diff --git a/gocrypt.bash b/gocrypt.bash
index 37cf4ae..1cc40ef 100755
--- a/gocrypt.bash
+++ b/gocrypt.bash
@@ -5,11 +5,9 @@
 readonly gocrypt_dir=".gocrypt"
 readonly gocrypt_dec_dir="gocrypt"
 readonly gocrypt_passwd_file="gocrypt-passwd"
-readonly gocrypt_needs_passphrase_marker=".gocrypt-needs-passphrase"
 
 gocrypt_sys_check() {
     which gocryptfs > /dev/null || gocrypt_die "gocryptfs not found in PATH"
-    which perl > /dev/null || gocrypt_die "perl not found in PATH"
 }
 
 gocrypt_env_check() {
@@ -32,59 +30,20 @@ gocrypt_die() {
     exit 1
 }
 
-gocrypt_derive_password() {
-    local data="$1"
-    local key="$2"
-
-    perl <<< "use Digest::SHA qw(hmac_sha256_hex);\$digest=hmac_sha256_hex(\"$data\n\", \"$key\");print(\$digest);"
-}
-
 gocrypt_init() {
-    local needs_passphrase=false
-    local passphrase=""
-    while [ $# -gt 0 ]; do
-        case "$1" in
-            -p|--passphrase)
-                needs_passphrase=true
-                ;;
-            *)
-                gocrypt_die "Unexpected argument: $1"
-                ;;
-        esac
-        shift
-    done
-
-    [ $# -eq 0 ] || gocrypt_die "Unexpected argument"
     gocrypt_sys_check
     if [ -d "$gocrypt_dir" ] || [ -f "$gocrypt_dir" ]; then
         gocrypt_die "gocrypt plugin already initialized for your password store"
     fi
 
-    if $needs_passphrase; then
-        echo -n "Enter passphrase: "
-        read -s passphrase
-        local passphrase_confirm=""
-        echo
-        echo -n "Confirm passphrase: "
-        read -s passphrase_confirm
-        echo
-        
-        [ "$passphrase" == "$passphrase_confirm" ] || gocrypt_die "Passphrase mismatch"
-    fi
-
-    cmd_generate "$gocrypt_passwd_file" 32
-    local gocrypt_passwd="$(cmd_show "$gocrypt_passwd_file")"
+    pass generate "$gocrypt_passwd_file" 32
 
     # Initialize gocryptfs
     mkdir "$gocrypt_dir"
-    if $needs_passphrase; then
-        touch "$gocrypt_needs_passphrase_marker"
-        gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")"
-    fi
-    gocryptfs -passfile /dev/stdin -init "$gocrypt_dir" <<< "$gocrypt_passwd" || gocrypt_die "Unable to initialize gocryptfs"
+    gocryptfs -passfile /dev/stdin -init "$gocrypt_dir" <<< "$(pass show "$gocrypt_passwd_file")"
 
     # Mount the gocryptfs subdirectory and initialze what is inside of it
-    _gocrypt_passwd="$gocrypt_passwd" gocrypt_open || gocrypt_die "Cannot open the gocryptfs we just initialized"
+    gocrypt_open
     touch "$gocrypt_dec_dir"/.pass-gocrypt
     # By default, we use the same gpg-id inside, but the user can decide to use a different one later by doing it manually
     ln -s ../.gpg-id "$gocrypt_dec_dir"/.gpg-id
@@ -94,57 +53,30 @@ gocrypt_init() {
     echo "# Gocrypt" >> .gitignore
     echo "gocrypt" >> .gitignore
 
-    cmd_git add .gitignore
-    $needs_passphrase && cmd_git add "$gocrypt_needs_passphrase_marker"
-    cmd_git add "$gocrypt_dir"
-    cmd_git commit -m "Initialized encrypted storage for gocrypt plugin"
+    pass git add .gitignore
+    pass git add "$gocrypt_dir"
+    pass git commit -m "Initialized encrypted storage for gocrypt plugin"
 }
 
 gocrypt_open() {
-    [ $# -eq 0 ] || gocrypt_die "Unexpected argument"
     gocrypt_close_check
     mkdir -p "$gocrypt_dec_dir"
 
