[#963 ] node: Go on initialization even deposit notary is hung

* Make makeAndWaitNotaryDeposit run asynchronously as worker during application boot-up. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
2024-03-12 10:16:04 +03:00
751 changed files with 11565 additions and 26904 deletions
--- a/.docker/Dockerfile.adm
+++ b/.docker/Dockerfile.adm
@ -1,4 +1,4 @@
-FROM golang:1.22 AS builder
+FROM golang:1.21 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ci
+++ b/.docker/Dockerfile.ci
@ -1,4 +1,4 @@
-FROM golang:1.22
+FROM golang:1.21
 WORKDIR /tmp
--- a/.docker/Dockerfile.cli
+++ b/.docker/Dockerfile.cli
@ -1,4 +1,4 @@
-FROM golang:1.22 AS builder
+FROM golang:1.21 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ir
+++ b/.docker/Dockerfile.ir
@ -1,4 +1,4 @@
-FROM golang:1.22 AS builder
+FROM golang:1.21 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.storage
+++ b/.docker/Dockerfile.storage
@ -1,4 +1,4 @@
-FROM golang:1.22 AS builder
+FROM golang:1.21 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.forgejo/workflows/build.yml
+++ b/.forgejo/workflows/build.yml
@ -8,7 +8,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.22', '1.23' ]
+        go_versions: [ '1.20', '1.21' ]
    steps:
      - uses: actions/checkout@v3
--- a/.forgejo/workflows/dco.yml
+++ b/.forgejo/workflows/dco.yml
@ -13,7 +13,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.22'
+          go-version: '1.21'
      - name: Run commit format checker
        uses: https://git.frostfs.info/TrueCloudLab/dco-go@v3
--- a/.forgejo/workflows/pre-commit.yml
+++ b/.forgejo/workflows/pre-commit.yml
@ -1,25 +0,0 @@
 name: Pre-commit hooks
 on: [pull_request]
 jobs:
  precommit:
    name: Pre-commit
    env:
      # Skip pre-commit hooks which are executed by other actions.
      SKIP: make-lint,go-staticcheck-repo-mod,go-unit-tests,gofumpt
    runs-on: ubuntu-22.04
    # If we use actions/setup-python from either Github or Gitea,
    # the line above fails with a cryptic error about not being able to find python.
    # So install everything manually.
    steps:
      - uses: actions/checkout@v3
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: 1.23
      - name: Set up Python
        run: |
          apt update
          apt install -y pre-commit
      - name: Run pre-commit
        run: pre-commit run --color=always --hook-stage manual --all-files
--- a/.forgejo/workflows/tests.yml
+++ b/.forgejo/workflows/tests.yml
@ -11,7 +11,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.21'
          cache: true
      - name: Install linters
@ -25,7 +25,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.22', '1.23' ]
+        go_versions: [ '1.20', '1.21' ]
      fail-fast: false
    steps:
      - uses: actions/checkout@v3
@ -48,7 +48,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.22'
+          go-version: '1.21'
          cache: true
      - name: Run tests
@ -63,7 +63,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.21'
          cache: true
      - name: Install staticcheck
@ -81,7 +81,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.22'
+          go-version: '1.21'
          cache: true
      - name: Install gopls
@ -89,23 +89,3 @@ jobs:
      - name: Run gopls
        run: make gopls-run
  fumpt:
    name: Run gofumpt
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: '1.23'
          cache: true
      - name: Install gofumpt
        run: make fumpt-install
      - name: Run gofumpt
        run: |
          make fumpt
          git diff --exit-code --quiet
--- a/.forgejo/workflows/vulncheck.yml
+++ b/.forgejo/workflows/vulncheck.yml
@ -13,7 +13,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.21'
      - name: Install govulncheck
        run: go install golang.org/x/vuln/cmd/govulncheck@latest
--- a/.gitlint
+++ b/.gitlint
@ -0,0 +1,11 @@
 [general]
 fail-without-commits=True
 regex-style-search=True
 contrib=CC1
 [title-match-regex]
 regex=^\[\#[0-9Xx]+\]\s
 [ignore-by-title]
 regex=^Release(.*)
 ignore=title-match-regex
--- a/.golangci.yml
+++ b/.golangci.yml
@ -12,8 +12,7 @@ run:
 # output configuration options
 output:
  # colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
-  formats:
+  format: tab
    - format: tab
 # all available settings of specific linters
 linters-settings:
@ -38,10 +37,6 @@ linters-settings:
    alias:
      pkg: git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object
      alias: objectSDK
  unused:
    field-writes-are-uses: false
    exported-fields-are-used: false
    local-variables-are-used: false
  custom:
    truecloudlab-linters:
      path: bin/linters/external_linters.so
@ -71,7 +66,7 @@ linters:
    - bidichk
    - durationcheck
    - exhaustive
-    - copyloopvar
+    - exportloopref
    - gofmt
    - goimports
    - misspell
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -2,6 +2,13 @@ ci:
  autofix_prs: false
 repos:
  - repo: https://github.com/jorisroovers/gitlint
    rev:  v0.19.1
    hooks:
      - id: gitlint
        stages: [commit-msg]
      - id: gitlint-ci
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.5.0
    hooks:
@ -16,7 +23,7 @@ repos:
    - id: trailing-whitespace
      args: [--markdown-linebreak-ext=md]
    - id: end-of-file-fixer
-      exclude: "(.key|.svg)$"
+      exclude: ".key$"
  - repo: https://github.com/shellcheck-py/shellcheck-py
    rev: v0.9.0.6
@ -35,7 +42,7 @@ repos:
    hooks:
       - id: go-unit-tests
         name: go unit tests
-         entry: make test GOFLAGS=''
+         entry: make test
         pass_filenames: false
         types: [go]
         language: system
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -9,75 +9,7 @@ Changelog for FrostFS Node
 ### Removed
 ### Updated
-## [v0.42.0]
+## [v0.38.0-rc.2]
 ### Added
 - Add audit logs for gRPC requests (#1184)
 - Add CLI command to convert eACL to APE (#1189)
 - Add `--await` flag to `control set-status` (#60)
 - `app_info` metric for binary version (#1154)
 - `--quiet` flag for healthcheck command (#1209)
 ### Changed
 - Deprecate Container.SetEACL RPC (#1219)
 ### Fixed
 - Take groups into account during APE processing (#1190)
 - Handle double SIGHUP correctly (#1145)
 - Handle empty filenames in tree listing (#1074)
 - Handle duplicate tree nodes in the split-brain scenario (#1234, #1251)
 - Remove APE pre-check in Object.GET/HEAD/RANGE RPC (#1249)
 - Delete EC gc marks and split info (#1257)
 - Do not search for non-existent objects on deletion (#1261)
 ### Updated
 - Make putting EC chunks more robust (#1233)
 ## [v0.41.0]
 ### Added
 - Support mTLS for morph client (#1170)
 ### Fixed
 - Update shard state metric during shard init (#1174)
 - Handle ENOSPC in blobovnicza (#1166)
 - Handle multiple split-infos for EC objects (#1163)
 - Set `Disabled` mode as the default for components (#1168)
 ## [v0.40.0]
 ### Added
 - Support EC chunk reconstruction in policer (#1129)
 - Support LOCK, DELETE and SEARCH methods on EC objects (#1147, 1144)
 - apemanager service to manage APE chains (#1105)
 ### Fixed
 - Properly verify GetRangeHash response (#1083)
 - Send `MONOTONIC_USEC` in sdnotify on reload (#1135)
 ### Updated
 - neo-go to `v0.106.0`
 ## [v0.39.0]
 ### Added
 - Preliminary erasure coding support (#1065, #1112, #1103, #1120)
 - TTL cache for blobovnicza tree (#1004)
 - Cache for frostfsid and policy contracts (#1117)
 - Writecache path to metric labels (#966)
 - Documentation for authentication mechanisms (#1097, #1104)
 - Metrics for metabase resync status (#1029)
 ### Changed
 - Speed up metabase resync (#1024)
 ### Fixed
 - Possible panic in GET_RANGE (#1077)
 ### Updated
 - Minimum required Go version to 1.21
 ## [v0.38.0]
 ### Added
 - Add `trace_id` to logs in `frostfs-node` (#146)
@ -86,7 +18,6 @@ Changelog for FrostFS Node
 - Allow sealing writecache (#569)
 - Support tree service in data evacuation (#947)
 - Use new policy engine mechanism for access control (#770, #804)
 - Log about active notary deposit waiting (#963)
 ### Changed
 - Sort output in `frostfs-cli` subcommands (#333)
--- a/72
+++ b/72
@ -4,19 +4,20 @@ SHELL = bash
 REPO ?= $(shell go list -m)
 VERSION ?= $(shell git describe --tags --dirty --match "v*" --always --abbrev=8 2>/dev/null || cat VERSION 2>/dev/null || echo "develop")
-HUB_IMAGE ?= git.frostfs.info/truecloudlab/frostfs
+HUB_IMAGE ?= truecloudlab/frostfs
 HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"
-GO_VERSION ?= 1.22
+GO_VERSION ?= 1.21
-LINT_VERSION ?= 1.60.3
+LINT_VERSION ?= 1.55.2
-TRUECLOUDLAB_LINT_VERSION ?= 0.0.7
+TRUECLOUDLAB_LINT_VERSION ?= 0.0.3
 PROTOC_VERSION ?= 25.0
 PROTOC_GEN_GO_VERSION ?= $(shell go list -f '{{.Version}}' -m google.golang.org/protobuf)
 PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-api-go/v2)
 PROTOC_OS_VERSION=osx-x86_64
 ifeq ($(shell uname), Linux)
 	PROTOC_OS_VERSION=linux-x86_64
 endif
-STATICCHECK_VERSION ?= 2024.1.1
+STATICCHECK_VERSION ?= 2023.1.6
 ARCH = amd64
 BIN = bin
@ -38,20 +39,14 @@ LINT_DIR = $(OUTPUT_LINT_DIR)/golangci-lint-$(LINT_VERSION)-v$(TRUECLOUDLAB_LINT
 TMP_DIR := .cache
 PROTOBUF_DIR ?= $(abspath $(BIN))/protobuf
 PROTOC_DIR ?= $(PROTOBUF_DIR)/protoc-v$(PROTOC_VERSION)
 PROTOC_GEN_GO_DIR ?= $(PROTOBUF_DIR)/protoc-gen-go-$(PROTOC_GEN_GO_VERSION)
 PROTOGEN_FROSTFS_DIR ?= $(PROTOBUF_DIR)/protogen-$(PROTOGEN_FROSTFS_VERSION)
 STATICCHECK_DIR ?= $(abspath $(BIN))/staticcheck
 STATICCHECK_VERSION_DIR ?= $(STATICCHECK_DIR)/$(STATICCHECK_VERSION)
 SOURCES = $(shell find . -type f -name "*.go" -print)
 GOFUMPT_VERSION ?= v0.7.0
 GOFUMPT_DIR ?= $(abspath $(BIN))/gofumpt
 GOFUMPT_VERSION_DIR ?= $(GOFUMPT_DIR)/$(GOFUMPT_VERSION)
 GOPLS_VERSION ?= v0.15.1
 GOPLS_DIR ?= $(abspath $(BIN))/gopls
 GOPLS_VERSION_DIR ?= $(GOPLS_DIR)/$(GOPLS_VERSION)
 GOPLS_TEMP_FILE := $(shell mktemp)
 FROSTFS_CONTRACTS_PATH=$(abspath ./../frostfs-contract)
 LOCODE_DB_PATH=$(abspath ./.cache/locode_db)
@ -105,20 +100,21 @@ export-metrics: dep
 # Regenerate proto files:
 protoc:
-	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
+	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOC_GEN_GO_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
 		make protoc-install; \
 	fi
 	@for f in `find . -type f -name '*.proto' -not -path './bin/*'`; do \
 		echo "⇒ Processing $$f "; \
 		$(PROTOC_DIR)/bin/protoc \
 			--proto_path=.:$(PROTOC_DIR)/include:/usr/local/include \
 			--plugin=protoc-gen-go=$(PROTOC_GEN_GO_DIR)/protoc-gen-go \
 			--plugin=protoc-gen-go-frostfs=$(PROTOGEN_FROSTFS_DIR)/protogen \
 			--go-frostfs_out=. --go-frostfs_opt=paths=source_relative \
 			--go_out=. --go_opt=paths=source_relative \
 			--go-grpc_opt=require_unimplemented_servers=false \
 			--go-grpc_out=. --go-grpc_opt=paths=source_relative $$f; \
 	done
 # Install protoc
 protoc-install:
 	@rm -rf $(PROTOBUF_DIR)
 	@mkdir $(PROTOBUF_DIR)
@ -126,6 +122,8 @@ protoc-install:
 	@wget -q -O $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip 'https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/protoc-$(PROTOC_VERSION)-$(PROTOC_OS_VERSION).zip'
 	@unzip -q -o $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip -d $(PROTOC_DIR)
 	@rm $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip
 	@echo "⇒ Installing protoc-gen-go..."
 	@GOBIN=$(PROTOC_GEN_GO_DIR) go install -v google.golang.org/protobuf/...@$(PROTOC_GEN_GO_VERSION)
 	@echo "⇒ Instaling protogen FrostFS plugin..."
 	@GOBIN=$(PROTOGEN_FROSTFS_DIR) go install -mod=mod -v git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/util/protogen@$(PROTOGEN_FROSTFS_VERSION)
@ -163,27 +161,15 @@ imports:
 	@echo "⇒ Processing goimports check"
 	@goimports -w cmd/ pkg/ misc/
 # Install gofumpt
 fumpt-install:
 	@rm -rf $(GOFUMPT_DIR)
 	@mkdir $(GOFUMPT_DIR)
 	@GOBIN=$(GOFUMPT_VERSION_DIR) go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION)
 # Run gofumpt
 fumpt:
 	@if [ ! -d "$(GOFUMPT_VERSION_DIR)" ]; then \
 		make fumpt-install; \
 	fi
 	@echo "⇒ Processing gofumpt check"
-	$(GOFUMPT_VERSION_DIR)/gofumpt -l -w cmd/ pkg/ misc/
+	@gofumpt -l -w cmd/ pkg/ misc/
 # Run Unit Test with go test
 test: GOFLAGS ?= "-count=1"
 test:
 	@echo "⇒ Running go test"
-	@GOFLAGS="$(GOFLAGS)" go test ./...
+	@go test ./... -count=1
 # Run pre-commit
 pre-commit-run:
 	@pre-commit run -a --hook-stage manual
@ -197,7 +183,7 @@ lint-install:
 	@@make -C $(TMP_DIR)/linters lib CGO_ENABLED=1 OUT_DIR=$(OUTPUT_LINT_DIR)
 	@rm -rf $(TMP_DIR)/linters
 	@rmdir $(TMP_DIR) 2>/dev/null || true
-	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install -trimpath github.com/golangci/golangci-lint/cmd/golangci-lint@v$(LINT_VERSION)
+	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install github.com/golangci/golangci-lint/cmd/golangci-lint@v$(LINT_VERSION)
 # Run linters
 lint:
@ -219,23 +205,18 @@ staticcheck-run:
 	fi
 	@$(STATICCHECK_VERSION_DIR)/staticcheck ./...
 # Install gopls
 gopls-install:
 	@rm -rf $(GOPLS_DIR)
 	@mkdir $(GOPLS_DIR)
 	@GOBIN=$(GOPLS_VERSION_DIR) go install golang.org/x/tools/gopls@$(GOPLS_VERSION)
 # Run gopls
 gopls-run:
 	@if [ ! -d "$(GOPLS_VERSION_DIR)" ]; then \
 		make gopls-install; \
 	fi
-	$(GOPLS_VERSION_DIR)/gopls check $(SOURCES) 2>&1 >$(GOPLS_TEMP_FILE)
+	@if [[ $$(find . -type f -name "*.go" -print | xargs $(GOPLS_VERSION_DIR)/gopls check | tee /dev/tty | wc -l) -ne 0 ]]; then \
 	@if [[ $$(wc -l < $(GOPLS_TEMP_FILE)) -ne 0 ]]; then \
 		cat $(GOPLS_TEMP_FILE); \
 		exit 1; \
 	fi
 	rm $(GOPLS_TEMP_FILE)
 # Run linters in Docker
 docker/lint:
@ -272,36 +253,27 @@ debpackage:
 			"Please see CHANGELOG.md for code changes for $(VERSION)"
 	dpkg-buildpackage --no-sign -b
 # Cleanup deb package build directories
 debclean:
 	dh clean
 # Download locode database
 locode-download:
-	mkdir -p $(TMP_DIR)
+	@wget -q -O ./.cache/locode_db.gz 'https://git.frostfs.info/TrueCloudLab/frostfs-locode-db/releases/download/${LOCODE_DB_VERSION}/locode_db.gz'
-	@wget -q -O ./$(TMP_DIR)/locode_db.gz 'https://git.frostfs.info/TrueCloudLab/frostfs-locode-db/releases/download/${LOCODE_DB_VERSION}/locode_db.gz'
+	gzip -dfk ./.cache/locode_db.gz
 	gzip -dfk ./$(TMP_DIR)/locode_db.gz
 # Start dev environment
 env-up: all
 	docker compose -f dev/docker-compose.yml up -d
 	@if [ ! -d "$(FROSTFS_CONTRACTS_PATH)" ]; then \
 		echo "Frostfs contracts not found"; exit 1; \
 	fi
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph init --contracts ${FROSTFS_CONTRACTS_PATH}
-	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet01.json --gas 10.0
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet.json --gas 10.0
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet02.json --gas 10.0
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet03.json --gas 10.0
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet04.json --gas 10.0
 	@if [ ! -f "$(LOCODE_DB_PATH)" ]; then \
 		make locode-download; \
 	fi
 	mkdir -p ./$(TMP_DIR)/state
 	mkdir -p ./$(TMP_DIR)/storage
 # Shutdown dev environment
 env-down:
 	docker compose -f dev/docker-compose.yml down
 	docker volume rm -f frostfs-node_neo-go
-	rm -rf ./$(TMP_DIR)/state
+	rm -f ./.cache/.frostfs-ir-state
-	rm -rf ./$(TMP_DIR)/storage
+	rm -f ./.cache/.frostfs-node-state
 	rm -rf ./.cache/storage
--- a/README.md
+++ b/README.md
@ -7,8 +7,9 @@
 </p>
 ---
-[![Report](https://goreportcard.com/badge/git.frostfs.info/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/git.frostfs.info/TrueCloudLab/frostfs-node)
+[![Report](https://goreportcard.com/badge/github.com/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/github.com/TrueCloudLab/frostfs-node)
-![Release (latest)](https://git.frostfs.info/TrueCloudLab/frostfs-node/badges/release.svg)
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/TrueCloudLab/frostfs-node?sort=semver)
 ![License](https://img.shields.io/github/license/TrueCloudLab/frostfs-node.svg?style=popout)
 # Overview
@ -32,8 +33,8 @@ manipulate large amounts of data without paying a prohibitive price.
