G keysearch: and import them into the key chain
     ?get-me init-client
     keys>search search-keys insert-keys save-pubkeys
     ?cr keylist ;
 
+: whoami ( -- )
+    \U whoami
+    \G whoami: print your own key
+    ?get-me pk@ key>o ..key-list ;
+
 : perm ( -- )
     \U perm @user1 .. @usern permissions ..
     \G perm: Change or set permissions. permission starts with
     \G perm: + for adding permissions
     \G perm: - for taking away permissions

Index: threefishlib.fs
==================================================================
--- threefishlib.fs
+++ threefishlib.fs
@@ -32,10 +32,18 @@
 \c     tf_decrypt_512(ctx, c, c, flags);
 \c     flags=flags2; c+=8; n-=64;
 \c     ctx->tweak[1] += !++(ctx->tweak[0]);
 \c   }
 \c }
+\c void tf_tweak256_pp(struct tf_ctx_256 *ctx)
+\c {
+\c   ctx->tweak[1] += !++(ctx->tweak[0]);
+\c }
+\c void tf_tweak512_pp(struct tf_ctx_512 *ctx)
+\c {
+\c   ctx->tweak[1] += !++(ctx->tweak[0]);
+\c }
 \ -------===< structs >===--------
 \ tf_ctx_256
 begin-structure tf_ctx_256
     drop 0 40 +field tf_ctx_256-key
     drop 40 24 +field tf_ctx_256-tweak
@@ -51,5 +59,7 @@
 c-function tf_decrypt tf_decrypt_512 a a a n -- void
 c-function tf_encrypt_256 tf_encrypt_256 a a a n -- void
 c-function tf_decrypt_256 tf_decrypt_256 a a a n -- void
 c-function tf_encrypt_loop tf_encrypt_loop a a n n n -- void
 c-function tf_decrypt_loop tf_decrypt_loop a a n n n -- void
+c-function tf_tweak256++ tf_tweak256_pp a -- void
+c-function tf_tweak512++ tf_tweak512_pp a -- void

Index: vault.fs
==================================================================
--- vault.fs
+++ vault.fs
@@ -89,11 +89,13 @@
     c-state @ 7 <> !!no-data!!
     \ otherwise would expose some data
     $> v-kstate c:key> v-kstate $40 str= 0= !!vault-auth!!
     write-decrypt \ write a chunk out
     4 c-state xor! ; \ step back to allow fault-file
-
++net2o: vault-dhe-keys ( $:dhe+keys -- )  c-state @ !!inv-order!!
+    $> v-dec$ 2dup d0= !!unknown-key!!  v-key state# move-rep
+    3 c-state or! ;
 
 vault-table $save
 ' context-table is gen-table
 
 also }scope
@@ -123,14 +125,16 @@
     vaultkey $100 erase
     enc-mode @ $FF and $20 - rng$ vkey state# move-rep
     vkey( ." vkey key: " vkey state# 85type forth:cr )
     enc-mode @ dup ulit, vault-crypt 8 rshift $FF and >crypt
     [: [: drop vsk swap keygendh ed-dh 2>r
-	vkey vaultkey $10 + enc-mode @ $FF and $20 - move
-	vaultkey enc-mode @ $FF and 2r> encrypt$
-	vaultkey enc-mode @ $FF and forth:type ;] $[]map ;] $tmp
+	    vkey vaultkey $10 + enc-mode @ $FF and $20 - move
+	    vaultkey enc-mode @ $FF and 2r> encrypt$
+	    vaultkey enc-mode @ $FF and forth:type ;] $[]map ;] $tmp
     $, vault-keys 0 >crypt ;
+: vdhe-keys, ( key-list -- )
+    v-enc$ $, vault-dhe-keys  0 >crypt ;
 : vfile-in ( -- )
     enc-filename $@ enc-file $slurp-file ;
 : vfile-pad ( -- )
     enc-file $@len dup >r vault-aligned enc-file $!len
     enc-file $@ r> /string dup enc-padding ! erase ;
@@ -151,11 +155,13 @@
     2dup vkey state# encrypt$ $, vault-sig ;
 
 : encfile-rest ( key-list -- ) >vault >r
     code-buf$ cmdreset init-reply
     pk@ key| r@ $+[]! \ encrypt for ourself
-    "v2o" 4cc, vdhe, r> vkeys, vfile, vsig,
+    "v2o" 4cc,
+    newvault( r> vdhe-keys, )else( vdhe, r> vkeys, )
+    vfile, vsig,
     s" .v2o" enc-filename $+!
     enc-filename $@ [: >r cmd$ $@ r> write-file throw ;] new-file
     code0-buf dispose n:o> ;
 
 : encrypt-file ( filename u key-list -- )