diff --git a/src/_secureaccesstokenauthorizer/_storage_server.py b/src/_secureaccesstokenauthorizer/_storage_server.py
index fbae0c3f0b088139b56968df1dfc0888e9c07db2..3181f4e0008afb748257717e32d66d29264d6abe 100644
--- a/src/_secureaccesstokenauthorizer/_storage_server.py
+++ b/src/_secureaccesstokenauthorizer/_storage_server.py
@@ -118,6 +118,15 @@ def add_arguments(schema, kwargs):
 
 
 class RITokenAuthorizedStorageServer(RemoteInterface):
+    """
+    An object which can store and retrieve shares, subject to token-based
+    authorization.
+
+    This is much the same as ``allmydata.interfaces.RIStorageServer`` but
+    several of its methods take an additional ``tokens`` parameter.  Clients
+    are expected to supply suitable tokens and only after the tokens have been
+    validated is service provided.
+    """
     __remote_name__ = (
         "RITokenAuthorizedStorageServer.tahoe.privatestorage.io"
     )
@@ -148,37 +157,86 @@ class RITokenAuthorizedStorageServer(RemoteInterface):
 # attributes on self and it's hard to avoid that.
 @attr.s(cmp=False)
 class SecureAccessTokenAuthorizerStorageServer(Referenceable):
+    """
+    A class which wraps an ``RIStorageServer`` to insert token validity checks
+    before allowing certain functionality.
+    """
     _original = attr.ib(validator=provides(RIStorageServer))
 
     def _validate_tokens(self, tokens):
-        pass
+        """
+        Check that all of the given tokens are valid.
+
+        :raise InvalidToken: If any token in ``tokens`` is not valid.
+
+        :return NoneType: If all of the tokens in ``tokens`` are valid.
+
+        :note: This is yet to be implemented so it always returns ``None``.
+        """
+        return None
 
     def remote_get_version(self):
+        """
+        Pass through without token check to allow clients to learn about our
+        version and configuration in case it helps them decide how to behave.
+        """
         return self._original.remote_get_version()
 
     def remote_allocate_buckets(self, tokens, *a, **kw):
+        """
+        Pass through after a token check to ensure that clients can only allocate
+        storage for immutable shares if they present valid tokens.
+        """
         self._validate_tokens(tokens)
         return self._original.remote_allocate_buckets(*a, **kw)
 
     def remote_get_buckets(self, storage_index):
+        """
+        Pass through without token check to let clients read immutable shares as
+        long as those shares exist.
+        """
         return self._original.remote_get_buckets(storage_index)
 
     def remote_add_lease(self, tokens, *a, **kw):
+        """
+        Pass through after a token check to ensure clients can only extend the
+        duration of share storage if they present valid tokens.
+        """
         self._validate_tokens(tokens)
         return self._original.remote_add_lease(*a, **kw)
 
     def remote_renew_lease(self, tokens, *a, **kw):
+        """
+        Pass through after a token check to ensure clients can only extend the
+        duration of share storage if they present valid tokens.
+        """
         self._validate_tokens(tokens)
         return self._original.remote_renew_lease(*a, **kw)
 
     def remote_advise_corrupt_share(self, *a, **kw):
+        """
+        Pass through without a token check to let clients inform us of possible
+        issues with the system without incurring any cost to themselves.
+        """
         return self._original.remote_advise_corrupt_share(*a, **kw)
 
     def remote_slot_testv_and_readv_and_writev(self, tokens, *a, **kw):
+        """
+        Pass through after a token check to ensure clients can only allocate
+        storage for mutable shares if they present valid tokens.
+
+        :note: This method can be used both to allocate storage and to rewrite
+            data in already-allocated storage.  These cases may not be the
+            same from the perspective of token validation.
+        """
         self._validate_tokens(tokens)
         return self._original.remote_slot_testv_and_readv_and_writev(*a, **kw)
 
     def remote_slot_readv(self, *a, **kw):
+        """
+        Pass through without a token check to let clients read mutable shares as
+        long as those shares exist.
+        """
         return self._original.remote_slot_readv(*a, **kw)
 
 # I don't understand why this is required.