 FrostFS has a native [gRPC API](https://git.frostfs.info/TrueCloudLab/frostfs-api) and has
 protocol gateways for popular protocols such as [AWS
-S3](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw),
+S3](https://github.com/TrueCloudLab/frostfs-s3-gw),
-[HTTP](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw),
+[HTTP](https://github.com/TrueCloudLab/frostfs-http-gw),
 [FUSE](https://wikipedia.org/wiki/Filesystem_in_Userspace) and
 [sFTP](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol) allowing
 developers to integrate applications without rewriting their code.
@ -44,11 +45,11 @@ Now, we only support GNU/Linux on amd64 CPUs with AVX/AVX2 instructions. More
 platforms will be officially supported after release `1.0`.
 The latest version of frostfs-node works with frostfs-contract
-[v0.19.2](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/tag/v0.19.2).
+[v0.16.0](https://github.com/TrueCloudLab/frostfs-contract/releases/tag/v0.16.0).
 # Building
-To make all binaries you need Go 1.22+ and `make`:
+To make all binaries you need Go 1.20+ and `make`:
 ```
 make all
 ```
@ -70,7 +71,7 @@ make docker/bin/frostfs-<name> # build a specific binary
 ## Docker images
-To make docker images suitable for use in [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/) use:
+To make docker images suitable for use in [frostfs-dev-env](https://github.com/TrueCloudLab/frostfs-dev-env/) use:
 ```
 make images
 ```
@ -124,7 +125,7 @@ the feature/topic you are going to implement.
 # Credits
-FrostFS is maintained by [True Cloud Lab](https://git.frostfs.info/TrueCloudLab/) with the help and
+FrostFS is maintained by [True Cloud Lab](https://github.com/TrueCloudLab/) with the help and
 contributions from community members.
 Please see [CREDITS](CREDITS.md) for details.
--- a/2
+++ b/2
@ -1 +1 @@
-v0.42.0
+v0.36.0
--- a/cmd/frostfs-adm/README.md
+++ b/cmd/frostfs-adm/README.md
@ -56,8 +56,7 @@ credentials:     # passwords for consensus node / alphabet wallets
 #### Network deployment
 - `generate-alphabet` generates a set of wallets for consensus and
-  Alphabet nodes. The list of the name for alphabet wallets(no gaps between names allowed, order is important):
+  Alphabet nodes.
  - az, buky, vedi, glagoli, dobro, yest, zhivete, dzelo, zemlja, izhe, izhei, gerv, kako, ljudi, mislete, nash, on, pokoj, rtsi, slovo, tverdo, uk
 - `init` initializes the sidechain by deploying smart contracts and
  setting provided FrostFS network configuration.
--- a/cmd/frostfs-adm/docs/deploy.md
+++ b/cmd/frostfs-adm/docs/deploy.md
@ -9,8 +9,8 @@ related configuration details.
 To follow this guide you need:
 - latest released version of [neo-go](https://github.com/nspcc-dev/neo-go/releases) (v0.97.2 at the moment),
- latest released version of [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/releases) utility (v0.42.9 at the moment),
+- latest released version of [frostfs-adm](https://github.com/TrueCloudLab/frostfs-node/releases) utility (v0.25.1 at the moment),
- latest released version of compiled [frostfs-contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases) (v0.19.2 at the moment).
+- latest released version of compiled [frostfs-contract](https://github.com/TrueCloudLab/frostfs-contract/releases) (v0.11.0 at the moment).
 ## Step 1: Prepare network configuration
@ -34,8 +34,6 @@ alphabet-wallets: /home/user/deploy/alphabet-wallets
 network:
  max_object_size: 67108864
  epoch_duration: 240
  max_ec_data_count: 12
  max_ec_parity_count: 4
  fee:
    candidate: 0
    container: 0
@ -64,11 +62,6 @@ alphabet-wallets: /home/user/deploy/alphabet-wallets
 wallet[0]: hunter2
 ```
 This command generates wallets with the following names:
 - az, buky, vedi, glagoli, dobro, yest, zhivete, dzelo, zemlja, izhe, izhei, gerv, kako, ljudi, mislete, nash, on, pokoj, rtsi, slovo, tverdo, uk
 No gaps between names allowed, order is important.
 Do not lose wallet files and network config. Store it in an encrypted backed up
 storage.
--- a/cmd/frostfs-adm/internal/commonflags/flags.go
+++ b/cmd/frostfs-adm/internal/commonflags/flags.go
@ -26,8 +26,6 @@ const (
 	ContractsURLFlagDesc            = "URL to archive with compiled FrostFS contracts"
 	EpochDurationInitFlag           = "network.epoch_duration"
 	MaxObjectSizeInitFlag           = "network.max_object_size"
 	MaxECDataCountFlag              = "network.max_ec_data_count"
 	MaxECParityCounFlag             = "network.max_ec_parity_count"
 	RefillGasAmountFlag             = "gas"
 	StorageWalletFlag               = "storage-wallet"
 	ContainerFeeInitFlag            = "network.fee.container"
@ -38,5 +36,4 @@ const (
 	HomomorphicHashDisabledInitFlag = "network.homomorphic_hash_disabled"
 	CustomZoneFlag                  = "domain"
 	AlphabetSizeFlag                = "size"
 	AllFlag                         = "all"
 )
--- a/cmd/frostfs-adm/internal/modules/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/config/config.go
@ -21,8 +21,6 @@ type configTemplate struct {
 	CandidateFee            int
 	ContainerFee            int
 	ContainerAliasFee       int
 	MaxECDataCount          int
 	MaxECParityCount        int
 	WithdrawFee             int
 	Glagolitics             []string
 	HomomorphicHashDisabled bool
@ -33,8 +31,6 @@ alphabet-wallets: {{ .AlphabetDir}}
 network:
  max_object_size: {{ .MaxObjectSize}}
  epoch_duration: {{ .EpochDuration}}
  max_ec_data_count: {{ .MaxECDataCount}}
  max_ec_parity_count: {{ .MaxECParityCount}}
  homomorphic_hash_disabled: {{ .HomomorphicHashDisabled}}
  fee:
    candidate: {{ .CandidateFee}}
@ -110,8 +106,6 @@ func generateConfigExample(appDir string, credSize int) (string, error) {
 	tmpl := configTemplate{
 		Endpoint:                "https://neo.rpc.node:30333",
 		MaxObjectSize:           67108864,      // 64 MiB
 		MaxECDataCount:          12,            // Tested with 16-node networks, assuming 12 data + 4 parity nodes.
 		MaxECParityCount:        4,             // Maximum 4 parity chunks, typically <= 3 for most policies.
 		EpochDuration:           240,           // 1 hour with 15s per block
 		HomomorphicHashDisabled: false,         // object homomorphic hash is enabled
 		CandidateFee:            100_0000_0000, // 100.0 GAS (Fixed8)
--- a/cmd/frostfs-adm/internal/modules/config/config_test.go
+++ b/cmd/frostfs-adm/internal/modules/config/config_test.go
@ -27,8 +27,6 @@ func TestGenerateConfigExample(t *testing.T) {
 	require.Equal(t, "https://neo.rpc.node:30333", v.GetString("rpc-endpoint"))
 	require.Equal(t, filepath.Join(appDir, "alphabet-wallets"), v.GetString("alphabet-wallets"))
 	require.Equal(t, 67108864, v.GetInt("network.max_object_size"))
 	require.Equal(t, 12, v.GetInt("network.max_ec_data_count"))
 	require.Equal(t, 4, v.GetInt("network.max_ec_parity_count"))
 	require.Equal(t, 240, v.GetInt("network.epoch_duration"))
 	require.Equal(t, 10000000000, v.GetInt("network.fee.candidate"))
 	require.Equal(t, 1000, v.GetInt("network.fee.container"))
--- a/cmd/frostfs-adm/internal/modules/metabase/root.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/root.go
@ -1,15 +0,0 @@
 package metabase
 import "github.com/spf13/cobra"
 // RootCmd is a root command of config section.
 var RootCmd = &cobra.Command{
 	Use:   "metabase",
 	Short: "Section for metabase commands",
 }
 func init() {
 	RootCmd.AddCommand(UpgradeCmd)
 	initUpgradeCommand()
 }
--- a/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
@ -1,99 +0,0 @@
 package metabase
 import (
 	"errors"
 	"fmt"
 	"sync"
 	"time"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
 	engineconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine"
 	shardconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard"
 	meta "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/metabase"
 	"github.com/spf13/cobra"
 	"golang.org/x/sync/errgroup"
 )
 const (
 	pathFlag      = "path"
 	noCompactFlag = "no-compact"
 )
 var errNoPathsFound = errors.New("no metabase paths found")
 var path string
 var UpgradeCmd = &cobra.Command{
 	Use:   "upgrade",
 	Short: "Upgrade metabase to latest version",
 	RunE:  upgrade,
 }
 func upgrade(cmd *cobra.Command, _ []string) error {
 	configFile, err := cmd.Flags().GetString(commonflags.ConfigFlag)
 	if err != nil {
 		return err
 	}
 	configDir, err := cmd.Flags().GetString(commonflags.ConfigDirFlag)
 	if err != nil {
 		return err
 	}
 	noCompact, _ := cmd.Flags().GetBool(noCompactFlag)
 	var paths []string
 	if path != "" {
 		paths = append(paths, path)
 	}
 	appCfg := config.New(configFile, configDir, config.EnvPrefix)
 	if err := engineconfig.IterateShards(appCfg, false, func(sc *shardconfig.Config) error {
 		paths = append(paths, sc.Metabase().Path())
 		return nil
 	}); err != nil {
 		return fmt.Errorf("failed to get metabase paths: %w", err)
 	}
 	if len(paths) == 0 {
 		return errNoPathsFound
 	}
 	cmd.Println("found", len(paths), "metabases:")
 	for i, path := range paths {
 		cmd.Println(i+1, ":", path)
 	}
 	result := make(map[string]bool)
 	var resultGuard sync.Mutex
 	eg, ctx := errgroup.WithContext(cmd.Context())
 	for _, path := range paths {
 		eg.Go(func() error {
 			var success bool
 			cmd.Println("upgrading metabase", path, "...")
 			if err := meta.Upgrade(ctx, path, !noCompact, func(a ...any) {
 				cmd.Println(append([]any{time.Now().Format(time.RFC3339), ":", path, ":"}, a...)...)
 			}); err != nil {
 				cmd.Println("error: failed to upgrade metabase", path, ":", err)
 			} else {
 				success = true
 				cmd.Println("metabase", path, "upgraded successfully")
 			}
 			resultGuard.Lock()
 			result[path] = success
 			resultGuard.Unlock()
 			return nil
 		})
 	}
 	if err := eg.Wait(); err != nil {
 		return err
 	}
 	for mb, ok := range result {
 		if ok {
 			cmd.Println(mb, ": success")
 		} else {
 			cmd.Println(mb, ": failed")
 		}
 	}
 	return nil
 }
 func initUpgradeCommand() {
 	flags := UpgradeCmd.Flags()
 	flags.StringVar(&path, pathFlag, "", "Path to metabase file")
 	flags.Bool(noCompactFlag, false, "Do not compact upgraded metabase file")
 }
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
@ -16,8 +16,6 @@ import (
 const (
 	namespaceTarget   = "namespace"
 	containerTarget   = "container"
 	userTarget        = "user"
 	groupTarget       = "group"
 	jsonFlag          = "json"
 	jsonFlagDesc      = "Output rule chains in JSON format"
 	chainIDFlag       = "chain-id"
@ -84,15 +82,6 @@ var (
 		},
 		Run: getAdmin,
 	}
 	listTargetsCmd = &cobra.Command{
 		Use:   "list-targets",
 		Short: "List targets",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: listTargets,
 	}
 )
 func initAddRuleChainCmd() {
@ -125,9 +114,8 @@ func initRemoveRuleChainCmd() {
 	removeRuleChainCmd.Flags().String(targetNameFlag, "", targetNameDesc)
 	_ = removeRuleChainCmd.MarkFlagRequired(targetNameFlag)
 	removeRuleChainCmd.Flags().String(chainIDFlag, "", chainIDDesc)
 	_ = removeRuleChainCmd.MarkFlagRequired(chainIDFlag)
 	removeRuleChainCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
 	removeRuleChainCmd.Flags().Bool(commonflags.AllFlag, false, "Remove all chains for target")
 	removeRuleChainCmd.MarkFlagsMutuallyExclusive(commonflags.AllFlag, chainIDFlag)
 }
 func initListRuleChainsCmd() {
@ -157,14 +145,6 @@ func initGetAdminCmd() {
 	getAdminCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 }
 func initListTargetsCmd() {
 	Cmd.AddCommand(listTargetsCmd)
 	listTargetsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	listTargetsCmd.Flags().StringP(targetTypeFlag, "t", "", targetTypeDesc)
 	_ = listTargetsCmd.MarkFlagRequired(targetTypeFlag)
 }
 func addRuleChain(cmd *cobra.Command, _ []string) {
 	chain := parseChain(cmd)
 	target := parseTarget(cmd)
@ -177,23 +157,14 @@ func addRuleChain(cmd *cobra.Command, _ []string) {
 }
 func removeRuleChain(cmd *cobra.Command, _ []string) {
 	chainID := parseChainID(cmd)
 	target := parseTarget(cmd)
 	pci, ac := newPolicyContractInterface(cmd)
 	removeAll, _ := cmd.Flags().GetBool(commonflags.AllFlag)
 	if removeAll {
 		h, vub, err := pci.RemoveMorphRuleChainsByTarget(parseChainName(cmd), target)
 		cmd.Println("Waiting for transaction to persist...")
 		_, err = ac.Wait(h, vub, err)
 		commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
 		cmd.Println("All chains for target removed successfully")
 	} else {
 		chainID := parseChainID(cmd)
 	h, vub, err := pci.RemoveMorphRuleChain(parseChainName(cmd), target, chainID)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = ac.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
 	cmd.Println("Rule chain removed successfully")
 	}
 }
 func listRuleChains(cmd *cobra.Command, _ []string) {
@ -234,29 +205,6 @@ func getAdmin(cmd *cobra.Command, _ []string) {
 	cmd.Println(addr.StringLE())
 }
 func listTargets(cmd *cobra.Command, _ []string) {
 	typ, err := parseTargetType(cmd)
 	commonCmd.ExitOnErr(cmd, "parse target type error: %w", err)
 	pci, inv := newPolicyContractReaderInterface(cmd)
 	sid, it, err := pci.ListTargetsIterator(typ)
 	commonCmd.ExitOnErr(cmd, "list targets error: %w", err)
 	items, err := inv.TraverseIterator(sid, &it, 0)
 	for err == nil && len(items) != 0 {
 		for _, item := range items {
 			bts, err := item.TryBytes()
 			commonCmd.ExitOnErr(cmd, "list targets error: %w", err)
 			if len(bts) == 0 {
 				cmd.Println("(no name)")
 			} else {
 				cmd.Println(string(bts))
 			}
 		}
 		items, err = inv.TraverseIterator(sid, &it, 0)
 		commonCmd.ExitOnErr(cmd, "unable to list targets: %w", err)
 	}
 }
 func prettyJSONFormat(cmd *cobra.Command, chains []*apechain.Chain) {
 	wr := bytes.NewBufferString("")
 	data, err := json.Marshal(chains)
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
@ -1,7 +1,7 @@
 package ape
 import (
-	"errors"
+	"fmt"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
@ -28,50 +28,30 @@ var mChainName = map[string]apechain.Name{
 	s3:      apechain.S3,
 }
 var (
 	errUnknownTargetType    = errors.New("unknown target type")
 	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
 	errRuleIsNotParsed      = errors.New("rule is not passed")
 	errUnsupportedChainName = errors.New("unsupported chain name")
 )
 func parseTarget(cmd *cobra.Command) policyengine.Target {
-	name, _ := cmd.Flags().GetString(targetNameFlag)
+	var targetType policyengine.TargetType
 	typ, err := parseTargetType(cmd)
 	// interpret "root" namespace as empty
 	if typ == policyengine.Namespace && name == "root" {
 		name = ""
 	}
 	commonCmd.ExitOnErr(cmd, "read target type error: %w", err)
 	return policyengine.Target{
 		Name: name,
 		Type: typ,
 	}
 }
 func parseTargetType(cmd *cobra.Command) (policyengine.TargetType, error) {
 	typ, _ := cmd.Flags().GetString(targetTypeFlag)
 	switch typ {
 	case namespaceTarget:
-		return policyengine.Namespace, nil
+		targetType = policyengine.Namespace
 	case containerTarget:
-		return policyengine.Container, nil
+		targetType = policyengine.Container
-	case userTarget:
+	default:
-		return policyengine.User, nil
+		commonCmd.ExitOnErr(cmd, "read target type error: %w", fmt.Errorf("unknown target type"))
-	case groupTarget:
+	}
-		return policyengine.Group, nil
+	name, _ := cmd.Flags().GetString(targetNameFlag)
 	return policyengine.Target{
 		Name: name,
 		Type: targetType,
 	}
 	return -1, errUnknownTargetType
 }
 func parseChainID(cmd *cobra.Command) apechain.ID {
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
-			errChainIDCannotBeEmpty)
+			fmt.Errorf("chain id cannot be empty"))
 	}
 	return apechain.ID(chainID)
 }
@ -84,7 +64,7 @@ func parseChain(cmd *cobra.Command) *apechain.Chain {
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
-		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
+		commonCmd.ExitOnErr(cmd, "parser error: %w", fmt.Errorf("rule is not passed"))
 	}
 	chain.ID = parseChainID(cmd)
@ -99,21 +79,11 @@ func parseChainName(cmd *cobra.Command) apechain.Name {
 	chainName, _ := cmd.Flags().GetString(chainNameFlag)
 	apeChainName, ok := mChainName[strings.ToLower(chainName)]
 	if !ok {
-		commonCmd.ExitOnErr(cmd, "", errUnsupportedChainName)
+		commonCmd.ExitOnErr(cmd, "", fmt.Errorf("unsupported chain name"))
 	}
 	return apeChainName
 }
 // invokerAdapter adapats invoker.Invoker to ContractStorageInvoker interface.
