diff --git a/service/errors.go b/service/errors.go
new file mode 100644
index 00000000..4aefb4eb
--- /dev/null
+++ b/service/errors.go
@@ -0,0 +1,18 @@
+package service
+
+import "github.com/nspcc-dev/neofs-api-go/internal"
+
+// ErrNilToken is returned by functions that expect a non-nil token argument, but received nil.
+const ErrNilToken = internal.Error("token is nil")
+
+// ErrInvalidTTL means that the TTL value does not satisfy a specific criterion.
+const ErrInvalidTTL = internal.Error("invalid TTL value")
+
+// ErrInvalidPublicKeyBytes means that the public key could not be unmarshaled.
+const ErrInvalidPublicKeyBytes = internal.Error("cannot load public key")
+
+// ErrCannotFindOwner is raised when signatures empty in GetOwner.
+const ErrCannotFindOwner = internal.Error("cannot find owner public key")
+
+// ErrWrongOwner is raised when passed OwnerID not equal to present PublicKey
+const ErrWrongOwner = internal.Error("wrong owner")
diff --git a/service/meta.go b/service/meta.go
index 8602dca7..ea1a83d6 100644
--- a/service/meta.go
+++ b/service/meta.go
@@ -1,7 +1,6 @@
 package service
 
 import (
-	"github.com/nspcc-dev/neofs-api-go/internal"
 	"github.com/pkg/errors"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
@@ -63,14 +62,6 @@ const (
 	SingleForwardingTTL
 )
 
-const (
-	// ErrZeroTTL is raised when zero ttl is passed.
-	ErrZeroTTL = internal.Error("zero ttl")
-
-	// ErrIncorrectTTL is raised when NonForwardingTTL is passed and NodeRole != InnerRingNode.
-	ErrIncorrectTTL = internal.Error("incorrect ttl")
-)
-
 // SetVersion sets protocol version to ResponseMetaHeader.
 func (m *ResponseMetaHeader) SetVersion(v uint32) { m.Version = v }
 
@@ -105,7 +96,7 @@ func (m *RequestMetaHeader) RestoreMeta(v RequestMetaHeader) { *m = v }
 func IRNonForwarding(role NodeRole) TTLCondition {
 	return func(ttl uint32) error {
 		if ttl == NonForwardingTTL && role != InnerRingNode {
-			return ErrIncorrectTTL
+			return ErrInvalidTTL
 		}
 
 		return nil
@@ -117,7 +108,7 @@ func ProcessRequestTTL(req MetaHeader, cond ...TTLCondition) error {
 	ttl := req.GetTTL()
 
 	if ttl == ZeroTTL {
-		return status.New(codes.InvalidArgument, ErrZeroTTL.Error()).Err()
+		return status.New(codes.InvalidArgument, ErrInvalidTTL.Error()).Err()
 	}
 
 	for i := range cond {
diff --git a/service/meta_test.go b/service/meta_test.go
index 388b6ce5..de77ac81 100644
--- a/service/meta_test.go
+++ b/service/meta_test.go
@@ -26,13 +26,13 @@ func TestMetaRequest(t *testing.T) {
 		},
 		{
 			code:              codes.InvalidArgument,
-			msg:               ErrIncorrectTTL.Error(),
+			msg:               ErrInvalidTTL.Error(),
 			name:              "direct to storage node",
 			handler:           IRNonForwarding(StorageNode),
 			RequestMetaHeader: RequestMetaHeader{TTL: NonForwardingTTL},
 		},
 		{
-			msg:               ErrZeroTTL.Error(),
+			msg:               ErrInvalidTTL.Error(),
 			code:              codes.InvalidArgument,
 			name:              "zero ttl",
 			handler:           IRNonForwarding(StorageNode),
diff --git a/service/token.go b/service/token.go
index 077e672b..ece44c26 100644
--- a/service/token.go
+++ b/service/token.go
@@ -4,7 +4,6 @@ import (
 	"crypto/ecdsa"
 	"encoding/binary"
 
-	"github.com/nspcc-dev/neofs-api-go/internal"
 	"github.com/nspcc-dev/neofs-api-go/refs"
 	crypto "github.com/nspcc-dev/neofs-crypto"
 )
@@ -62,9 +61,6 @@ type SessionToken interface {
 	SignatureContainer
 }
 
