diff --git a/common/url.go b/common/url.go
index 64a5930c6e5f6788c8a828d519f23da3b8a5c264..b2a514b4e6b1ba105e9f9aa4f9501bce1e613d4d 100644
--- a/common/url.go
+++ b/common/url.go
@@ -339,6 +339,8 @@ func (c URL) ServiceKey() string {
 	return buf.String()
 }
 
+// ColonSeparatedKey
+// The format is "{interface}:[version]:[group]"
 func (c *URL) ColonSeparatedKey() string {
 	intf := c.GetParam(constant.INTERFACE_KEY, strings.TrimPrefix(c.Path, "/"))
 	if intf == "" {
diff --git a/filter/authenticator.go b/filter/authenticator.go
index f969769bca09197ca518761120fb525d3444e74d..ce0547b36b03b7078784a6c05c08cd3f89611ca4 100644
--- a/filter/authenticator.go
+++ b/filter/authenticator.go
@@ -8,9 +8,11 @@ import (
 // Authenticator
 type Authenticator interface {
 
+	// Sign
 	// give a sign to request
 	Sign(protocol.Invocation, *common.URL) error
 
+	// Authenticate
 	// verify the signature of the request is valid or not
 	Authenticate(protocol.Invocation, *common.URL) error
 }
diff --git a/filter/filter_impl/auth/accesskey_storage.go b/filter/filter_impl/auth/accesskey_storage.go
index 4495c9cc417a98b5ba451c4cd980c02bd2b9cb24..0a2bf47cbd377899ba8a0edf4a67026dd827d41f 100644
--- a/filter/filter_impl/auth/accesskey_storage.go
+++ b/filter/filter_impl/auth/accesskey_storage.go
@@ -13,6 +13,7 @@ import (
 type DefaultAccesskeyStorage struct {
 }
 
+// GetAccessKeyPair
 // get AccessKeyPair from url by the key "accessKeyId" and "secretAccessKey"
 func (storage *DefaultAccesskeyStorage) GetAccessKeyPair(invocation protocol.Invocation, url *common.URL) *filter.AccessKeyPair {
 	return &filter.AccessKeyPair{
diff --git a/filter/filter_impl/auth/default_authenticator.go b/filter/filter_impl/auth/default_authenticator.go
index 20c3b64b1d23d1e5285a43d37a0d906932026070..73eb9cddc0e1b7b4747da4b0f3e883075e349226 100644
--- a/filter/filter_impl/auth/default_authenticator.go
+++ b/filter/filter_impl/auth/default_authenticator.go
@@ -25,6 +25,8 @@ func init() {
 type DefaultAuthenticator struct {
 }
 
+// Sign
+// add the signature for the invocation
 func (authenticator *DefaultAuthenticator) Sign(invocation protocol.Invocation, url *common.URL) error {
 	currentTimeMillis := strconv.Itoa(int(time.Now().Unix() * 1000))
 
@@ -45,6 +47,8 @@ func (authenticator *DefaultAuthenticator) Sign(invocation protocol.Invocation,
 	return nil
 }
 
+// getSignature
+// get signature by the metadata and params of the invocation
 func getSignature(url *common.URL, invocation protocol.Invocation, secrectKey string, currentTime string) (string, error) {
 
 	requestString := fmt.Sprintf(constant.SIGNATURE_STRING_FORMAT,
@@ -63,6 +67,8 @@ func getSignature(url *common.URL, invocation protocol.Invocation, secrectKey st
 	return signature, nil
 }
 
+// Authenticate
+// This method verifies whether the signature sent by the requester is correct
 func (authenticator *DefaultAuthenticator) Authenticate(invocation protocol.Invocation, url *common.URL) error {
 	accessKeyId := invocation.AttachmentsByKey(constant.AK_KEY, "")
 
diff --git a/filter/filter_impl/auth/sign_util.go b/filter/filter_impl/auth/sign_util.go
index 93873149190a2878bce633352e776082bdc14b34..60698439c5abc1ff0cc555b2ceec77bf2e0e53d5 100644
--- a/filter/filter_impl/auth/sign_util.go
+++ b/filter/filter_impl/auth/sign_util.go
@@ -9,6 +9,7 @@ import (
 	"strings"
 )
 
+// Sign
 // get a signature string with given information, such as metadata or parameters
 func Sign(metadata, key string) string {
 	return doSign([]byte(metadata), key)