 type invokerAdapter struct {
 	*invoker.Invoker
 	rpcActor invoker.RPCInvoke
 }
 func (n *invokerAdapter) GetRPCInvoker() invoker.RPCInvoke {
 	return n.rpcActor
 }
 func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorageReader, *invoker.Invoker) {
 	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
@ -121,18 +91,13 @@ func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorag
 	inv := invoker.New(c, nil)
 	var ch util.Uint160
 	r := management.NewReader(inv)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
 	ch, err = helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
 	commonCmd.ExitOnErr(cmd, "unable to resolve policy contract hash: %w", err)
-	invokerAdapter := &invokerAdapter{
+	return morph.NewContractStorageReader(inv, ch), inv
 		Invoker:  inv,
 		rpcActor: c,
 	}
 	return morph.NewContractStorageReader(invokerAdapter, ch), inv
 }
 func newPolicyContractInterface(cmd *cobra.Command) (*morph.ContractStorage, *helper.LocalActor) {
@ -144,7 +109,7 @@ func newPolicyContractInterface(cmd *cobra.Command) (*morph.ContractStorage, *he
 	var ch util.Uint160
 	r := management.NewReader(ac.Invoker)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
 	ch, err = helper.NNSResolveHash(ac.Invoker, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
--- a/cmd/frostfs-adm/internal/modules/morph/ape/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/root.go
@ -13,5 +13,4 @@ func init() {
 	initListRuleChainsCmd()
 	initSetAdminCmd()
 	initGetAdminCmd()
 	initListTargetsCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
+++ b/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
@ -60,7 +60,7 @@ func dumpBalances(cmd *cobra.Command, _ []string) error {
 	if dumpStorage || dumpAlphabet || dumpProxy {
 		r := management.NewReader(inv)
-		nnsCs, err = helper.GetContractByID(r, 1)
+		nnsCs, err = r.GetContractByID(1)
 		if err != nil {
 			return fmt.Errorf("can't get NNS contract info: %w", err)
 		}
--- a/cmd/frostfs-adm/internal/modules/morph/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/config.go
@ -34,7 +34,7 @@ func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
 	inv := invoker.New(c, nil)
 	r := management.NewReader(inv)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't get NNS contract info: %w", err)
 	}
@ -60,8 +60,7 @@ func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
 		switch k {
 		case netmap.ContainerFeeConfig, netmap.ContainerAliasFeeConfig,
 			netmap.EpochDurationConfig, netmap.IrCandidateFeeConfig,
-			netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig,
+			netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig:
 			netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig:
 			nbuf := make([]byte, 8)
 			copy(nbuf[:], v)
 			n := binary.LittleEndian.Uint64(nbuf)
@ -93,7 +92,7 @@ func SetConfigCmd(cmd *cobra.Command, args []string) error {
 	}
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't get NNS contract info: %w", err)
 	}
@ -104,22 +103,14 @@ func SetConfigCmd(cmd *cobra.Command, args []string) error {
 	}
 	forceFlag, _ := cmd.Flags().GetBool(forceConfigSet)
 	bw := io.NewBufBinWriter()
 	prm := make(map[string]any)
 	for _, arg := range args {
 		k, v, err := parseConfigPair(arg, forceFlag)
 		if err != nil {
 			return err
 		}
 		prm[k] = v
 	}
 	if err := validateConfig(prm, forceFlag); err != nil {
 		return err
 	}
 	for k, v := range prm {
 		// In NeoFS this is done via Notary contract. Here, however, we can form the
 		// transaction locally. The first `nil` argument is required only for notary
 		// disabled environment which is not supported by that command.
@ -137,50 +128,6 @@ func SetConfigCmd(cmd *cobra.Command, args []string) error {
 	return wCtx.AwaitTx()
 }
 const maxECSum = 256
 func validateConfig(args map[string]any, forceFlag bool) error {
 	var sumEC int64
 	_, okData := args[netmap.MaxECDataCountConfig]
 	_, okParity := args[netmap.MaxECParityCountConfig]
 	if okData != okParity {
 		return fmt.Errorf("both %s and %s must be present in the configuration",
 			netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig)
 	}
 	for k, v := range args {
 		switch k {
 		case netmap.ContainerFeeConfig, netmap.ContainerAliasFeeConfig,
 			netmap.EpochDurationConfig, netmap.IrCandidateFeeConfig,
 			netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig,
 			netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig:
 			value, ok := v.(int64)
 			if !ok {
 				return fmt.Errorf("%s has an invalid type. Expected type: int", k)
 			}
 			if value < 0 {
 				return fmt.Errorf("%s must be >= 0, got %v", k, v)
 			}
 			if k == netmap.MaxECDataCountConfig || k == netmap.MaxECParityCountConfig {
 				sumEC += value
 			}
 		case netmap.HomomorphicHashingDisabledKey, netmap.MaintenanceModeAllowedConfig:
 			_, ok := v.(bool)
 			if !ok {
 				return fmt.Errorf("%s has an invalid type. Expected type: bool", k)
 			}
 		}
 	}
 	if sumEC > maxECSum && !forceFlag {
 		return fmt.Errorf("the sum of %s and %s must be <= %d, got %d",
 			netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig, maxECSum, sumEC)
 	}
 	return nil
 }
 func parseConfigPair(kvStr string, force bool) (key string, val any, err error) {
 	k, v, found := strings.Cut(kvStr, "=")
 	if !found {
@ -193,8 +140,7 @@ func parseConfigPair(kvStr string, force bool) (key string, val any, err error)
 	switch key {
 	case netmap.ContainerFeeConfig, netmap.ContainerAliasFeeConfig,
 		netmap.EpochDurationConfig, netmap.IrCandidateFeeConfig,
-		netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig,
+		netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig:
 		netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig:
 		val, err = strconv.ParseInt(valRaw, 10, 64)
 		if err != nil {
 			err = fmt.Errorf("could not parse %s's value '%s' as int: %w", key, valRaw, err)
--- a/cmd/frostfs-adm/internal/modules/morph/config/config_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/config_test.go
@ -1,34 +0,0 @@
 package config
 import (
 	"testing"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client/netmap"
 	"github.com/stretchr/testify/require"
 )
 func Test_ValidateConfig(t *testing.T) {
 	testArgs := make(map[string]any)
 	testArgs[netmap.MaxECDataCountConfig] = int64(11)
 	require.Error(t, validateConfig(testArgs, false))
 	testArgs[netmap.MaxECParityCountConfig] = int64(256)
 	require.Error(t, validateConfig(testArgs, false))
 	require.NoError(t, validateConfig(testArgs, true))
 	testArgs[netmap.MaxECParityCountConfig] = int64(-1)
 	require.Error(t, validateConfig(testArgs, false))
 	testArgs[netmap.MaxECParityCountConfig] = int64(55)
 	require.NoError(t, validateConfig(testArgs, false))
 	testArgs[netmap.HomomorphicHashingDisabledKey] = "1"
 	require.Error(t, validateConfig(testArgs, false))
 	testArgs[netmap.HomomorphicHashingDisabledKey] = true
 	require.NoError(t, validateConfig(testArgs, false))
 	testArgs["not-well-known-configuration-key"] = "key"
 	require.NoError(t, validateConfig(testArgs, false))
 }
--- a/cmd/frostfs-adm/internal/modules/morph/container/container.go
+++ b/cmd/frostfs-adm/internal/modules/morph/container/container.go
@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"os"
 	"slices"
 	"sort"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
@ -34,7 +33,7 @@ func getContainerContractHash(cmd *cobra.Command, inv *invoker.Invoker) (util.Ui
 	}
 	if err != nil {
 		r := management.NewReader(inv)
-		nnsCs, err := helper.GetContractByID(r, 1)
+		nnsCs, err := r.GetContractByID(1)
 		if err != nil {
 			return util.Uint160{}, fmt.Errorf("can't get NNS contract state: %w", err)
 		}
@ -304,7 +303,7 @@ func parseContainers(filename string) ([]Container, error) {
 func fetchContainerContractHash(wCtx *helper.InitializeContext) (util.Uint160, error) {
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	if err != nil {
 		return util.Uint160{}, fmt.Errorf("can't get NNS contract state: %w", err)
 	}
@ -447,7 +446,7 @@ func getCIDFilterFunc(cmd *cobra.Command) (func([]byte) bool, error) {
 		var id cid.ID
 		id.SetSHA256(v)
 		idStr := id.EncodeToString()
-		_, found := slices.BinarySearch(rawIDs, idStr)
+		n := sort.Search(len(rawIDs), func(i int) bool { return rawIDs[i] >= idStr })
-		return found
+		return n < len(rawIDs) && rawIDs[n] == idStr
 	}, nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
@ -79,7 +79,7 @@ func deployContractCmd(cmd *cobra.Command, args []string) error {
 	}
 	r := management.NewReader(c.ReadOnlyInvoker)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't fetch NNS contract state: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
@ -42,7 +42,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 	}
 	r := management.NewReader(invoker.New(c, nil))
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return err
 	}
@ -68,7 +68,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 	if irSize != 0 {
 		bw.Reset()
-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			emit.AppCall(bw.BinWriter, cs.Hash, "resolve", callflag.ReadOnly,
 				helper.GetAlphabetNNSDomain(i),
 				int64(nns.TXT))
@ -79,7 +79,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 			return fmt.Errorf("can't fetch info from NNS: %w", err)
 		}
-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			info := contractDumpInfo{name: fmt.Sprintf("alphabet %d", i)}
 			if h, err := helper.ParseNNSResolveResult(alphaRes.Stack[i]); err == nil {
 				info.hash = h
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
@ -3,32 +3,24 @@ package frostfsid
 import (
 	"errors"
 	"fmt"
 	"math/big"
 	"sort"
 	frostfsidclient "git.frostfs.info/TrueCloudLab/frostfs-contract/frostfsid/client"
 	frostfsidrpclient "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/frostfsid"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/neorpc/result"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/vm/emit"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 const iteratorBatchSize = 1
 const (
 	namespaceFlag      = "namespace"
 	subjectNameFlag    = "subject-name"
@ -202,7 +194,6 @@ func initFrostfsIDCreateGroupCmd() {
 	frostfsidCreateGroupCmd.Flags().String(namespaceFlag, "", "Namespace where create group")
 	frostfsidCreateGroupCmd.Flags().String(groupNameFlag, "", "Group name, must be unique in namespace")
 	frostfsidCreateGroupCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	_ = frostfsidCreateGroupCmd.MarkFlagRequired(groupNameFlag)
 }
 func initFrostfsIDDeleteGroupCmd() {
@ -258,15 +249,12 @@ func frostfsidCreateNamespace(cmd *cobra.Command, _ []string) {
 }
 func frostfsidListNamespaces(cmd *cobra.Command, _ []string) {
-	inv, _, hash := initInvoker(cmd)
+	ffsid, err := newFrostfsIDClient(cmd)
-	reader := frostfsidrpclient.NewReader(inv, hash)
+	commonCmd.ExitOnErr(cmd, "init contract invoker: %w", err)
-	sessionID, it, err := reader.ListNamespaces()
+
-	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
+	namespaces, err := ffsid.roCli.ListNamespaces()
-	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
+	commonCmd.ExitOnErr(cmd, "list namespaces: %w", err)
 	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
 	namespaces, err := frostfsidclient.ParseNamespaces(items)
 	commonCmd.ExitOnErr(cmd, "can't parse namespace: %w", err)
 	sort.Slice(namespaces, func(i, j int) bool { return namespaces[i].Name < namespaces[j].Name })
 	for _, namespace := range namespaces {
@ -307,15 +295,14 @@ func frostfsidDeleteSubject(cmd *cobra.Command, _ []string) {
 }
 func frostfsidListSubjects(cmd *cobra.Command, _ []string) {
 	includeNames, _ := cmd.Flags().GetBool(includeNamesFlag)
 	ns := getFrostfsIDNamespace(cmd)
-	inv, _, hash := initInvoker(cmd)
+	includeNames, _ := cmd.Flags().GetBool(includeNamesFlag)
 	reader := frostfsidrpclient.NewReader(inv, hash)
 	sessionID, it, err := reader.ListNamespaceSubjects(ns)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	subAddresses, err := frostfsidclient.UnwrapArrayOfUint160(readIterator(inv, &it, iteratorBatchSize, sessionID))
+	ffsid, err := newFrostfsIDClient(cmd)
-	commonCmd.ExitOnErr(cmd, "can't unwrap: %w", err)
+	commonCmd.ExitOnErr(cmd, "init contract invoker: %w", err)
 	subAddresses, err := ffsid.roCli.ListNamespaceSubjects(ns)
 	commonCmd.ExitOnErr(cmd, "list subjects: %w", err)
 	sort.Slice(subAddresses, func(i, j int) bool { return subAddresses[i].Less(subAddresses[j]) })
@ -325,14 +312,8 @@ func frostfsidListSubjects(cmd *cobra.Command, _ []string) {
 			continue
 		}
-		sessionID, it, err := reader.ListSubjects()
+		subj, err := ffsid.roCli.GetSubject(addr)
-		commonCmd.ExitOnErr(cmd, "can't get subject: %w", err)
+		commonCmd.ExitOnErr(cmd, "get subject: %w", err)
 		items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 		commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
 		subj, err := frostfsidclient.ParseSubject(items)
 		commonCmd.ExitOnErr(cmd, "can't parse subject: %w", err)
 		cmd.Printf("%s (%s)\n", address.Uint160ToString(addr), subj.Name)
 	}
@ -367,17 +348,13 @@ func frostfsidDeleteGroup(cmd *cobra.Command, _ []string) {
 }
 func frostfsidListGroups(cmd *cobra.Command, _ []string) {
 	inv, _, hash := initInvoker(cmd)
 	ns := getFrostfsIDNamespace(cmd)
-	reader := frostfsidrpclient.NewReader(inv, hash)
+	ffsid, err := newFrostfsIDClient(cmd)
-	sessionID, it, err := reader.ListGroups(ns)
+	commonCmd.ExitOnErr(cmd, "init contract invoker: %w", err)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
+	groups, err := ffsid.roCli.ListGroups(ns)
-	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)
+	commonCmd.ExitOnErr(cmd, "list groups: %w", err)
 	groups, err := frostfsidclient.ParseGroups(items)
 	commonCmd.ExitOnErr(cmd, "can't parse groups: %w", err)
 	sort.Slice(groups, func(i, j int) bool { return groups[i].Name < groups[j].Name })
@ -416,19 +393,12 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	ns := getFrostfsIDNamespace(cmd)
 	groupID := getFrostfsIDGroupID(cmd)
 	includeNames, _ := cmd.Flags().GetBool(includeNamesFlag)
 	inv, cs, hash := initInvoker(cmd)
 	_, err := helper.NNSResolveHash(inv, cs.Hash, helper.DomainOf(constants.FrostfsIDContract))
 	commonCmd.ExitOnErr(cmd, "can't get netmap contract hash: %w", err)
-	reader := frostfsidrpclient.NewReader(inv, hash)
+	ffsid, err := newFrostfsIDClient(cmd)
-	sessionID, it, err := reader.ListGroupSubjects(ns, big.NewInt(groupID))
+	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
 	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)
-	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
+	subjects, err := ffsid.roCli.ListGroupSubjects(ns, groupID)
-	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
+	commonCmd.ExitOnErr(cmd, "list group subjects: %w", err)
 	subjects, err := frostfsidclient.UnwrapArrayOfUint160(items, err)
 	commonCmd.ExitOnErr(cmd, "can't unwrap: %w", err)
 	sort.Slice(subjects, func(i, j int) bool { return subjects[i].Less(subjects[j]) })
@ -438,10 +408,9 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 			continue
 		}
-		items, err := reader.GetSubject(subjAddr)
+		subj, err := ffsid.roCli.GetSubject(subjAddr)
-		commonCmd.ExitOnErr(cmd, "can't get subject: %w", err)
+		commonCmd.ExitOnErr(cmd, "get subject: %w", err)
-		subj, err := frostfsidclient.ParseSubject(items)
+
 		commonCmd.ExitOnErr(cmd, "can't parse subject: %w", err)
 		cmd.Printf("%s (%s)\n", address.Uint160ToString(subjAddr), subj.Name)
 	}
 }
@ -456,11 +425,11 @@ type frostfsidClient struct {
 func newFrostfsIDClient(cmd *cobra.Command) (*frostfsidClient, error) {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
-		return nil, fmt.Errorf("can't initialize context: %w", err)
+		return nil, fmt.Errorf("can't to initialize context: %w", err)
 	}
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return nil, fmt.Errorf("can't get NNS contract info: %w", err)
 	}
@ -504,35 +473,3 @@ func (f *frostfsidClient) sendWaitRes() (*state.AppExecResult, error) {
 	f.wCtx.Command.Println("Waiting for transactions to persist...")
 	return f.roCli.Wait(f.wCtx.SentTxs[0].Hash, f.wCtx.SentTxs[0].Vub, nil)
 }
 func readIterator(inv *invoker.Invoker, iter *result.Iterator, batchSize int, sessionID uuid.UUID) ([]stackitem.Item, error) {
 	var shouldStop bool
 	res := make([]stackitem.Item, 0)
 	for !shouldStop {
 		items, err := inv.TraverseIterator(sessionID, iter, batchSize)
 		if err != nil {
 			return nil, err
 		}
 		res = append(res, items...)