-// ErrEmptyToken is raised when passed Token is nil.
-const ErrEmptyToken = internal.Error("token is empty")
-
 var _ SessionToken = (*Token)(nil)
 
 var tokenEndianness = binary.BigEndian
@@ -183,11 +179,11 @@ func verificationTokenData(token SessionToken) []byte {
 
 // SignToken calculates and stores the signature of token information.
 //
-// If passed token is nil, ErrEmptyToken returns.
+// If passed token is nil, ErrNilToken returns.
 // If passed private key is nil, crypto.ErrEmptyPrivateKey returns.
 func SignToken(token SessionToken, key *ecdsa.PrivateKey) error {
 	if token == nil {
-		return ErrEmptyToken
+		return ErrNilToken
 	} else if key == nil {
 		return crypto.ErrEmptyPrivateKey
 	}
@@ -204,11 +200,11 @@ func SignToken(token SessionToken, key *ecdsa.PrivateKey) error {
 
 // VerifyTokenSignature checks if token was signed correctly.
 //
-// If passed token is nil, ErrEmptyToken returns.
+// If passed token is nil, ErrNilToken returns.
 // If passed public key is nil, crypto.ErrEmptyPublicKey returns.
 func VerifyTokenSignature(token SessionToken, key *ecdsa.PublicKey) error {
 	if token == nil {
-		return ErrEmptyToken
+		return ErrNilToken
 	} else if key == nil {
 		return crypto.ErrEmptyPublicKey
 	}
diff --git a/service/token_test.go b/service/token_test.go
index 0b28084e..1e02f468 100644
--- a/service/token_test.go
+++ b/service/token_test.go
@@ -93,12 +93,12 @@ func TestSignToken(t *testing.T) {
 	// nil token
 	require.EqualError(t,
 		SignToken(nil, nil),
-		ErrEmptyToken.Error(),
+		ErrNilToken.Error(),
 	)
 
 	require.EqualError(t,
 		VerifyTokenSignature(nil, nil),
-		ErrEmptyToken.Error(),
+		ErrNilToken.Error(),
 	)
 
 	var token SessionToken = new(Token)
diff --git a/service/verify.go b/service/verify.go
index 182685d5..7ac3cf30 100644
--- a/service/verify.go
+++ b/service/verify.go
@@ -35,17 +35,6 @@ type (
 	}
 )
 
-const (
-	// ErrCannotLoadPublicKey is raised when cannot unmarshal public key from RequestVerificationHeader_Sign.
-	ErrCannotLoadPublicKey = internal.Error("cannot load public key")
-
-	// ErrCannotFindOwner is raised when signatures empty in GetOwner.
-	ErrCannotFindOwner = internal.Error("cannot find owner public key")
-
-	// ErrWrongOwner is raised when passed OwnerID not equal to present PublicKey
-	ErrWrongOwner = internal.Error("wrong owner")
-)
-
 // SetSignatures replaces signatures stored in RequestVerificationHeader.
 func (m *RequestVerificationHeader) SetSignatures(signatures []*RequestVerificationHeader_Signature) {
 	m.Signatures = signatures
@@ -81,7 +70,7 @@ func (m *RequestVerificationHeader) GetOwner() (*ecdsa.PublicKey, error) {
 		return key, nil
 	}
 
-	return nil, ErrCannotLoadPublicKey
+	return nil, ErrInvalidPublicKeyBytes
 }
 
 // GetLastPeer tries to get last peer public key from signatures.
@@ -99,7 +88,7 @@ func (m *RequestVerificationHeader) GetLastPeer() (*ecdsa.PublicKey, error) {
 			return key, nil
 		}
 
-		return nil, ErrCannotLoadPublicKey
+		return nil, ErrInvalidPublicKeyBytes
 	}
 }
 
@@ -190,7 +179,7 @@ func VerifyRequestHeader(msg VerifiableRequest) error {
 
 		key := crypto.UnmarshalPublicKey(peer)
 		if key == nil {
-			return errors.Wrapf(ErrCannotLoadPublicKey, "%d: %02x", i, peer)
+			return errors.Wrapf(ErrInvalidPublicKeyBytes, "%d: %02x", i, peer)
 		}
 
 		if size := msg.Size(); size <= cap(data) {