diff --git a/examples/hero/crypt/hero_crypt_example.vsh b/examples/hero/crypt/hero_crypt_example.vsh
index 797f110e..47957534 100755
--- a/examples/hero/crypt/hero_crypt_example.vsh
+++ b/examples/hero/crypt/hero_crypt_example.vsh
@@ -38,7 +38,7 @@ signing_keypair := age_client.generate_signing_keypair() or {
 	return
 }
 
-!signed := age_client.sign(signing_keypair.sign_key, message) or {
+signed := age_client.sign(signing_keypair.sign_key, message) or {
 	println('Error signing message: ${err}')
 	return
 }
@@ -47,7 +47,7 @@ verified := age_client.verify(signing_keypair.verify_key, message, signed.signat
 	println('Error verifying signature: ${err}')
 	return
 }
-!println('Message: ${message}')
+println('Message: ${message}')
 println('Signature: ${signed.signature}')
 println('Signature valid: ${verified}')
 
diff --git a/lib/hero/crypt/age.v b/lib/hero/crypt/age.v
index 5b8159ef..0245e220 100644
--- a/lib/hero/crypt/age.v
+++ b/lib/hero/crypt/age.v
@@ -5,7 +5,7 @@ import freeflowuniverse.herolib.core.redisclient
 // Stateless AGE operations
 
 // generate_keypair creates a new Age encryption key pair
-pub fn (client &AGEClient) generate_keypair() !KeyPair {
+pub fn (mut client AGEClient) generate_keypair() !KeyPair {
 	response := client.redis.send_expect_list(['AGE', 'GENENC'])!
 
 	if response.len < 2 {
@@ -19,7 +19,7 @@ pub fn (client &AGEClient) generate_keypair() !KeyPair {
 }
 
 // generate_signing_keypair creates a new Age signing key pair
-pub fn (client &AGEClient) generate_signing_keypair() !SigningKeyPair {
+pub fn (mut client AGEClient) generate_signing_keypair() !SigningKeyPair {
 	response := client.redis.send_expect_list(['AGE', 'GENSIGN'])!
 
 	if response.len < 2 {
@@ -33,7 +33,7 @@ pub fn (client &AGEClient) generate_signing_keypair() !SigningKeyPair {
 }
 
 // encrypt encrypts a message with the recipient's public key
-pub fn (client &AGEClient) encrypt(recipient string, message string) !EncryptionResult {
+pub fn (mut client AGEClient) encrypt(recipient string, message string) !EncryptionResult {
 	ciphertext := client.redis.send_expect_str(['AGE', 'ENCRYPT', recipient, message])!
 
 	return EncryptionResult{
@@ -42,12 +42,12 @@ pub fn (client &AGEClient) encrypt(recipient string, message string) !Encryption
 }
 
 // decrypt decrypts a message with the identity (private key)
-pub fn (client &AGEClient) decrypt(identity string, ciphertext string) !string {
+pub fn (mut client AGEClient) decrypt(identity string, ciphertext string) !string {
 	return client.redis.send_expect_str(['AGE', 'DECRYPT', identity, ciphertext])!
 }
 
 // sign signs a message with the signing key
-pub fn (client &AGEClient) sign(sign_key string, message string) !SignatureResult {
+pub fn (mut client AGEClient) sign(sign_key string, message string) !SignatureResult {
 	signature := client.redis.send_expect_str(['AGE', 'SIGN', sign_key, message])!
 
 	return SignatureResult{
@@ -56,7 +56,7 @@ pub fn (client &AGEClient) sign(sign_key string, message string) !SignatureResul
 }
 
 // verify verifies a signature with the verification key
-pub fn (client &AGEClient) verify(verify_key string, message string, signature string) !bool {
+pub fn (mut client AGEClient) verify(verify_key string, message string, signature string) !bool {
 	result := client.redis.send_expect_int(['AGE', 'VERIFY', verify_key, message, signature])!
 	return result == 1
 }
@@ -64,7 +64,7 @@ pub fn (client &AGEClient) verify(verify_key string, message string, signature s
 // Key-managed AGE operations
 
 // create_named_keypair creates and stores a named encryption key pair
-pub fn (client &AGEClient) create_named_keypair(name string) !KeyPair {
+pub fn (mut client AGEClient) create_named_keypair(name string) !KeyPair {
 	response := client.redis.send_expect_list(['AGE', 'KEYGEN', name])!
 
 	if response.len < 2 {
@@ -78,7 +78,7 @@ pub fn (client &AGEClient) create_named_keypair(name string) !KeyPair {
 }
 
 // create_named_signing_keypair creates and stores a named signing key pair
-pub fn (client &AGEClient) create_named_signing_keypair(name string) !SigningKeyPair {
+pub fn (mut client AGEClient) create_named_signing_keypair(name string) !SigningKeyPair {
 	response := client.redis.send_expect_list(['AGE', 'SIGNKEYGEN', name])!
 
 	if response.len < 2 {
@@ -92,7 +92,7 @@ pub fn (client &AGEClient) create_named_signing_keypair(name string) !SigningKey
 }
 
 // encrypt_with_named_key encrypts a message using a named key
-pub fn (client &AGEClient) encrypt_with_named_key(key_name string, message string) !EncryptionResult {
+pub fn (mut client AGEClient) encrypt_with_named_key(key_name string, message string) !EncryptionResult {
 	ciphertext := client.redis.send_expect_str(['AGE', 'ENCRYPTNAME', key_name, message])!
 
 	return EncryptionResult{
@@ -101,12 +101,12 @@ pub fn (client &AGEClient) encrypt_with_named_key(key_name string, message strin
 }
 
 // decrypt_with_named_key decrypts a message using a named key
-pub fn (client &AGEClient) decrypt_with_named_key(key_name string, ciphertext string) !string {
+pub fn (mut client AGEClient) decrypt_with_named_key(key_name string, ciphertext string) !string {
 	return client.redis.send_expect_str(['AGE', 'DECRYPTNAME', key_name, ciphertext])!
 }
 
 // sign_with_named_key signs a message using a named signing key
-pub fn (client &AGEClient) sign_with_named_key(key_name string, message string) !SignatureResult {
+pub fn (mut client AGEClient) sign_with_named_key(key_name string, message string) !SignatureResult {
 	signature := client.redis.send_expect_str(['AGE', 'SIGNNAME', key_name, message])!
 
 	return SignatureResult{
@@ -115,13 +115,13 @@ pub fn (client &AGEClient) sign_with_named_key(key_name string, message string)
 }
 
 // verify_with_named_key verifies a signature using a named verification key
-pub fn (client &AGEClient) verify_with_named_key(key_name string, message string, signature string) !bool {
+pub fn (mut client AGEClient) verify_with_named_key(key_name string, message string, signature string) !bool {
 	result := client.redis.send_expect_int(['AGE', 'VERIFYNAME', key_name, message, signature])!
 	return result == 1
 }
 
 // list_keys lists all stored AGE keys
-pub fn (client &AGEClient) list_keys() ![]string {
+pub fn (mut client AGEClient) list_keys() ![]string {
 	response := client.redis.send_expect_list(['AGE', 'LIST'])!
 
 	mut keys := []string{}