 		shouldStop = len(items) < batchSize
 	}
 	return res, nil
 }
 func initInvoker(cmd *cobra.Command) (*invoker.Invoker, *state.Contract, util.Uint160) {
 	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)
 	inv := invoker.New(c, nil)
 	r := management.NewReader(inv)
 	cs, err := r.GetContractByID(1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract info: %w", err)
 	nmHash, err := helper.NNSResolveHash(inv, cs.Hash, helper.DomainOf(constants.FrostfsIDContract))
 	commonCmd.ExitOnErr(cmd, "can't get netmap contract hash: %w", err)
 	return inv, cs, nmHash
 }
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
@ -65,47 +65,41 @@ func initializeWallets(v *viper.Viper, walletDir string, size int) ([]string, er
 	pubs := make(keys.PublicKeys, size)
 	passwords := make([]string, size)
 	var errG errgroup.Group
 	for i := range wallets {
 		password, err := config.GetPassword(v, innerring.GlagoliticLetter(i).String())
 		if err != nil {
 			return nil, fmt.Errorf("can't fetch password: %w", err)
 		}
 		errG.Go(func() error {
 		p := filepath.Join(walletDir, innerring.GlagoliticLetter(i).String()+".json")
 		f, err := os.OpenFile(p, os.O_CREATE, 0o644)
 		if err != nil {
-				return fmt.Errorf("can't create wallet file: %w", err)
+			return nil, fmt.Errorf("can't create wallet file: %w", err)
 		}
 		if err := f.Close(); err != nil {
-				return fmt.Errorf("can't close wallet file: %w", err)
+			return nil, fmt.Errorf("can't close wallet file: %w", err)
 		}
 		w, err := wallet.NewWallet(p)
 		if err != nil {
-				return fmt.Errorf("can't create wallet: %w", err)
+			return nil, fmt.Errorf("can't create wallet: %w", err)
 		}
 		if err := w.CreateAccount(constants.SingleAccountName, password); err != nil {
-				return fmt.Errorf("can't create account: %w", err)
+			return nil, fmt.Errorf("can't create account: %w", err)
 		}
 		passwords[i] = password
 		wallets[i] = w
 		pubs[i] = w.Accounts[0].PrivateKey().PublicKey()
 			return nil
 		})
 	}
-	if err := errG.Wait(); err != nil {
+	var errG errgroup.Group
 		return nil, err
 	}
 	// Create committee account with N/2+1 multi-signature.
 	majCount := smartcontract.GetMajorityHonestNodeCount(size)
 	// Create consensus account with 2*N/3+1 multi-signature.
 	bftCount := smartcontract.GetDefaultHonestNodeCount(size)
 	for i := range wallets {
 		i := i
 		ps := pubs.Copy()
 		errG.Go(func() error {
 			if err := addMultisigAccount(wallets[i], majCount, constants.CommitteeAccountName, passwords[i], ps); err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
@ -23,6 +23,8 @@ import (
 )
 func TestGenerateAlphabet(t *testing.T) {
 	const size = 4
 	walletDir := t.TempDir()
 	buf := setupTestTerminal(t)
@ -53,13 +55,13 @@ func TestGenerateAlphabet(t *testing.T) {
 	t.Run("no password for contract group wallet", func(t *testing.T) {
 		buf.Reset()
 		v.Set(commonflags.AlphabetWalletsFlag, walletDir)
-		require.NoError(t, cmd.Flags().Set(commonflags.AlphabetSizeFlag, "1"))
+		require.NoError(t, cmd.Flags().Set(commonflags.AlphabetSizeFlag, strconv.FormatUint(size, 10)))
-		buf.WriteString("pass\r")
+		for i := uint64(0); i < size; i++ {
 			buf.WriteString(strconv.FormatUint(i, 10) + "\r")
 		}
 		require.Error(t, AlphabetCreds(cmd, nil))
 	})
 	const size = 4
 	buf.Reset()
 	v.Set(commonflags.AlphabetWalletsFlag, walletDir)
 	require.NoError(t, GenerateAlphabetCmd.Flags().Set(commonflags.AlphabetSizeFlag, strconv.FormatUint(size, 10)))
--- a/cmd/frostfs-adm/internal/modules/morph/generate/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/root.go
@ -32,7 +32,7 @@ var (
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.RefillGasAmountFlag, cmd.Flags().Lookup(commonflags.RefillGasAmountFlag))
 		},
-		RunE: func(cmd *cobra.Command, _ []string) error {
+		RunE: func(cmd *cobra.Command, args []string) error {
 			return refillGas(cmd, commonflags.RefillGasAmountFlag, false)
 		},
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
@ -26,7 +26,6 @@ type LocalActor struct {
 	neoActor *actor.Actor
 	accounts []*wallet.Account
 	Invoker  *invoker.Invoker
 	rpcInvoker invoker.RPCInvoke
 }
 // NewLocalActor create LocalActor with accounts form provided wallets.
@ -72,7 +71,6 @@ func NewLocalActor(cmd *cobra.Command, c actor.RPCActor) (*LocalActor, error) {
 		neoActor: act,
 		accounts: accounts,
 		Invoker:  &act.Invoker,
 		rpcInvoker: c,
 	}, nil
 }
@ -169,7 +167,3 @@ func (a *LocalActor) MakeUnsignedRun(_ []byte, _ []transaction.Attribute) (*tran
 func (a *LocalActor) MakeCall(_ util.Uint160, _ string, _ ...any) (*transaction.Transaction, error) {
 	panic("unimplemented")
 }
 func (a *LocalActor) GetRPCInvoker() invoker.RPCInvoke {
 	return a.rpcInvoker
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
@ -15,7 +15,7 @@ import (
 func getFrostfsIDAdminFromContract(roInvoker *invoker.Invoker) (util.Uint160, bool, error) {
 	r := management.NewReader(roInvoker)
-	cs, err := GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return util.Uint160{}, false, fmt.Errorf("get nns contract: %w", err)
 	}
@ -62,7 +62,7 @@ func GetContractDeployData(c *InitializeContext, ctrName string, keysParam []any
 		// In case if NNS is updated multiple times, we can't calculate
 		// it's actual hash based on local data, thus query chain.
 		r := management.NewReader(c.ReadOnlyInvoker)
-		nnsCs, err := GetContractByID(r, 1)
+		nnsCs, err := r.GetContractByID(1)
 		if err != nil {
 			return nil, fmt.Errorf("get nns contract: %w", err)
 		}
@ -116,7 +116,7 @@ func GetContractDeployData(c *InitializeContext, ctrName string, keysParam []any
 	case constants.PolicyContract:
 		items = append(items, c.Contracts[constants.ProxyContract].Hash)
 	default:
-		panic("invalid contract name: " + ctrName)
+		panic(fmt.Sprintf("invalid contract name: %s", ctrName))
 	}
 	return items, nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/download.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/download.go
@ -14,8 +14,6 @@ import (
 	"github.com/spf13/cobra"
 )
 var errNoReleasesFound = errors.New("attempt to fetch contracts archive from the offitial repository failed: no releases found")
 func downloadContracts(cmd *cobra.Command, url string) (io.ReadCloser, error) {
 	cmd.Printf("Downloading contracts archive from '%s'\n", url)
@ -63,7 +61,7 @@ func downloadContractsFromRepository(cmd *cobra.Command) (io.ReadCloser, error)
 	}
 	if latestRelease == nil {
-		return nil, errNoReleasesFound
+		return nil, fmt.Errorf("attempt to fetch contracts archive from the offitial repository failed: no releases found")
 	}
 	cmd.Printf("Found release %s (%s)\n", latestRelease.TagName, latestRelease.Title)
--- a/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
@ -3,7 +3,6 @@ package helper
 import (
 	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
 	io2 "io"
 	"os"
@ -34,11 +33,6 @@ import (
 	"github.com/spf13/viper"
 )
 var (
 	errNegativeDuration = errors.New("epoch duration must be positive")
 	errNegativeSize     = errors.New("max object size must be positive")
 )
 type ContractState struct {
 	NEF         *nef.File
 	RawNEF      []byte
@ -172,11 +166,11 @@ func validateInit(cmd *cobra.Command) error {
 		return nil
 	}
 	if viper.GetInt64(commonflags.EpochDurationInitFlag) <= 0 {
-		return errNegativeDuration
+		return fmt.Errorf("epoch duration must be positive")
 	}
 	if viper.GetInt64(commonflags.MaxObjectSizeInitFlag) <= 0 {
-		return errNegativeSize
+		return fmt.Errorf("max object size must be positive")
 	}
 	return nil
--- a/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
@ -44,6 +44,7 @@ type LocalClient struct {
 	transactions []*transaction.Transaction
 	dumpPath     string
 	accounts     []*wallet.Account
 	maxGasInvoke int64
 }
 func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet, dumpPath string) (*LocalClient, error) {
@ -106,6 +107,7 @@ func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet
 		bc:           bc,
 		dumpPath:     dumpPath,
 		accounts:     accounts[:m],
 		maxGasInvoke: 15_0000_0000,
 	}, nil
 }
@ -113,7 +115,7 @@ func (l *LocalClient) GetBlockCount() (uint32, error) {
 	return l.bc.BlockHeight(), nil
 }
-func (l *LocalClient) GetNativeContracts() ([]state.Contract, error) {
+func (l *LocalClient) GetNativeContracts() ([]state.NativeContract, error) {
 	return l.bc.GetNatives(), nil
 }
@ -224,7 +226,7 @@ func (l *LocalClient) CalculateNetworkFee(tx *transaction.Transaction) (int64, e
 					paramz = []manifest.Parameter{{Type: smartcontract.SignatureType}}
 				} else if nSigs, _, ok := vm.ParseMultiSigContract(w.VerificationScript); ok {
 					paramz = make([]manifest.Parameter, nSigs)
-					for j := range nSigs {
+					for j := 0; j < nSigs; j++ {
 						paramz[j] = manifest.Parameter{Type: smartcontract.SignatureType}
 					}
 				}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
@ -2,7 +2,6 @@ package helper
 import (
 	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
 	"time"
@ -28,7 +27,7 @@ type Client interface {
 	invoker.RPCInvoke
 	GetBlockCount() (uint32, error)
-	GetNativeContracts() ([]state.Contract, error)
+	GetNativeContracts() ([]state.NativeContract, error)
 	GetApplicationLog(util.Uint256, *trigger.Type) (*result.ApplicationLog, error)
 	GetVersion() (*result.Version, error)
 	SendRawTransaction(*transaction.Transaction) (util.Uint256, error)
@ -61,23 +60,9 @@ func GetN3Client(v *viper.Viper) (Client, error) {
 	if endpoint == "" {
 		return nil, errors.New("missing endpoint")
 	}
 	var cfg *tls.Config
 	if rootCAs := v.GetStringSlice("tls.trusted_ca_list"); len(rootCAs) != 0 {
 		certFile := v.GetString("tls.certificate")
 		keyFile := v.GetString("tls.key")
 		tlsConfig, err := rpcclient.TLSClientConfig(rootCAs, certFile, keyFile)
 		if err != nil {
 			return nil, err
 		}
 		cfg = tlsConfig
 	}
 	c, err := rpcclient.New(ctx, endpoint, rpcclient.Options{
 		MaxConnsPerHost: maxConnsPerHost,
 		RequestTimeout:  requestTimeout,
 		TLSClientConfig: cfg,
 	})
 	if err != nil {
 		return nil, err
--- a/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
@ -29,14 +29,10 @@ var NetmapConfigKeys = []string{
 	netmap.MaintenanceModeAllowedConfig,
 }
 var errFailedToFetchListOfNetworkKeys = errors.New("can't fetch list of network config keys from the netmap contract")
 func GetDefaultNetmapContractConfigMap() map[string]any {
 	m := make(map[string]any)
 	m[netmap.EpochDurationConfig] = viper.GetInt64(commonflags.EpochDurationInitFlag)
 	m[netmap.MaxObjectSizeConfig] = viper.GetInt64(commonflags.MaxObjectSizeInitFlag)
 	m[netmap.MaxECDataCountConfig] = viper.GetInt64(commonflags.MaxECDataCountFlag)
 	m[netmap.MaxECParityCountConfig] = viper.GetInt64(commonflags.MaxECParityCounFlag)
 	m[netmap.ContainerFeeConfig] = viper.GetInt64(commonflags.ContainerFeeInitFlag)
 	m[netmap.ContainerAliasFeeConfig] = viper.GetInt64(commonflags.ContainerAliasFeeInitFlag)
 	m[netmap.IrCandidateFeeConfig] = viper.GetInt64(commonflags.CandidateFeeInitFlag)
@ -72,17 +68,13 @@ func InvalidConfigValueErr(key string) error {
 	return fmt.Errorf("invalid %s config value from netmap contract", key)
 }
-func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160, countEpoch int64) error {
+func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160) error {
 	if countEpoch <= 0 {
 		return errors.New("number of epochs cannot be less than 1")
 	}
 	curr, err := unwrap.Int64(wCtx.ReadOnlyInvoker.Call(nmHash, "epoch"))
 	if err != nil {
 		return errors.New("can't fetch current epoch from the netmap contract")
 	}
-	newEpoch := curr + countEpoch
+	newEpoch := curr + 1
 	wCtx.Command.Printf("Current epoch: %d, increase to %d.\n", curr, newEpoch)
 	// In NeoFS this is done via Notary contract. Here, however, we can form the
@ -93,7 +85,7 @@ func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.
 func GetNetConfigFromNetmapContract(roInvoker *invoker.Invoker) ([]stackitem.Item, error) {
 	r := management.NewReader(roInvoker)
-	cs, err := GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return nil, fmt.Errorf("get nns contract: %w", err)
 	}
@ -103,7 +95,7 @@ func GetNetConfigFromNetmapContract(roInvoker *invoker.Invoker) ([]stackitem.Ite
 	}
 	arr, err := unwrap.Array(roInvoker.Call(nmHash, "listConfig"))
 	if err != nil {
-		return nil, errFailedToFetchListOfNetworkKeys
+		return nil, fmt.Errorf("can't fetch list of network config keys from the netmap contract")
 	}
 	return arr, err
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/util.go
@ -14,12 +14,10 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/viper"
 )
@ -42,48 +40,45 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 		return nil, fmt.Errorf("can't read alphabet wallets dir: %w", err)
 	}
-	var wallets []*wallet.Wallet
+	var size int
-	var letter string
+loop:
-	for i := range constants.MaxAlphabetNodes {
+	for i := 0; i < len(walletFiles); i++ {
-		letter = innerring.GlagoliticLetter(i).String()
+		name := innerring.GlagoliticLetter(i).String() + ".json"
-		p := filepath.Join(walletDir, letter+".json")
+		for j := range walletFiles {
-		var w *wallet.Wallet
+			if walletFiles[j].Name() == name {
-		w, err = wallet.NewWalletFromFile(p)
+				size++
-		if err != nil {
+				continue loop
-			if errors.Is(err, os.ErrNotExist) {
+			}
 				err = nil
 			} else {
 				err = fmt.Errorf("can't open wallet: %w", err)
 		}
 		break
 	}
 	if size == 0 {
 		return nil, errors.New("alphabet wallets dir is empty (run `generate-alphabet` command first)")
 	}
-		var password string
+	wallets := make([]*wallet.Wallet, size)
-		password, err = config.GetPassword(v, letter)
+	for i := 0; i < size; i++ {
 		letter := innerring.GlagoliticLetter(i).String()
 		p := filepath.Join(walletDir, letter+".json")
 		w, err := wallet.NewWalletFromFile(p)
 		if err != nil {
-			err = fmt.Errorf("can't fetch password: %w", err)
+			return nil, fmt.Errorf("can't open wallet: %w", err)
-			break
+		}
 		password, err := config.GetPassword(v, letter)
 		if err != nil {
 			return nil, fmt.Errorf("can't fetch password: %w", err)
 		}
 		for i := range w.Accounts {
-			if err = w.Accounts[i].Decrypt(password, keys.NEP2ScryptParams()); err != nil {
+			if err := w.Accounts[i].Decrypt(password, keys.NEP2ScryptParams()); err != nil {
-				err = fmt.Errorf("can't unlock wallet: %w", err)
+				return nil, fmt.Errorf("can't unlock wallet: %w", err)
 				break
 			}
 		}
-		wallets = append(wallets, w)
+		wallets[i] = w
 	}
 	if err != nil {
 		return nil, fmt.Errorf("can't read wallet for letter '%s': %w", letter, err)
 	}
 	if len(wallets) == 0 {
 		err = errors.New("there are no alphabet wallets in dir (run `generate-alphabet` command first)")
 		if len(walletFiles) > 0 {
 			err = fmt.Errorf("use glagolitic names for wallets(run `print-alphabet`): %w", err)
 		}
 		return nil, err
 	}
 	return wallets, nil
 }
@ -127,11 +122,11 @@ func readContractsFromArchive(file io.Reader, names []string) (map[string]*Contr
 	}
 	r := tar.NewReader(gr)
-	var h *tar.Header
+	for h, err := r.Next(); ; h, err = r.Next() {
-	for h, err = r.Next(); err == nil && h != nil; h, err = r.Next() {
+		if err != nil {
-		if h.Typeflag != tar.TypeReg {
+			break
 			continue
 		}
 		dir, _ := filepath.Split(h.Name)
 		ctrName := filepath.Base(dir)
@ -154,9 +149,6 @@ func readContractsFromArchive(file io.Reader, names []string) (map[string]*Contr
 		}
 		m[ctrName] = cs
 	}
 	if err != nil && err != io.EOF {
 		return nil, fmt.Errorf("can't read contracts from archive: %w", err)
 	}
 	for ctrName, cs := range m {
 		if cs.RawNEF == nil {
@ -183,18 +175,3 @@ func ParseGASAmount(s string) (fixedn.Fixed8, error) {
 	}
 	return gasAmount, nil
 }
 // GetContractByID retrieves a contract by its ID using the standard GetContractByID method.
 // However, if the returned state.Contract is nil, it returns an error indicating that the contract was not found.
 // See https://git.frostfs.info/TrueCloudLab/frostfs-node/issues/1210
 func GetContractByID(r *management.ContractReader, id int32) (*state.Contract, error) {
 	cs, err := r.GetContractByID(id)
 	if err != nil {
 		return nil, err
 	}
 	if cs == nil {
 		return nil, errors.New("contract not found")
 	}
 	return cs, nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_nns.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_nns.go
@ -21,7 +21,7 @@ import (
 func setNNS(c *helper.InitializeContext) error {
 	r := management.NewReader(c.ReadOnlyInvoker)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_register.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_register.go
@ -100,7 +100,10 @@ func registerCandidates(c *helper.InitializeContext) error {
 	// Register candidates in batches in order to overcome the signers amount limit.