-    local gocrypt_passwd=""
-
-    if [ ! -z "$_gocrypt_passwd" ]; then
-        gocrypt_passwd="$_gocrypt_passwd"
-    else
-        gocrypt_passwd="$(cmd_show "$gocrypt_passwd_file")"
-
-        if [ -f "$gocrypt_needs_passphrase_marker" ]; then
-            local passphrase=""
-            echo -n "Enter passphrase: "
-            read -s passphrase
-            gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")"
-        fi
-    fi
-
-    gocryptfs -passfile /dev/stdin "$gocrypt_dir" "$gocrypt_dec_dir" <<< "$gocrypt_passwd"
+    gocryptfs -passfile /dev/stdin "$gocrypt_dir" "$gocrypt_dec_dir" <<< "$(pass show "$gocrypt_passwd_file")"
 }
 
 gocrypt_close() {
-    [ $# -eq 0 ] || gocrypt_die "Unexpected argument"
     gocrypt_open_check
-    fusermount -u "$gocrypt_dec_dir" || fusermount -u -z "$gocrypt_dec_dir"
+    fusermount -u "$gocrypt_dec_dir"
 }
 
 gocrypt_delegate() {
     gocrypt_open_check
     # Delegate command to another `pass` instance that manages what is inside of the mountpoint
-    PASSWORD_STORE_DIR="$PWD/$gocrypt_dec_dir" "$PROGRAM" "$@"
+    PASSWORD_STORE_DIR="$PWD/$gocrypt_dec_dir" pass $@
     # Commit if there has been changes due to this operation
-    cmd_git add "$gocrypt_dir"
-    cmd_git commit -m "Encrypted pass operation inside gocrypt" "$gocrypt_dir" || echo "No git commit created"
-}
-
-gocrypt_crypt() {
-    [ $# -eq 1 ] || gocrypt_die "Unexpected argument"
-    gocrypt_open_check
-    [ ! -f "$1.gpg" ] && gocrypt_die "Not found: $1"
-    cmd_show "$1" | EDITOR=tee gocrypt_delegate edit "$1"
-    cmd_delete -f "$1"
-    echo "Moved $1 into encrypted storage"
+    pass git add "$gocrypt_dir"
+    pass git commit -m "Encrypted pass operation inside gocrypt" "$gocrypt_dir" || echo "No git commit created"
 }
 
 gocrypt_help() {
@@ -152,7 +84,7 @@ gocrypt_help() {
 $PROGRAM gocrypt - hide part of the password store in a subdirectory encrypted with gocryptfs
 
 usage
-    $PROGRAM gocrypt init [-p|--passphrase]
+    $PROGRAM gocrypt init
         Initialize a encrypted subdirectory at \$PASSWORD_STORE_DIR/$gocrypt_dir. The password used by
         gocryptfs will be generated by pass and stored at \$PASSWORD_STORE_DIR/$gocrypt_passwd_file.gpg.
         The encrypted subdirectory, along with the generated (encrypted) password, will be committed to
@@ -162,24 +94,12 @@ usage
         subtree. You can change this manually by mounting (opening) the directory and replacing this
         symlink with a custom one.
 
-        You can optionally use an extra piece of symmetric passphrase to encrypt the subdirectory, by
-        passing the argument -p or --passphrase when invoking this command to initialize. In this case,
-        the passphrase you input will be used along with the generated password to derive a new master
-        password for gocryptfs. This second piece of passphrase will not be stored in the password store,
-        and you will be asked for it every time you invoke \`$PROGRAM gocrypt open\`. This mode adds an
-        extra layer of protection in case the gpg-encrypted master password is somehow compromised.
-
     $PROGRAM gocrypt open
         Mount the encrypted subdirectory to \$PASSWORD_STORE_DIR/$gocrypt_dec_dir.
 
     $PROGRAM gocrypt close
         Unmount the encrypted subtree, if it was opened before.
 
-    $PROGRAM gocrypt crypt <pass_name>
-        Move a password <pass_name> from the original password store to the encrypted subdirectory. Note
-        that if you use git, this will still leave a record in the git repository of the original password
-        store.
-
     $PROGRAM gocrypt help
         Print this help message.
 
@@ -219,23 +139,19 @@ case "$1" in
         ;;
     init)
         shift
-        gocrypt_init "$@"
+        gocrypt_init $@
         ;;
     open)
         shift
-        gocrypt_open "$@"
-        ;;
-    crypt)
-        shift
-        gocrypt_crypt "$@"
+        gocrypt_open $@
         ;;
     close)
         shift
-        gocrypt_close "$@"
+        gocrypt_close $@
         ;;
     ls|list|grep|find|search|show|insert|add|edit|generate|rm|remove|delete|mv|rename|cp|copy|git)
         # No shift here since we need to delegate these commands to another pass instance
-        gocrypt_delegate "$@"
+        gocrypt_delegate $@
         ;;
     *)
         gocrypt_die "Unknown command $1 for gocrypt"
diff --git a/pass-test b/pass-test
index 31d0a3c..22def5a 100755
--- a/pass-test
+++ b/pass-test
@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 
-PASSWORD_STORE_DIR=$PWD/pass PASSWORD_STORE_EXTENSIONS_DIR=$PWD PASSWORD_STORE_ENABLE_EXTENSIONS=true pass "$@"
+PASSWORD_STORE_DIR=$PWD/pass PASSWORD_STORE_EXTENSIONS_DIR=$PWD PASSWORD_STORE_ENABLE_EXTENSIONS=true pass $@