diff --git a/src/_zkapauthorizer/controller.py b/src/_zkapauthorizer/controller.py
index 2cc84307fa28666abfd65b5ccb62e2832ca6b3f5..368072d73c1de56a8eccd833a9a03ab5d9553a3e 100644
--- a/src/_zkapauthorizer/controller.py
+++ b/src/_zkapauthorizer/controller.py
@@ -269,15 +269,12 @@ class RistrettoRedeemer(object):
             in unblinded_tokens
         )
         marshaled_passes = list(
-            (
-                token_preimage.encode_base64(),
-                sig.encode_base64()
-            )
-            for (token_preimage, sig)
-            in clients_passes
+            preimage.encode_base64() + b" " + signature.encode_base64()
+            for (preimage, signature)
+            in zip(clients_preimages, clients_signatures)
         )
         return list(
-            Pass(p)
+            Pass(p.decode("ascii"))
             for p
             in marshaled_passes
         )
diff --git a/src/_zkapauthorizer/tests/test_controller.py b/src/_zkapauthorizer/tests/test_controller.py
index fb7efcd015b69912793031f61ff04b35e17c61f2..3ff2d7bd6cc0a58ef63bd7ce0964b6ff0fbf6ee5 100644
--- a/src/_zkapauthorizer/tests/test_controller.py
+++ b/src/_zkapauthorizer/tests/test_controller.py
@@ -280,20 +280,24 @@ def ristretto_verify(signing_key, message, marshaled_passes):
     :param bytes message: Request binding data which is involved in the
         generation of the passes to verify.
 
-    :param list[bytes] marshaled_passes: The base64-encoded representation of
-        some passes to verify. XXX Actually it's a two-tuple.  Do something
-        about that ...
+    :param list[bytes] marshaled_passes: Token preimages and corresponding
+        message signatures to verify.  Each element contains two
+        space-separated base64 encoded values, the first representing the
+        preimage and the second representing the signature.
 
     :return bool: ``True`` if and only if all of the passes represented by
         ``marshaled_passes`` pass the Ristretto-defined verification for an
         exchange using the given signing key and message.
     """
-    servers_passes = list(
-        (
-            TokenPreimage.decode_base64(token_preimage),
-            VerificationSignature.decode_base64(sig),
+    def decode(marshaled_pass):
+        t, s = marshaled_pass.split(u" ")
+        return (
+            TokenPreimage.decode_base64(t.encode("ascii")),
+            VerificationSignature.decode_base64(s.encode("ascii")),
         )
-        for (token_preimage, sig)
+    servers_passes = list(
+        decode(marshaled_pass.text)
+        for marshaled_pass
         in marshaled_passes
     )
     servers_unblinded_tokens = list(