 	// See: https://github.com/nspcc-dev/neo-go/blob/master/pkg/core/transaction/transaction.go#L27
 	for i := 0; i < need; i += registerBatchSize {
-		start, end := i, min(i+registerBatchSize, need)
+		start, end := i, i+registerBatchSize
 		if end > need {
 			end = need
 		}
 		// This check is sound because transactions are accepted/rejected atomically.
 		if have >= end {
 			continue
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
@ -1,8 +1,6 @@
 package initialize
 import (
 	"fmt"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"github.com/nspcc-dev/neo-go/pkg/core/native/noderoles"
 	"github.com/nspcc-dev/neo-go/pkg/io"
@ -31,14 +29,10 @@ func setNotaryAndAlphabetNodes(c *helper.InitializeContext) error {
 		callflag.States|callflag.AllowNotify, int64(noderoles.NeoFSAlphabet), pubs)
 	if err := c.SendCommitteeTx(w.Bytes(), false); err != nil {
-		return fmt.Errorf("send committee transaction: %w", err)
+		return err
 	}
-	err := c.AwaitTx()
+	return c.AwaitTx()
 	if err != nil {
 		err = fmt.Errorf("await committee transaction: %w", err)
 	}
 	return err
 }
 func setRolesFinished(c *helper.InitializeContext) (bool, error) {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
@ -113,7 +113,7 @@ func generateTestData(dir string, size int) error {
 	}
 	var pubs []string
-	for i := range size {
+	for i := 0; i < size; i++ {
 		p := filepath.Join(dir, innerring.GlagoliticLetter(i).String()+".json")
 		w, err := wallet.NewWalletFromFile(p)
 		if err != nil {
@ -148,7 +148,7 @@ func generateTestData(dir string, size int) error {
 }
 func setTestCredentials(v *viper.Viper, size int) {
-	for i := range size {
+	for i := 0; i < size; i++ {
 		v.Set("credentials."+innerring.GlagoliticLetter(i).String(), strconv.FormatUint(uint64(i), 10))
 	}
 	v.Set("credentials.contract", constants.TestContractPassword)
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
@ -3,7 +3,6 @@ package initialize
 import (
 	"fmt"
 	"math/big"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
@ -29,10 +28,6 @@ const (
 	initialProxyGASAmount = 50_000 * native.GASFactor
 )
 func initialCommitteeGASAmount(c *helper.InitializeContext) int64 {
 	return (gasInitialTotalSupply - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2
 }
 func transferFunds(c *helper.InitializeContext) error {
 	ok, err := transferFundsFinished(c)
 	if ok || err != nil {
@ -59,7 +54,7 @@ func transferFunds(c *helper.InitializeContext) error {
 		transferTarget{
 			Token:   gas.Hash,
 			Address: c.CommitteeAcc.Contract.ScriptHash(),
-			Amount:  initialCommitteeGASAmount(c),
+			Amount:  (gasInitialTotalSupply - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2,
 		},
 		transferTarget{
 			Token:   neo.Hash,
@ -80,19 +75,12 @@ func transferFunds(c *helper.InitializeContext) error {
 	return c.AwaitTx()
 }
 // transferFundsFinished checks balances of accounts we transfer GAS to.
 // The stage is considered finished if the balance is greater than the half of what we need to transfer.
 func transferFundsFinished(c *helper.InitializeContext) (bool, error) {
 	acc := c.Accounts[0]
 	r := nep17.NewReader(c.ReadOnlyInvoker, gas.Hash)
 	res, err := r.BalanceOf(acc.Contract.ScriptHash())
-	if err != nil || res.Cmp(big.NewInt(initialAlphabetGASAmount/2)) != 1 {
+	return res.Cmp(big.NewInt(initialAlphabetGASAmount/2)) == 1, err
 		return false, err
 	}
 	res, err = r.BalanceOf(c.CommitteeAcc.ScriptHash())
 	return res != nil && res.Cmp(big.NewInt(initialCommitteeGASAmount(c)/2)) == 1, err
 }
 func transferGASToProxy(c *helper.InitializeContext) error {
@ -152,17 +140,5 @@ func createNEP17MultiTransferTx(c helper.Client, acc *wallet.Account, recipients
 	if err != nil {
 		return nil, fmt.Errorf("can't create actor: %w", err)
 	}
-	tx, err := act.MakeRun(w.Bytes())
+	return act.MakeRun(w.Bytes())
 	if err != nil {
 		sum := make(map[util.Uint160]int64)
 		for _, recipient := range recipients {
 			sum[recipient.Token] += recipient.Amount
 		}
 		detail := make([]string, 0, len(sum))
 		for _, value := range sum {
 			detail = append(detail, fmt.Sprintf("amount=%v", value))
 		}
 		err = fmt.Errorf("transfer failed: from=%s(%s) %s: %w", acc.Label, acc.Address, strings.Join(detail, " "), err)
 	}
 	return tx, err
 }
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
@ -25,8 +25,6 @@ var Cmd = &cobra.Command{
 		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		_ = viper.BindPFlag(commonflags.EpochDurationInitFlag, cmd.Flags().Lookup(epochDurationCLIFlag))
 		_ = viper.BindPFlag(commonflags.MaxObjectSizeInitFlag, cmd.Flags().Lookup(maxObjectSizeCLIFlag))
 		_ = viper.BindPFlag(commonflags.MaxECDataCountFlag, cmd.Flags().Lookup(commonflags.MaxECDataCountFlag))
 		_ = viper.BindPFlag(commonflags.MaxECParityCounFlag, cmd.Flags().Lookup(commonflags.MaxECParityCounFlag))
 		_ = viper.BindPFlag(commonflags.HomomorphicHashDisabledInitFlag, cmd.Flags().Lookup(homomorphicHashDisabledCLIFlag))
 		_ = viper.BindPFlag(commonflags.CandidateFeeInitFlag, cmd.Flags().Lookup(candidateFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.ContainerFeeInitFlag, cmd.Flags().Lookup(containerFeeCLIFlag))
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
@ -12,16 +12,14 @@ import (
 	"github.com/spf13/viper"
 )
 const deltaFlag = "delta"
 func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
-		return fmt.Errorf("can't initialize context: %w", err)
+		return fmt.Errorf("can't to initialize context: %w", err)
 	}
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't get NNS contract info: %w", err)
 	}
@ -32,8 +30,7 @@ func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	}
 	bw := io.NewBufBinWriter()
-	delta, _ := cmd.Flags().GetInt64(deltaFlag)
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, delta); err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
@ -19,7 +19,7 @@ func listNetmapCandidatesNodes(cmd *cobra.Command, _ []string) {
 	inv := invoker.New(c, nil)
 	r := management.NewReader(inv)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract info: %w", err)
 	nmHash, err := helper.NNSResolveHash(inv, cs.Hash, helper.DomainOf(constants.NetmapContract))
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
@ -35,7 +35,6 @@ func initForceNewEpochCmd() {
 	ForceNewEpoch.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	ForceNewEpoch.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	ForceNewEpoch.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 	ForceNewEpoch.Flags().Int64(deltaFlag, 1, "Number of epochs to increase the current epoch")
 }
 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
@ -19,7 +19,7 @@ func getRPCClient(cmd *cobra.Command) (*client.Contract, *helper.LocalActor, uti
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)
 	r := management.NewReader(ac.Invoker)
-	nnsCs, err := helper.GetContractByID(r, 1)
+	nnsCs, err := r.GetContractByID(1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
 	return client.New(ac, nnsCs.Hash), ac, nnsCs.Hash
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/register.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/register.go
@ -42,23 +42,3 @@ func registerDomain(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "register domain error: %w", err)
 	cmd.Println("Domain registered successfully")
 }
 func initDeleteCmd() {
 	Cmd.AddCommand(deleteCmd)
 	deleteCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	deleteCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	deleteCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	_ = cobra.MarkFlagRequired(deleteCmd.Flags(), nnsNameFlag)
 }
 func deleteDomain(cmd *cobra.Command, _ []string) {
 	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.DeleteDomain(name)
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "delete domain error: %w", err)
 	cmd.Println("Domain deleted successfully")
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/root.go
@ -42,15 +42,6 @@ var (
 		},
 		Run: registerDomain,
 	}
 	deleteCmd = &cobra.Command{
 		Use:   "delete",
 		Short: "Delete a domain by name",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: deleteDomain,
 	}
 	renewCmd = &cobra.Command{
 		Use:   "renew",
 		Short: "Increases domain expiration date",
@ -100,7 +91,6 @@ var (
 func init() {
 	initTokensCmd()
 	initRegisterCmd()
 	initDeleteCmd()
 	initRenewCmd()
 	initUpdateCmd()
 	initAddRecordCmd()
--- a/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
@ -1,25 +1,15 @@
 package nns
 import (
 	"math/big"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/spf13/cobra"
 )
 const (
 	verboseDesc = "Include additional information about CNAME record."
 )
 func initTokensCmd() {
 	Cmd.AddCommand(tokensCmd)
 	tokensCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	tokensCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	tokensCmd.Flags().BoolP(commonflags.Verbose, commonflags.VerboseShorthand, false, verboseDesc)
 }
 func listTokens(cmd *cobra.Command, _ []string) {
@ -28,39 +18,7 @@ func listTokens(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "unable to get tokens: %w", err)
 	for toks, err := it.Next(10); err == nil && len(toks) > 0; toks, err = it.Next(10) {
 		for _, token := range toks {
-			output := string(token)
+			cmd.Println(string(token))
 			if verbose, _ := cmd.Flags().GetBool(commonflags.Verbose); verbose {
 				cname, err := getCnameRecord(c, token)
 				commonCmd.ExitOnErr(cmd, "", err)
 				if cname != "" {
 					output += " (CNAME: " + cname + ")"
 				}
 			}
 			cmd.Println(output)
 		}
 	}
 }
 func getCnameRecord(c *client.Contract, token []byte) (string, error) {
 	items, err := c.GetRecords(string(token), big.NewInt(int64(nns.CNAME)))
 	// GetRecords returns the error "not an array" if the domain does not contain records.
 	if err != nil && strings.Contains(err.Error(), "not an array") {
 		return "", nil
 	}
 	if err != nil {
 		return "", err
 	}
 	if len(items) == 0 {
 		return "", nil
 	}
 	record, err := items[0].TryBytes()
 	if err != nil {
 		return "", err
 	}
 	return string(record), nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/node/remove.go
+++ b/cmd/frostfs-adm/internal/modules/morph/node/remove.go
@ -37,7 +37,7 @@ func RemoveNodesCmd(cmd *cobra.Command, args []string) error {
 	defer wCtx.Close()
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't get NNS contract info: %w", err)
 	}
@ -53,7 +53,7 @@ func RemoveNodesCmd(cmd *cobra.Command, args []string) error {
 			int64(netmapcontract.NodeStateOffline), nodeKeys[i].Bytes())
 	}
-	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, 1); err != nil {
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
@ -1,7 +1,6 @@
 package notary
 import (
 	"errors"
 	"fmt"
 	"math/big"
 	"strconv"
@ -32,8 +31,6 @@ const (
 	notaryDepositTillFlag = "till"
 )
 var errInvalidNotaryDepositLifetime = errors.New("notary deposit lifetime must be a positive integer")
 func depositNotary(cmd *cobra.Command, _ []string) error {
 	w, err := openWallet(cmd)
 	if err != nil {
@ -81,7 +78,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 	if tillStr != "" {
 		till, err = strconv.ParseInt(tillStr, 10, 64)
 		if err != nil || till <= 0 {
-			return errInvalidNotaryDepositLifetime
+			return fmt.Errorf("notary deposit lifetime must be a positive integer")
 		}
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
@ -2,7 +2,6 @@ package policy
 import (
 	"bytes"
 	"errors"
 	"fmt"
 	"strconv"
 	"strings"
@ -25,19 +24,17 @@ const (
 	setFeeParam       = "FeePerByte"
 )
 var errInvalidParameterFormat = errors.New("invalid parameter format, must be Parameter=Value")
 func SetPolicyCmd(cmd *cobra.Command, args []string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
-		return fmt.Errorf("can't initialize context: %w", err)
+		return fmt.Errorf("can't to initialize context: %w", err)
 	}
 	bw := io.NewBufBinWriter()
 	for i := range args {
 		k, v, found := strings.Cut(args[i], "=")
 		if !found {
-			return errInvalidParameterFormat
+			return fmt.Errorf("invalid parameter format, must be Parameter=Value")
 		}
 		switch k {
@ -48,7 +45,7 @@ func SetPolicyCmd(cmd *cobra.Command, args []string) error {
 		value, err := strconv.ParseUint(v, 10, 32)
 		if err != nil {
-			return fmt.Errorf("can't parse parameter value '%s': %w", args[i], err)
+			return fmt.Errorf("can't parse parameter value '%s': %w", args[1], err)
 		}
 		emit.AppCall(bw.BinWriter, policy.Hash, "set"+k, callflag.All, int64(value))
--- a/cmd/frostfs-adm/internal/modules/morph/policy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/root.go
@ -16,7 +16,7 @@ var (
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		RunE: SetPolicyCmd,
-		ValidArgsFunction: func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
+		ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 			return []string{"ExecFeeFactor=", "StoragePrice=", "FeePerByte="}, cobra.ShellCompDirectiveNoSpace
 		},
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
@ -39,11 +39,11 @@ func removeProxyAccount(cmd *cobra.Command, _ []string) {
 func processAccount(cmd *cobra.Command, addr util.Uint160, method string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
-		return fmt.Errorf("can't initialize context: %w", err)
+		return fmt.Errorf("can't to initialize context: %w", err)
 	}
 	r := management.NewReader(wCtx.ReadOnlyInvoker)
-	cs, err := helper.GetContractByID(r, 1)
+	cs, err := r.GetContractByID(1)
 	if err != nil {
 		return fmt.Errorf("can't get NNS contract info: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
@ -30,13 +30,11 @@ var (
 func initProxyAddAccount() {
 	AddAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	AddAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	AddAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func initProxyRemoveAccount() {
 	RemoveAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	RemoveAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	RemoveAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func init() {
--- a/cmd/frostfs-adm/internal/modules/root.go
+++ b/cmd/frostfs-adm/internal/modules/root.go
@ -5,7 +5,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/metabase"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/storagecfg"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/misc"
@ -42,7 +41,6 @@ func init() {
 	rootCmd.AddCommand(config.RootCmd)
 	rootCmd.AddCommand(morph.RootCmd)
 	rootCmd.AddCommand(storagecfg.RootCmd)
 	rootCmd.AddCommand(metabase.RootCmd)
 	rootCmd.AddCommand(autocomplete.Command("frostfs-adm"))
 	rootCmd.AddCommand(gendoc.Command(rootCmd, gendoc.Options{}))
--- a/cmd/frostfs-adm/internal/modules/storagecfg/config.go
+++ b/cmd/frostfs-adm/internal/modules/storagecfg/config.go
@ -61,8 +61,6 @@ storage:
          depth: 1  # max depth of object tree storage in key-value DB
          width: 4   # max width of object tree storage in key-value DB
          opened_cache_capacity: 50  # maximum number of opened database files
          opened_cache_ttl: 5m  # ttl for opened database file
          opened_cache_exp_interval: 15s  # cache cleanup interval for expired blobovnicza's
      gc:
        remover_batch_size: 200  # number of objects to be removed by the garbage collector
--- a/cmd/frostfs-cli/internal/client/client.go
+++ b/cmd/frostfs-cli/internal/client/client.go
@ -2,13 +2,10 @@ package internal
 import (
 	"bytes"
 	"cmp"
 	"context"
 	"errors"
 	"fmt"
 	"io"
 	"os"
 	"slices"
 	"sort"
 	"strings"
@ -17,14 +14,13 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	containerSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/version"
 )
 var errMissingHeaderInResponse = errors.New("missing header in response")
 // BalanceOfPrm groups parameters of BalanceOf operation.
 type BalanceOfPrm struct {
 	commonPrm
@ -191,6 +187,54 @@ func DeleteContainer(ctx context.Context, prm DeleteContainerPrm) (res DeleteCon
 	return
 }
 // EACLPrm groups parameters of EACL operation.
 type EACLPrm struct {
 	Client       *client.Client
 	ClientParams client.PrmContainerEACL
 }
 // EACLRes groups the resulting values of EACL operation.
 type EACLRes struct {
 	cliRes *client.ResContainerEACL
 }
 // EACL returns requested eACL table.
 func (x EACLRes) EACL() eacl.Table {
 	return x.cliRes.Table()
 }
 // EACL reads eACL table from FrostFS by container ID.
 //
 // Returns any error which prevented the operation from completing correctly in error return.
 func EACL(ctx context.Context, prm EACLPrm) (res EACLRes, err error) {
 	res.cliRes, err = prm.Client.ContainerEACL(ctx, prm.ClientParams)
 	return
 }
 // SetEACLPrm groups parameters of SetEACL operation.
 type SetEACLPrm struct {
 	Client       *client.Client
 	ClientParams client.PrmContainerSetEACL
 }
 // SetEACLRes groups the resulting values of SetEACL operation.
 type SetEACLRes struct{}
 // SetEACL requests to save an eACL table in FrostFS.
 //
 // Operation is asynchronous and no guaranteed even in the absence of errors.
 // The required time is also not predictable.
 //
 // Success can be verified by reading by container identifier.
 //
 // Returns any error which prevented the operation from completing correctly in error return.
 func SetEACL(ctx context.Context, prm SetEACLPrm) (res SetEACLRes, err error) {
 	_, err = prm.Client.ContainerSetEACL(ctx, prm.ClientParams)
 	return
 }
 // NetworkInfoPrm groups parameters of NetworkInfo operation.
 type NetworkInfoPrm struct {
 	Client       *client.Client
@ -309,7 +353,7 @@ type PutObjectPrm struct {
 	rdr io.Reader
-	headerCallback func()
+	headerCallback func(*objectSDK.Object)
 	prepareLocally bool
 }
@ -326,7 +370,7 @@ func (x *PutObjectPrm) SetPayloadReader(rdr io.Reader) {
 // SetHeaderCallback sets callback which is called on the object after the header is received
 // but before the payload is written.
-func (x *PutObjectPrm) SetHeaderCallback(f func()) {
+func (x *PutObjectPrm) SetHeaderCallback(f func(*objectSDK.Object)) {
 	x.headerCallback = f
 }
@ -395,7 +439,7 @@ func PutObject(ctx context.Context, prm PutObjectPrm) (*PutObjectRes, error) {
 	if wrt.WriteHeader(ctx, *prm.hdr) {
 		if prm.headerCallback != nil {
-			prm.headerCallback()
+			prm.headerCallback(prm.hdr)
 		}
 		sz := prm.hdr.PayloadSize()
@ -565,6 +609,13 @@ type HeadObjectPrm struct {
 	commonObjectPrm
 	objectAddressPrm
 	rawPrm
 	mainOnly bool
 }
 // SetMainOnlyFlag sets flag to get only main fields of an object header in terms of FrostFS API.
 func (x *HeadObjectPrm) SetMainOnlyFlag(v bool) {
 	x.mainOnly = v
 }
 // HeadObjectRes groups the resulting values of HeadObject operation.
@ -603,7 +654,7 @@ func HeadObject(ctx context.Context, prm HeadObjectPrm) (*HeadObjectRes, error)
 	var hdr objectSDK.Object
 	if !res.ReadHeader(&hdr) {
-		return nil, errMissingHeaderInResponse
+		return nil, fmt.Errorf("missing header in response")
 	}
 	return &HeadObjectRes{
@ -659,7 +710,7 @@ func SearchObjects(ctx context.Context, prm SearchObjectsPrm) (*SearchObjectsRes
 	for {
 		n, ok = rdr.Read(buf)
-		for i := range n {
+		for i := 0; i < n; i++ {
 			list = append(list, buf[i])
 		}
 		if !ok {
@ -839,65 +890,3 @@ func SyncContainerSettings(ctx context.Context, prm SyncContainerPrm) (*SyncCont
 	return new(SyncContainerRes), nil
 }
 // PatchObjectPrm groups parameters of PatchObject operation.
 type PatchObjectPrm struct {
 	commonObjectPrm
 	objectAddressPrm
 	NewAttributes []objectSDK.Attribute
 	ReplaceAttribute bool
 	PayloadPatches []PayloadPatch
 }
 type PayloadPatch struct {
 	Range objectSDK.Range
 	PayloadPath string
 }
 type PatchRes struct {
 	OID oid.ID
 }
 func Patch(ctx context.Context, prm PatchObjectPrm) (*PatchRes, error) {
 	patchPrm := client.PrmObjectPatch{
 		XHeaders:    prm.xHeaders,
 		BearerToken: prm.bearerToken,
 		Session:     prm.sessionToken,
 		Address:     prm.objAddr,
 	}
 	slices.SortFunc(prm.PayloadPatches, func(a, b PayloadPatch) int {
 		return cmp.Compare(a.Range.GetOffset(), b.Range.GetOffset())
 	})
 	patcher, err := prm.cli.ObjectPatchInit(ctx, patchPrm)
 	if err != nil {
 		return nil, fmt.Errorf("init payload reading: %w", err)
 	}
 	if patcher.PatchAttributes(ctx, prm.NewAttributes, prm.ReplaceAttribute) {
 		for _, pp := range prm.PayloadPatches {
 			payloadFile, err := os.OpenFile(pp.PayloadPath, os.O_RDONLY, os.ModePerm)
 			if err != nil {
 				return nil, err
 			}
 			applied := patcher.PatchPayload(ctx, &pp.Range, payloadFile)
 			_ = payloadFile.Close()
 			if !applied {
 				break
 			}
 		}
 	}
 	res, err := patcher.Close(ctx)
 	if err != nil {
 		return nil, err
 	}
 	return &PatchRes{
 		OID: res.ObjectID(),
 	}, nil
 }
--- a/cmd/frostfs-cli/internal/commonflags/flags.go
+++ b/cmd/frostfs-cli/internal/commonflags/flags.go
@ -11,9 +11,9 @@ import (
 // values and their usage descriptions.
 const (
 	GenerateKey          = "generate-key"
-	GenerateKeyShorthand = "g"
+	generateKeyShorthand = "g"
-	GenerateKeyDefault   = false
+	generateKeyDefault   = false
-	GenerateKeyUsage     = "Generate new private key"
+	generateKeyUsage     = "Generate new private key"
 	WalletPath          = "wallet"
 	WalletPathShorthand = "w"
@ -50,13 +50,6 @@ const (
 	TracingFlag      = "trace"
 	TracingFlagUsage = "Generate trace ID and print it."
 	AwaitFlag      = "await"
 	AwaitFlagUsage = "Wait for the operation to complete"
 	QuietFlag          = "quiet"
 	QuietFlagShorthand = "q"
 	QuietFlagUsage     = "Print nothing and exit with non-zero code on failure"
 )
 // Init adds common flags to the command:
@ -79,7 +72,7 @@ func Init(cmd *cobra.Command) {
 func InitWithoutRPC(cmd *cobra.Command) {
 	ff := cmd.Flags()
-	ff.BoolP(GenerateKey, GenerateKeyShorthand, GenerateKeyDefault, GenerateKeyUsage)
+	ff.BoolP(GenerateKey, generateKeyShorthand, generateKeyDefault, generateKeyUsage)
 	ff.StringP(WalletPath, WalletPathShorthand, WalletPathDefault, WalletPathUsage)
 	ff.StringP(Account, AccountShorthand, AccountDefault, AccountUsage)
 }
--- a/cmd/frostfs-cli/internal/key/key_test.go
+++ b/cmd/frostfs-cli/internal/key/key_test.go
@ -24,8 +24,6 @@ var testCmd = &cobra.Command{
 }
 func Test_getOrGenerate(t *testing.T) {
 	t.Cleanup(viper.Reset)
 	dir := t.TempDir()
 	wallPath := filepath.Join(dir, "wallet.json")
--- a/cmd/frostfs-cli/modules/accounting/balance.go
+++ b/cmd/frostfs-cli/modules/accounting/balance.go
@ -23,7 +23,7 @@ var accountingBalanceCmd = &cobra.Command{
 	Use:   "balance",
 	Short: "Get internal balance of FrostFS account",
 	Long:  `Get internal balance of FrostFS account`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		var idUser user.ID
 		pk := key.GetOrGenerate(cmd)
--- a/cmd/frostfs-cli/modules/accounting/root.go
+++ b/cmd/frostfs-cli/modules/accounting/root.go
@ -11,7 +11,7 @@ var Cmd = &cobra.Command{
 	Use:   "accounting",
 	Short: "Operations with accounts and balances",
 	Long:  `Operations with accounts and balances`,
-	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
 		flags := cmd.Flags()
 		_ = viper.BindPFlag(commonflags.WalletPath, flags.Lookup(commonflags.WalletPath))
--- a/cmd/frostfs-cli/modules/ape_manager/add_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/add_chain.go
@ -1,139 +0,0 @@
 package apemanager
 import (
 	"encoding/hex"
 	"errors"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
 const (
 	chainIDFlag    = "chain-id"
 	chainIDHexFlag = "chain-id-hex"
 	ruleFlag       = "rule"
 	pathFlag       = "path"
 )
 const (
 	targetNameFlag = "target-name"
 	targetNameDesc = "Resource name in APE resource name format"
 	targetTypeFlag = "target-type"
 	targetTypeDesc = "Resource type(container/namespace)"
 )
 const (
 	defaultNamespace = ""
 	namespaceTarget  = "namespace"
 	containerTarget  = "container"
 	userTarget       = "user"
 	groupTarget      = "group"
 )
 var errUnknownTargetType = errors.New("unknown target type")
 var addCmd = &cobra.Command{
 	Use:   "add",
 	Short: "Add rule chain for a target",
 	Run:   add,
 	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
 		commonflags.Bind(cmd)
 	},
 }
 func parseTarget(cmd *cobra.Command) (ct apeSDK.ChainTarget) {
 	typ, _ := cmd.Flags().GetString(targetTypeFlag)
 	name, _ := cmd.Flags().GetString(targetNameFlag)
 	ct.Name = name
 	switch typ {
 	case namespaceTarget:
 		ct.TargetType = apeSDK.TargetTypeNamespace
 	case containerTarget:
 		var cnr cid.ID
 		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
 		ct.TargetType = apeSDK.TargetTypeContainer
 	case userTarget:
 		ct.TargetType = apeSDK.TargetTypeUser
 	case groupTarget:
 		ct.TargetType = apeSDK.TargetTypeGroup
 	default:
 		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
 	}
 	return ct
 }
 func parseChain(cmd *cobra.Command) apeSDK.Chain {
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
 	chainIDRaw := []byte(chainID)
 	if hexEncoded {
 		var err error
 		chainIDRaw, err = hex.DecodeString(chainID)
 		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
 	}
 	chain := new(apechain.Chain)
 	chain.ID = apechain.ID(chainIDRaw)
 	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", util.ParseAPEChain(chain, rules))
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", util.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", errors.New("rule is not passed"))
 	}
 	cmd.Println("Parsed chain:")
 	util.PrintHumanReadableAPEChain(cmd, chain)
 	serialized := chain.Bytes()
 	return apeSDK.Chain{
 		Raw: serialized,
 	}
 }
 func add(cmd *cobra.Command, _ []string) {
 	c := parseChain(cmd)
 	target := parseTarget(cmd)
 	key := key.Get(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
 	res, err := cli.APEManagerAddChain(cmd.Context(), client_sdk.PrmAPEManagerAddChain{
 		ChainTarget: target,
 		Chain:       c,
 	})
 	commonCmd.ExitOnErr(cmd, "add chain error: %w", err)
 	cmd.Println("Rule has been added.")
 	cmd.Println("Chain ID: ", string(res.ChainID))
 }
 func initAddCmd() {
 	commonflags.Init(addCmd)
 	ff := addCmd.Flags()
 	ff.StringArray(ruleFlag, []string{}, "Rule statement")
 	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
 	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
 	ff.String(targetNameFlag, "", targetNameDesc)
 	ff.String(targetTypeFlag, "", targetTypeDesc)
 	_ = addCmd.MarkFlagRequired(targetTypeFlag)
 	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 	addCmd.MarkFlagsMutuallyExclusive(pathFlag, ruleFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/list_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/list_chain.go
@ -1,49 +0,0 @@
 package apemanager
 import (
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	apeutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
 var listCmd = &cobra.Command{
 	Use:   "list",
 	Short: "List rule chains defined on target",
 	Run:   list,
 	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
 		commonflags.Bind(cmd)
 	},
 }
 func list(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
 	key := key.Get(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
 	resp, err := cli.APEManagerListChains(cmd.Context(),
 		client_sdk.PrmAPEManagerListChains{
 			ChainTarget: target,
 		})
 	commonCmd.ExitOnErr(cmd, "list chains call error: %w", err)
 	for _, respChain := range resp.Chains {
 		var chain apechain.Chain
 		commonCmd.ExitOnErr(cmd, "decode error: %w", chain.DecodeBytes(respChain.Raw))
 		apeutil.PrintHumanReadableAPEChain(cmd, &chain)
 	}
 }
 func initListCmd() {
 	commonflags.Init(listCmd)
 	ff := listCmd.Flags()
 	ff.String(targetNameFlag, "", targetNameDesc)
 	ff.String(targetTypeFlag, "", targetTypeDesc)
 	_ = listCmd.MarkFlagRequired(targetTypeFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
@ -1,66 +0,0 @@
 package apemanager
 import (
 	"encoding/hex"
 	"errors"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
 var (
 	errEmptyChainID = errors.New("chain id cannot be empty")
 	removeCmd = &cobra.Command{
 		Use:   "remove",
 		Short: "Remove rule chain for a target",
 		Run:   remove,
 		PersistentPreRun: func(cmd *cobra.Command, _ []string) {
 			commonflags.Bind(cmd)
 		},
 	}
 )
 func remove(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
 	key := key.Get(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w", errEmptyChainID)
 	}
 	chainIDRaw := []byte(chainID)
 	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
 	if hexEncoded {
 		var err error
 		chainIDRaw, err = hex.DecodeString(chainID)
 		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
 	}
 	_, err := cli.APEManagerRemoveChain(cmd.Context(), client_sdk.PrmAPEManagerRemoveChain{
 		ChainTarget: target,
 		ChainID:     chainIDRaw,
 	})
 	commonCmd.ExitOnErr(cmd, "remove chain error: %w", err)
 	cmd.Println("\nRule has been removed.")
 }
 func initRemoveCmd() {
 	commonflags.Init(removeCmd)
 	ff := removeCmd.Flags()
 	ff.String(targetNameFlag, "", targetNameDesc)
 	ff.String(targetTypeFlag, "", targetTypeDesc)
 	_ = removeCmd.MarkFlagRequired(targetTypeFlag)
 	ff.String(chainIDFlag, "", "Chain id")
 	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 }
--- a/cmd/frostfs-cli/modules/ape_manager/root.go
+++ b/cmd/frostfs-cli/modules/ape_manager/root.go
@ -1,21 +0,0 @@
 package apemanager
 import (
 	"github.com/spf13/cobra"
 )
 var Cmd = &cobra.Command{
 	Use:   "ape-manager",
 	Short: "Operations with APE manager",
 	Long:  `Operations with APE manager`,
 }
 func init() {
 	Cmd.AddCommand(addCmd)
 	Cmd.AddCommand(removeCmd)
 	Cmd.AddCommand(listCmd)
 	initAddCmd()
 	initRemoveCmd()
 	initListCmd()
 }
--- a/cmd/frostfs-cli/modules/bearer/create.go
+++ b/cmd/frostfs-cli/modules/bearer/create.go
@ -15,12 +15,10 @@ import (
 	eaclSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 const (
 	eaclFlag           = "eacl"
 	apeFlag            = "ape"
 	issuedAtFlag       = "issued-at"
 	notValidBeforeFlag = "not-valid-before"
 	ownerFlag          = "owner"
@ -39,17 +37,10 @@ In this case --` + commonflags.RPC + ` flag should be specified and the epoch in
 is set to current epoch + n.
 `,
 	Run: createToken,
 	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
 		ff := cmd.Flags()
 		_ = viper.BindPFlag(commonflags.WalletPath, ff.Lookup(commonflags.WalletPath))
 		_ = viper.BindPFlag(commonflags.Account, ff.Lookup(commonflags.Account))
 	},
 }
 func init() {
-	createCmd.Flags().StringP(eaclFlag, "e", "", "Path to the extended ACL table (mutually exclusive with --impersonate and --ape flag)")
+	createCmd.Flags().StringP(eaclFlag, "e", "", "Path to the extended ACL table (mutually exclusive with --impersonate flag)")
 	createCmd.Flags().StringP(apeFlag, "a", "", "Path to the JSON-encoded APE override (mutually exclusive with --impersonate and --eacl flag)")
 	createCmd.Flags().StringP(issuedAtFlag, "i", "+0", "Epoch to issue token at")
 	createCmd.Flags().StringP(notValidBeforeFlag, "n", "+0", "Not valid before epoch")
 	createCmd.Flags().StringP(commonflags.ExpireAt, "x", "", "The last active epoch for the token")
@ -58,15 +49,13 @@ func init() {
 	createCmd.Flags().Bool(jsonFlag, false, "Output token in JSON")
 	createCmd.Flags().Bool(impersonateFlag, false, "Mark token as impersonate to consider the token signer as the request owner (mutually exclusive with --eacl flag)")
 	createCmd.Flags().StringP(commonflags.RPC, commonflags.RPCShorthand, commonflags.RPCDefault, commonflags.RPCUsage)
 	createCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, commonflags.WalletPathDefault, commonflags.WalletPathUsage)
 	createCmd.Flags().StringP(commonflags.Account, commonflags.AccountShorthand, commonflags.AccountDefault, commonflags.AccountUsage)
-	createCmd.MarkFlagsMutuallyExclusive(eaclFlag, apeFlag, impersonateFlag)
+	createCmd.MarkFlagsMutuallyExclusive(eaclFlag, impersonateFlag)
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), eaclFlag)
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), apeFlag)
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), commonflags.ExpireAt)
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), ownerFlag)
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), outFlag)
 }
@ -107,16 +96,16 @@ func createToken(cmd *cobra.Command, _ []string) {
 			fmt.Errorf("expiration epoch is less than not-valid-before epoch: %d < %d", exp, nvb))
 	}
 	ownerStr, _ := cmd.Flags().GetString(ownerFlag)
 	var ownerID user.ID
 	commonCmd.ExitOnErr(cmd, "can't parse recipient: %w", ownerID.DecodeString(ownerStr))
 	var b bearer.Token
 	b.SetExp(exp)
 	b.SetNbf(nvb)
 	b.SetIat(iat)
 	if ownerStr, _ := cmd.Flags().GetString(ownerFlag); ownerStr != "" {
 		var ownerID user.ID
 		commonCmd.ExitOnErr(cmd, "can't parse recipient: %w", ownerID.DecodeString(ownerStr))
 	b.ForUser(ownerID)
 	}
 	impersonate, _ := cmd.Flags().GetBool(impersonateFlag)
 	b.SetImpersonate(impersonate)
@ -130,14 +119,6 @@ func createToken(cmd *cobra.Command, _ []string) {
 		b.SetEACLTable(*table)
 	}
 	apePath, _ := cmd.Flags().GetString(apeFlag)
 	if apePath != "" {
 		var apeOverride bearer.APEOverride
 		raw, err := os.ReadFile(apePath)
 		commonCmd.ExitOnErr(cmd, "can't read APE rules: %w", err)
 		commonCmd.ExitOnErr(cmd, "can't parse APE rules: %w", json.Unmarshal(raw, &apeOverride))
 		b.SetAPEOverride(apeOverride)
 	}
 	var data []byte
 	toJSON, _ := cmd.Flags().GetBool(jsonFlag)
--- a/cmd/frostfs-cli/modules/bearer/generate_override.go
+++ b/cmd/frostfs-cli/modules/bearer/generate_override.go
@ -1,115 +0,0 @@
 package bearer
 import (
 	"errors"
 	"fmt"
 	"os"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
 	cidSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
 var (
 	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
 	errRuleIsNotParsed      = errors.New("rule is not passed")
 )
 const (
 	chainIDFlag    = "chain-id"
 	chainIDHexFlag = "chain-id-hex"
 	ruleFlag       = "rule"
 	pathFlag       = "path"
 	outputFlag     = "output"
 )
 var generateAPEOverrideCmd = &cobra.Command{
 	Use:   "generate-ape-override",
 	Short: "Generate APE override.",
 	Long: `Generate APE override by target and APE chains. Util command.
 Generated APE override can be dumped to a file in JSON format that is passed to
 "create" command.
 `,
 	Run: genereateAPEOverride,
 }
 func genereateAPEOverride(cmd *cobra.Command, _ []string) {
 	c := parseChain(cmd)
 	targetCID, _ := cmd.Flags().GetString(commonflags.CIDFlag)
 	var cid cidSDK.ID
 	commonCmd.ExitOnErr(cmd, "invalid cid format: %w", cid.DecodeString(targetCID))
 	override := &bearer.APEOverride{
 		Target: apeSDK.ChainTarget{
 			TargetType: apeSDK.TargetTypeContainer,
 			Name:       targetCID,
 		},
 		Chains: []apeSDK.Chain{
 			{
 				Raw: c.Bytes(),
 			},
 		},
 	}
 	overrideMarshalled, err := override.MarshalJSON()
 	commonCmd.ExitOnErr(cmd, "failed to marshal APE override: %w", err)
 	outputPath, _ := cmd.Flags().GetString(outputFlag)
 	if outputPath != "" {
 		err := os.WriteFile(outputPath, []byte(overrideMarshalled), 0o644)
 		commonCmd.ExitOnErr(cmd, "dump error: %w", err)
 	} else {
 		fmt.Print("\n")
 		fmt.Println(string(overrideMarshalled))
 	}
 }
 func init() {
 	ff := generateAPEOverrideCmd.Flags()
 	ff.StringP(commonflags.CIDFlag, "", "", "Target container ID.")
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), commonflags.CIDFlag)
 	ff.StringArray(ruleFlag, []string{}, "Rule statement")
 	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
 	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
 	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 	ff.String(outputFlag, "", "Output path to dump result JSON-encoded APE override")
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), outputFlag)
 }
 func parseChainID(cmd *cobra.Command) apechain.ID {
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
 			errChainIDCannotBeEmpty)
 	}
 	return apechain.ID(chainID)
 }
 func parseChain(cmd *cobra.Command) *apechain.Chain {
 	chain := new(apechain.Chain)
 	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", parseutil.ParseAPEChain(chain, rules))
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
 	}
 	chain.ID = parseChainID(cmd)
 	cmd.Println("Parsed chain:")
 	parseutil.PrintHumanReadableAPEChain(cmd, chain)
 	return chain
 }
--- a/cmd/frostfs-cli/modules/bearer/root.go
+++ b/cmd/frostfs-cli/modules/bearer/root.go
@ -11,5 +11,4 @@ var Cmd = &cobra.Command{
 func init() {
 	Cmd.AddCommand(createCmd)
 	Cmd.AddCommand(generateAPEOverrideCmd)
 }
--- a/cmd/frostfs-cli/modules/container/create.go
+++ b/cmd/frostfs-cli/modules/container/create.go
@ -38,7 +38,7 @@ var createContainerCmd = &cobra.Command{
 	Short: "Create new container",
 	Long: `Create new container and register it in the FrostFS.
 It will be stored in sidechain when inner ring will accepts it.`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		placementPolicy, err := parseContainerPolicy(cmd, containerPolicy)
 		commonCmd.ExitOnErr(cmd, "", err)
@ -58,28 +58,14 @@ It will be stored in sidechain when inner ring will accepts it.`,
 				"use --force option to skip this check: %w", err)
 			for i, nodes := range nodesByRep {
-				if repNum := placementPolicy.ReplicaDescriptor(i).NumberOfObjects(); repNum > 0 {
+				if placementPolicy.ReplicaNumberByIndex(i) > uint32(len(nodes)) {
 					if repNum > uint32(len(nodes)) {
 					commonCmd.ExitOnErr(cmd, "", fmt.Errorf(
 						"the number of nodes '%d' in selector is not enough for the number of replicas '%d', "+
 							"use --force option to skip this check",
 						len(nodes),
-							repNum,
+						placementPolicy.ReplicaNumberByIndex(i),
 					))
 				}
 				} else if ecParts := placementPolicy.ReplicaDescriptor(i).TotalECPartCount(); ecParts > 0 {
 					if ecParts > uint32(len(nodes)) {
 						commonCmd.ExitOnErr(cmd, "", fmt.Errorf(
 							"the number of nodes '%d' in selector is not enough for EC placement '%d.%d', "+
 								"use --force option to skip this check",
 							len(nodes),
 							placementPolicy.ReplicaDescriptor(i).GetECDataCount(),
 							placementPolicy.ReplicaDescriptor(i).GetECParityCount(),
 						))
 					}
 				} else {
 					commonCmd.ExitOnErr(cmd, "%w", errors.New("no replication policy is set"))
 				}
 			}
 		}
@ -139,7 +125,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 				},
 			}
-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)
 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
--- a/cmd/frostfs-cli/modules/container/delete.go
+++ b/cmd/frostfs-cli/modules/container/delete.go
@ -20,7 +20,7 @@ var deleteContainerCmd = &cobra.Command{
 	Short: "Delete existing container",
 	Long: `Delete existing container.
 Only owner of the container has a permission to remove container.`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		id := parseContainerID(cmd)
 		tok := getSession(cmd)
@ -110,7 +110,7 @@ Only owner of the container has a permission to remove container.`,
 				},
 			}
-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)
 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
--- a/cmd/frostfs-cli/modules/container/get.go
+++ b/cmd/frostfs-cli/modules/container/get.go
@ -33,7 +33,7 @@ var getContainerInfoCmd = &cobra.Command{
 	Use:   "get",
 	Short: "Get container field info",
 	Long:  `Get container field info`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		cnr, _ := getContainer(cmd)
 		prettyPrintContainer(cmd, cnr, containerJSON)
--- a/cmd/frostfs-cli/modules/container/get_eacl.go
+++ b/cmd/frostfs-cli/modules/container/get_eacl.go
@ -0,0 +1,68 @@
 package container
 import (
 	"os"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
 var getExtendedACLCmd = &cobra.Command{
 	Use:   "get-eacl",
 	Short: "Get extended ACL table of container",
 	Long:  `Get extended ACL table of container`,
 	Run: func(cmd *cobra.Command, args []string) {
 		id := parseContainerID(cmd)
 		pk := key.GetOrGenerate(cmd)
 		cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC)
 		eaclPrm := internalclient.EACLPrm{
 			Client: cli,
 			ClientParams: client.PrmContainerEACL{
 				ContainerID: &id,
 			},
 		}
 		res, err := internalclient.EACL(cmd.Context(), eaclPrm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		eaclTable := res.EACL()
 		if containerPathTo == "" {
 			cmd.Println("eACL: ")
 			common.PrettyPrintJSON(cmd, &eaclTable, "eACL")
 			return
 		}
 		var data []byte
 		if containerJSON {
 			data, err = eaclTable.MarshalJSON()
 			commonCmd.ExitOnErr(cmd, "can't encode to JSON: %w", err)
 		} else {
 			data, err = eaclTable.Marshal()
 			commonCmd.ExitOnErr(cmd, "can't encode to binary: %w", err)
 		}
 		cmd.Println("dumping data to file:", containerPathTo)
 		err = os.WriteFile(containerPathTo, data, 0o644)
 		commonCmd.ExitOnErr(cmd, "could not write eACL to file: %w", err)
 	},
 }
 func initContainerGetEACLCmd() {
 	commonflags.Init(getExtendedACLCmd)
 	flags := getExtendedACLCmd.Flags()
 	flags.StringVar(&containerID, commonflags.CIDFlag, "", commonflags.CIDFlagUsage)
 	flags.StringVar(&containerPathTo, "to", "", "Path to dump encoded container (default: binary encoded)")
 	flags.BoolVar(&containerJSON, commonflags.JSON, false, "Encode EACL table in json format")
 }
--- a/cmd/frostfs-cli/modules/container/list.go
+++ b/cmd/frostfs-cli/modules/container/list.go
@ -1,6 +1,9 @@
 package container
 import (
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -15,8 +18,6 @@ const (
 	flagListPrintAttr      = "with-attr"
 	flagListContainerOwner = "owner"
 	flagListName           = "name"
 	generateKeyContainerUsage = commonflags.GenerateKeyUsage + ", should be used with --owner flag"
 )
 // flag vars of list command.
@ -30,14 +31,9 @@ var listContainersCmd = &cobra.Command{
 	Use:   "list",
 	Short: "List all created containers",
 	Long:  "List all created containers",
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		var idUser user.ID
 		generateKey, _ := cmd.Flags().GetBool(commonflags.GenerateKey)
 		if flagVarListContainerOwner == "" && generateKey {
 			cmd.PrintErrln("WARN: using -g without --owner - output will be empty")
 		}
 		key := key.GetOrGenerate(cmd)
 		if flagVarListContainerOwner == "" {
@ -67,6 +63,7 @@ var listContainersCmd = &cobra.Command{
 				continue
 			}
 			cnrID := cnrID
 			prmGet.ClientParams.ContainerID = &cnrID
 			res, err := internalclient.GetContainer(cmd.Context(), prmGet)
 			if err != nil {
@ -81,8 +78,12 @@ var listContainersCmd = &cobra.Command{
 			cmd.Println(cnrID.String())
 			if flagVarListPrintAttr {
-				cnr.IterateUserAttributes(func(key, val string) {
+				cnr.IterateAttributes(func(key, val string) {
 					if !strings.HasPrefix(key, container.SysAttributePrefix) && !strings.HasPrefix(key, container.SysAttributePrefixNeoFS) {
 						// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
 						//	Use dedicated method to skip system attributes.
 						cmd.Printf("  %s: %s\n", key, val)
 					}
 				})
 			}
 		}
@ -103,5 +104,4 @@ func initContainerListContainersCmd() {
 	flags.BoolVar(&flagVarListPrintAttr, flagListPrintAttr, false,
 		"Request and print attributes of each container",
 	)
 	flags.Lookup(commonflags.GenerateKey).Usage = generateKeyContainerUsage
 }
--- a/cmd/frostfs-cli/modules/container/list_objects.go
+++ b/cmd/frostfs-cli/modules/container/list_objects.go
@ -1,6 +1,9 @@
 package container
 import (
 	"strings"
 	v2object "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -25,7 +28,7 @@ var listContainerObjectsCmd = &cobra.Command{
 	Use:   "list-objects",
 	Short: "List existing objects in container",
 	Long:  `List existing objects in container`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		id := parseContainerID(cmd)
 		filters := new(objectSDK.SearchFilters)
@ -64,8 +67,14 @@ var listContainerObjectsCmd = &cobra.Command{
 				resHead, err := internalclient.HeadObject(cmd.Context(), prmHead)
 				if err == nil {
-					for _, attr := range resHead.Header().UserAttributes() {
+					attrs := resHead.Header().Attributes()
-						cmd.Printf("  %s: %s\n", attr.Key(), attr.Value())
+					for i := range attrs {
 						attrKey := attrs[i].Key()
 						if !strings.HasPrefix(attrKey, v2object.SysAttributePrefix) && !strings.HasPrefix(attrKey, v2object.SysAttributePrefixNeoFS) {
 							// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
 							//	Use dedicated method to skip system attributes.
 							cmd.Printf("  %s: %s\n", attrKey, attrs[i].Value())
 						}
 					}
 				} else {
 					cmd.Printf("  failed to read attributes: %v\n", err)
--- a/cmd/frostfs-cli/modules/container/nodes.go
+++ b/cmd/frostfs-cli/modules/container/nodes.go
@ -2,7 +2,6 @@ package container
 import (
 	"crypto/sha256"
 	"errors"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -20,7 +19,7 @@ var containerNodesCmd = &cobra.Command{
 	Use:   "nodes",
 	Short: "Show nodes for container",
 	Long:  "Show nodes taking part in a container at the current epoch.",
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		cnr, pkey := getContainer(cmd)
 		if pkey == nil {
@ -47,14 +46,7 @@ var containerNodesCmd = &cobra.Command{
 		commonCmd.ExitOnErr(cmd, "could not build container nodes for given container: %w", err)
 		for i := range cnrNodes {
-			if repNum := policy.ReplicaDescriptor(i).NumberOfObjects(); repNum > 0 {
+			cmd.Printf("Descriptor #%d, REP %d:\n", i+1, policy.ReplicaNumberByIndex(i))
 				cmd.Printf("Descriptor #%d, REP %d:\n", i+1, repNum)
 			} else if ecParts := policy.ReplicaDescriptor(i).TotalECPartCount(); ecParts > 0 {
 				cmd.Printf("Descriptor #%d, EC %d.%d:\n", i+1, policy.ReplicaDescriptor(i).GetECDataCount(),
 					policy.ReplicaDescriptor(i).GetECParityCount())
 			} else {
 				commonCmd.ExitOnErr(cmd, "%w", errors.New("no replication policy is set"))
 			}
 			for j := range cnrNodes[i] {
 				commonCmd.PrettyPrintNodeInfo(cmd, cnrNodes[i][j], j, "\t", short)
 			}
--- a/cmd/frostfs-cli/modules/container/policy_playground.go
+++ b/cmd/frostfs-cli/modules/container/policy_playground.go
@ -20,12 +20,14 @@ import (
 type policyPlaygroundREPL struct {
 	cmd   *cobra.Command
 	args  []string
 	nodes map[string]netmap.NodeInfo
 }
-func newPolicyPlaygroundREPL(cmd *cobra.Command) (*policyPlaygroundREPL, error) {
+func newPolicyPlaygroundREPL(cmd *cobra.Command, args []string) (*policyPlaygroundREPL, error) {
 	return &policyPlaygroundREPL{
 		cmd:   cmd,
 		args:  args,
 		nodes: map[string]netmap.NodeInfo{},
 	}, nil
 }
@ -219,8 +221,8 @@ var policyPlaygroundCmd = &cobra.Command{
 	Short: "A REPL for testing placement policies",
 	Long: `A REPL for testing placement policies.
 If a wallet and endpoint is provided, the initial netmap data will be loaded from the snapshot of the node. Otherwise, an empty playground is created.`,
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
-		repl, err := newPolicyPlaygroundREPL(cmd)
+		repl, err := newPolicyPlaygroundREPL(cmd, args)
 		commonCmd.ExitOnErr(cmd, "could not create policy playground: %w", err)
 		commonCmd.ExitOnErr(cmd, "policy playground failed: %w", repl.run())
 	},
--- a/cmd/frostfs-cli/modules/container/root.go
+++ b/cmd/frostfs-cli/modules/container/root.go
@ -10,7 +10,7 @@ var Cmd = &cobra.Command{
 	Use:   "container",
 	Short: "Operations with containers",
 	Long:  "Operations with containers",
-	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
 		// bind exactly that cmd's flags to
 		// the viper before execution
 		commonflags.Bind(cmd)
@ -25,6 +25,8 @@ func init() {
 		deleteContainerCmd,
 		listContainerObjectsCmd,
 		getContainerInfoCmd,
 		getExtendedACLCmd,
 		setExtendedACLCmd,
 		containerNodesCmd,
 		policyPlaygroundCmd,
 	}
@ -36,6 +38,8 @@ func init() {
 	initContainerDeleteCmd()
 	initContainerListObjectsCmd()
 	initContainerInfoCmd()
 	initContainerGetEACLCmd()
 	initContainerSetEACLCmd()
 	initContainerNodesCmd()
 	initContainerPolicyPlaygroundCmd()
@ -49,6 +53,7 @@ func init() {
 	}{
 		{createContainerCmd, "PUT"},
 		{deleteContainerCmd, "DELETE"},
 		{setExtendedACLCmd, "SETEACL"},
 	} {
 		commonflags.InitSession(el.cmd, "container "+el.verb)
 	}
--- a/cmd/frostfs-cli/modules/container/set_eacl.go
+++ b/cmd/frostfs-cli/modules/container/set_eacl.go
@ -0,0 +1,108 @@
 package container
 import (
 	"bytes"
 	"errors"
 	"time"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
 var flagVarsSetEACL struct {
 	noPreCheck bool
 	srcPath string
 }
 var setExtendedACLCmd = &cobra.Command{
 	Use:   "set-eacl",
 	Short: "Set new extended ACL table for container",
 	Long: `Set new extended ACL table for container.
 Container ID in EACL table will be substituted with ID from the CLI.`,
 	Run: func(cmd *cobra.Command, args []string) {
 		id := parseContainerID(cmd)
 		eaclTable := common.ReadEACL(cmd, flagVarsSetEACL.srcPath)
 		tok := getSession(cmd)
 		eaclTable.SetCID(id)
 		pk := key.GetOrGenerate(cmd)
 		cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC)
 		if !flagVarsSetEACL.noPreCheck {
 			cmd.Println("Checking the ability to modify access rights in the container...")
 			extendable, err := internalclient.IsACLExtendable(cmd.Context(), cli, id)
 			commonCmd.ExitOnErr(cmd, "Extensibility check failure: %w", err)
 			if !extendable {
 				commonCmd.ExitOnErr(cmd, "", errors.New("container ACL is immutable"))
 			}
 			cmd.Println("ACL extension is enabled in the container, continue processing.")
 		}
 		setEACLPrm := internalclient.SetEACLPrm{
 			Client: cli,
 			ClientParams: client.PrmContainerSetEACL{
 				Table:   eaclTable,
 				Session: tok,
 			},
 		}
 		_, err := internalclient.SetEACL(cmd.Context(), setEACLPrm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		if containerAwait {
 			exp, err := eaclTable.Marshal()
 			commonCmd.ExitOnErr(cmd, "broken EACL table: %w", err)
 			cmd.Println("awaiting...")
 			getEACLPrm := internalclient.EACLPrm{
 				Client: cli,
 				ClientParams: client.PrmContainerEACL{
 					ContainerID: &id,
 				},
 			}
 			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)
 				res, err := internalclient.EACL(cmd.Context(), getEACLPrm)
 				if err == nil {
 					// compare binary values because EACL could have been set already
 					table := res.EACL()
 					got, err := table.Marshal()
 					if err != nil {
 						continue
 					}
 					if bytes.Equal(exp, got) {
 						cmd.Println("EACL has been persisted on sidechain")
 						return
 					}
 				}
 			}
 			commonCmd.ExitOnErr(cmd, "", errSetEACLTimeout)
 		}
 	},
 }
 func initContainerSetEACLCmd() {
 	commonflags.Init(setExtendedACLCmd)
 	flags := setExtendedACLCmd.Flags()
 	flags.StringVar(&containerID, commonflags.CIDFlag, "", commonflags.CIDFlagUsage)
 	flags.StringVar(&flagVarsSetEACL.srcPath, "table", "", "path to file with JSON or binary encoded EACL table")
 	flags.BoolVar(&containerAwait, "await", false, "block execution until EACL is persisted")
 	flags.BoolVar(&flagVarsSetEACL.noPreCheck, "no-precheck", false, "do not pre-check the extensibility of the container ACL")
 }
--- a/cmd/frostfs-cli/modules/container/util.go
+++ b/cmd/frostfs-cli/modules/container/util.go
@ -20,6 +20,7 @@ const (
 var (
 	errCreateTimeout  = errors.New("timeout: container has not been persisted on sidechain")
 	errDeleteTimeout  = errors.New("timeout: container has not been removed from sidechain")
 	errSetEACLTimeout = errors.New("timeout: EACL has not been persisted on sidechain")
 )
 func parseContainerID(cmd *cobra.Command) cid.ID {
--- a/cmd/frostfs-cli/modules/control/add_rule.go
+++ b/cmd/frostfs-cli/modules/control/add_rule.go
@ -24,7 +24,7 @@ var addRuleCmd = &cobra.Command{
 	Long:  "Add local APE rule to a node with following format:\n<action>[:action_detail] <operation> [<condition1> ...] <resource>",
 	Example: `control add-rule --endpoint ... -w ... --address ... --chain-id ChainID --cid ... --rule "allow Object.Get *"
 --rule "deny Object.Get EbxzAdz5LB4uqxuz6crWKAumBNtZyK2rKsqQP7TdZvwr/*"
--rule "deny:QuotaLimitReached Object.Put ResourceCondition:Department=HR *"
+--rule "deny:QuotaLimitReached Object.Put Object.Resource:Department=HR *"
 control add-rule --endpoint ... -w ... --address ... --chain-id ChainID --cid ... --path some_chain.json
 `,
--- a/cmd/frostfs-cli/modules/control/drop_objects.go
+++ b/cmd/frostfs-cli/modules/control/drop_objects.go
@ -14,7 +14,7 @@ var dropObjectsCmd = &cobra.Command{
 	Use:   "drop-objects",
 	Short: "Drop objects from the node's local storage",
 	Long:  "Drop objects from the node's local storage",
-	Run: func(cmd *cobra.Command, _ []string) {
+	Run: func(cmd *cobra.Command, args []string) {
 		pk := key.Get(cmd)
 		dropObjectsList, _ := cmd.Flags().GetStringSlice(dropObjectsFlag)
--- a/cmd/frostfs-cli/modules/control/evacuation.go
+++ b/cmd/frostfs-cli/modules/control/evacuation.go
@ -20,10 +20,6 @@ const (
 	awaitFlag      = "await"
 	noProgressFlag = "no-progress"
 	scopeFlag      = "scope"
 	repOneOnlyFlag = "rep-one-only"
 	containerWorkerCountFlag = "container-worker-count"
 	objectWorkerCountFlag    = "object-worker-count"
 	scopeAll     = "all"
 	scopeObjects = "objects"
@ -57,29 +53,16 @@ var stopEvacuationShardCmd = &cobra.Command{
 	Run:   stopEvacuateShardStatus,
 }
 var resetEvacuationStatusShardCmd = &cobra.Command{
 	Use:   "reset",
 	Short: "Reset evacuate objects from shard status",
 	Long:  "Reset evacuate objects from shard to other shards status",
 	Run:   resetEvacuateShardStatus,
 }
 func startEvacuateShard(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)
 	ignoreErrors, _ := cmd.Flags().GetBool(ignoreErrorsFlag)
 	containerWorkerCount, _ := cmd.Flags().GetUint32(containerWorkerCountFlag)
 	objectWorkerCount, _ := cmd.Flags().GetUint32(objectWorkerCountFlag)
 	repOneOnly, _ := cmd.Flags().GetBool(repOneOnlyFlag)
 	req := &control.StartShardEvacuationRequest{
 		Body: &control.StartShardEvacuationRequest_Body{
 			Shard_ID:     getShardIDList(cmd),
 			IgnoreErrors: ignoreErrors,
 			Scope:        getEvacuationScope(cmd),
 			ContainerWorkerCount: containerWorkerCount,
 			ObjectWorkerCount:    objectWorkerCount,
 			RepOneOnly:           repOneOnly,
 		},
 	}
@ -169,29 +152,6 @@ func stopEvacuateShardStatus(cmd *cobra.Command, _ []string) {
 	cmd.Println("Evacuation stopped.")
 }
 func resetEvacuateShardStatus(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)
 	req := &control.ResetShardEvacuationStatusRequest{
 		Body: &control.ResetShardEvacuationStatusRequest_Body{},
 	}
 	signRequest(cmd, pk, req)
 	cli := getClient(cmd, pk)
 	var resp *control.ResetShardEvacuationStatusResponse
 	var err error
 	err = cli.ExecRaw(func(client *client.Client) error {
 		resp, err = control.ResetShardEvacuationStatus(client, req)
 		return err
 	})
 	commonCmd.ExitOnErr(cmd, "Reset shards evacuation status failed, rpc error: %w", err)
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 	cmd.Println("Shards evacuation status has been reset.")
 }
 func waitEvacuateCompletion(cmd *cobra.Command, pk *ecdsa.PrivateKey, cli *clientSDK.Client, printProgress, printCompleted bool) {
 	const statusPollingInterval = 1 * time.Second
 	const reportIntervalSeconds = 5
@ -363,12 +323,10 @@ func initControlEvacuationShardCmd() {
 	evacuationShardCmd.AddCommand(startEvacuationShardCmd)
 	evacuationShardCmd.AddCommand(getEvacuationShardStatusCmd)
 	evacuationShardCmd.AddCommand(stopEvacuationShardCmd)
 	evacuationShardCmd.AddCommand(resetEvacuationStatusShardCmd)
 	initControlStartEvacuationShardCmd()
 	initControlFlags(getEvacuationShardStatusCmd)
 	initControlFlags(stopEvacuationShardCmd)
 	initControlFlags(resetEvacuationStatusShardCmd)
 }
 func initControlStartEvacuationShardCmd() {
@ -381,9 +339,6 @@ func initControlStartEvacuationShardCmd() {
 	flags.String(scopeFlag, scopeAll, fmt.Sprintf("Evacuation scope; possible values: %s, %s, %s", scopeTrees, scopeObjects, scopeAll))
 	flags.Bool(awaitFlag, false, "Block execution until evacuation is completed")
 	flags.Bool(noProgressFlag, false, fmt.Sprintf("Print progress if %s provided", awaitFlag))
 	flags.Uint32(containerWorkerCountFlag, 0, "Count of concurrent container evacuation workers")
 	flags.Uint32(objectWorkerCountFlag, 0, "Count of concurrent object evacuation workers")
 	flags.Bool(repOneOnlyFlag, false, "Evacuate objects only from containers with policy 'REP 1 ...'")
 	startEvacuationShardCmd.MarkFlagsMutuallyExclusive(shardIDFlag, shardAllFlag)
 }
--- a/cmd/frostfs-cli/modules/control/healthcheck.go
+++ b/cmd/frostfs-cli/modules/control/healthcheck.go
@ -1,10 +1,7 @@
 package control
 import (
 	"os"
 	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
@ -27,7 +24,6 @@ func initControlHealthCheckCmd() {
 	flags := healthCheckCmd.Flags()
 	flags.Bool(healthcheckIRFlag, false, "Communicate with IR node")
 	flags.BoolP(commonflags.QuietFlag, commonflags.QuietFlagShorthand, false, commonflags.QuietFlagUsage)
 	_ = flags.MarkDeprecated(healthcheckIRFlag, "for health check of inner ring nodes, use the 'control ir healthcheck' command instead.")
 }
@ -54,12 +50,6 @@ func healthCheck(cmd *cobra.Command, args []string) {
 	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 	if quietFlag, _ := cmd.Flags().GetBool(commonflags.QuietFlag); quietFlag {
 		if resp.GetBody().GetHealthStatus() == control.HealthStatus_READY {
 			return
 		}
 		os.Exit(1)
 	}
 	cmd.Printf("Network status: %s\n", resp.GetBody().GetNetmapStatus())
 	cmd.Printf("Health status: %s\n", resp.GetBody().GetHealthStatus())
--- a/cmd/frostfs-cli/modules/control/ir_healthcheck.go
+++ b/cmd/frostfs-cli/modules/control/ir_healthcheck.go
@ -1,10 +1,7 @@
 package control
 import (
 	"os"
 	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	ircontrol "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
@ -21,8 +18,6 @@ var irHealthCheckCmd = &cobra.Command{
 func initControlIRHealthCheckCmd() {
 	initControlFlags(irHealthCheckCmd)
 	flags := irHealthCheckCmd.Flags()
 	flags.BoolP(commonflags.QuietFlag, commonflags.QuietFlagShorthand, false, commonflags.QuietFlagUsage)
 }
 func irHealthCheck(cmd *cobra.Command, _ []string) {
@ -44,12 +39,6 @@ func irHealthCheck(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 	if quietFlag, _ := cmd.Flags().GetBool(commonflags.QuietFlag); quietFlag {
 		if resp.GetBody().GetHealthStatus() == ircontrol.HealthStatus_READY {
 			return
 		}
 		os.Exit(1)
 	}
 	cmd.Printf("Health status: %s\n", resp.GetBody().GetHealthStatus())
 }
--- a/cmd/frostfs-cli/modules/control/list_rules.go
+++ b/cmd/frostfs-cli/modules/control/list_rules.go
@ -1,7 +1,6 @@
 package control
 import (
 	"errors"
 	"fmt"
 	"strings"
@ -27,8 +26,6 @@ const (
 	defaultNamespace = "root"
 	namespaceTarget  = "namespace"
 	containerTarget  = "container"
 	userTarget       = "user"
 	groupTarget      = "group"
 )
 const (
@ -38,11 +35,6 @@ const (
 	targetTypeDesc = "Resource type(container/namespace)"
 )
 var (
 	errSettingDefaultValueWasDeclined = errors.New("setting default value was declined")
 	errUnknownTargetType              = errors.New("unknown target type")
 )
 func parseTarget(cmd *cobra.Command) *control.ChainTarget {
 	typ, _ := cmd.Flags().GetString(targetTypeFlag)
 	name, _ := cmd.Flags().GetString(targetNameFlag)
@ -53,7 +45,7 @@ func parseTarget(cmd *cobra.Command) *control.ChainTarget {
 			commonCmd.ExitOnErr(cmd, "read line error: %w", err)
 			ln = strings.ToLower(ln)
 			if len(ln) > 0 && (ln[0] == 'n') {
-				commonCmd.ExitOnErr(cmd, "read namespace error: %w", errSettingDefaultValueWasDeclined)
+				commonCmd.ExitOnErr(cmd, "read namespace error: %w", fmt.Errorf("setting default value was declined"))
 			}
 			name = defaultNamespace
 		}
@ -68,18 +60,8 @@ func parseTarget(cmd *cobra.Command) *control.ChainTarget {
 			Name: name,
 			Type: control.ChainTarget_CONTAINER,
 		}
 	case userTarget:
 		return &control.ChainTarget{
 			Name: name,
 			Type: control.ChainTarget_USER,
 		}
 	case groupTarget:
 		return &control.ChainTarget{
 			Name: name,
 			Type: control.ChainTarget_GROUP,
 		}
 	default:
-		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
+		commonCmd.ExitOnErr(cmd, "read target type error: %w", fmt.Errorf("unknown target type"))
 	}
 	return nil
 }
--- a/cmd/frostfs-cli/modules/control/list_targets.go
+++ b/cmd/frostfs-cli/modules/control/list_targets.go
@ -13,8 +13,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 )
 const (
@ -54,10 +52,6 @@ func listTargets(cmd *cobra.Command, _ []string) {
 		resp, err = control.ListTargetsLocalOverrides(client, req)
 		return err
 	})
 	if err != nil && status.Code(err) == codes.NotFound {
 		cmd.Println("Local overrides are not defined for any target.")
 		return
 	}
 	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
--- a/cmd/frostfs-cli/modules/control/rebuild_shards.go
+++ b/cmd/frostfs-cli/modules/control/rebuild_shards.go
@ -1,88 +0,0 @@
 package control
 import (
 	"fmt"
 	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
 	"github.com/mr-tron/base58"
 	"github.com/spf13/cobra"
 )
 const (
 	fillPercentFlag = "fill_percent"
 )
 var shardsRebuildCmd = &cobra.Command{
 	Use:   "rebuild",
 	Short: "Rebuild shards",
 	Long:  "Rebuild reclaims storage occupied by dead objects and adjusts the storage structure according to the configuration (for blobovnicza only now)",
 	Run:   shardsRebuild,
 }
 func shardsRebuild(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)
 	req := &control.StartShardRebuildRequest{
 		Body: &control.StartShardRebuildRequest_Body{
 			Shard_ID:          getShardIDList(cmd),
 			TargetFillPercent: getFillPercentValue(cmd),
 			ConcurrencyLimit:  getConcurrencyValue(cmd),
 		},
 	}
 	signRequest(cmd, pk, req)
 	cli := getClient(cmd, pk)
 	var resp *control.StartShardRebuildResponse
 	var err error
 	err = cli.ExecRaw(func(client *rawclient.Client) error {
 		resp, err = control.StartShardRebuild(client, req)
 		return err
 	})
 	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 	var success, failed uint
 	for _, res := range resp.GetBody().GetResults() {
 		if res.GetSuccess() {
 			success++
 			cmd.Printf("Shard %s: OK\n", base58.Encode(res.GetShard_ID()))
 		} else {
 			failed++
 			cmd.Printf("Shard %s: failed with error %q\n", base58.Encode(res.GetShard_ID()), res.GetError())
 		}
 	}
 	cmd.Printf("Total: %d success, %d failed\n", success, failed)
 }
 func getFillPercentValue(cmd *cobra.Command) uint32 {
 	v, _ := cmd.Flags().GetUint32(fillPercentFlag)
 	if v <= 0 || v > 100 {
 		commonCmd.ExitOnErr(cmd, "invalid fill_percent value", fmt.Errorf("fill_percent value must be (0, 100], current value: %d", v))
 	}
 	return v
 }
 func getConcurrencyValue(cmd *cobra.Command) uint32 {
 	v, _ := cmd.Flags().GetUint32(concurrencyFlag)
 	if v <= 0 || v > 10000 {
 		commonCmd.ExitOnErr(cmd, "invalid concurrency value", fmt.Errorf("concurrency value must be (0, 10 000], current value: %d", v))
 	}
 	return v
 }
 func initControlShardRebuildCmd() {
 	initControlFlags(shardsRebuildCmd)
 	flags := shardsRebuildCmd.Flags()
 	flags.StringSlice(shardIDFlag, nil, "List of shard IDs in base58 encoding")
 	flags.Bool(shardAllFlag, false, "Process all shards")
 	flags.Uint32(fillPercentFlag, 80, "Target fill percent to reclaim space")
 	flags.Uint32(concurrencyFlag, 20, "Maximum count of concurrently rebuilding files")
 	setShardModeCmd.MarkFlagsMutuallyExclusive(shardIDFlag, shardAllFlag)
 }
--- a/cmd/frostfs-cli/modules/control/remove_rule.go
+++ b/cmd/frostfs-cli/modules/control/remove_rule.go
@ -2,7 +2,6 @@ package control
 import (
 	"encoding/hex"
 	"errors"
 	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -14,48 +13,21 @@ import (
 const (
 	chainIDFlag    = "chain-id"
 	chainIDHexFlag = "chain-id-hex"
 	allFlag        = "all"
 )
-var (
+var removeRuleCmd = &cobra.Command{
 	errEmptyChainID = errors.New("chain id cannot be empty")
 	removeRuleCmd = &cobra.Command{
 	Use:   "remove-rule",
 	Short: "Remove local override",
 	Long:  "Remove local APE override of the node",
 	Run:   removeRule,
-	}
+}
 )
 func removeRule(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)
 	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
 	removeAll, _ := cmd.Flags().GetBool(allFlag)
 	if removeAll {
 		req := &control.RemoveChainLocalOverridesByTargetRequest{
 			Body: &control.RemoveChainLocalOverridesByTargetRequest_Body{
 				Target: parseTarget(cmd),
 			},
 		}
 		signRequest(cmd, pk, req)
 		cli := getClient(cmd, pk)
 		var resp *control.RemoveChainLocalOverridesByTargetResponse
 		var err error
 		err = cli.ExecRaw(func(client *client.Client) error {
 			resp, err = control.RemoveChainLocalOverridesByTarget(client, req)
 			return err
 		})
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 		cmd.Println("All rules have been removed.")
 		return
 	}
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
-	if chainID == "" {
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
-		commonCmd.ExitOnErr(cmd, "read chain id error: %w", errEmptyChainID)
+
 	}
 	chainIDRaw := []byte(chainID)
 	if hexEncoded {
@ -97,6 +69,4 @@ func initControlRemoveRuleCmd() {
 	_ = removeRuleCmd.MarkFlagRequired(targetTypeFlag)
 	ff.String(chainIDFlag, "", "Chain id")
 	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 	ff.Bool(allFlag, false, "Remove all chains")
 	removeRuleCmd.MarkFlagsMutuallyExclusive(allFlag, chainIDFlag)
 }
--- a/cmd/frostfs-cli/modules/control/root.go
+++ b/cmd/frostfs-cli/modules/control/root.go
@ -10,7 +10,7 @@ var Cmd = &cobra.Command{
 	Use:   "control",
 	Short: "Operations with storage node",
 	Long:  `Operations with storage node`,
-	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
 		ff := cmd.Flags()
 		_ = viper.BindPFlag(commonflags.WalletPath, ff.Lookup(commonflags.WalletPath))
--- a/cmd/frostfs-cli/modules/control/set_netmap_status.go
+++ b/cmd/frostfs-cli/modules/control/set_netmap_status.go
@ -1,10 +1,7 @@
 package control
 import (
 	"crypto/ecdsa"
 	"errors"
 	"fmt"
 	"time"
 	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
@ -12,7 +9,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
@ -22,13 +18,8 @@ const (
 	netmapStatusOnline      = "online"
 	netmapStatusOffline     = "offline"
 	netmapStatusMaintenance = "maintenance"
 	maxSetStatusMaxWaitTime = 30 * time.Minute
 	setStatusWaitTimeout    = 30 * time.Second
 )
 var errNetmapStatusAwaitFailed = errors.New("netmap status hasn't changed for 30 minutes")
 var setNetmapStatusCmd = &cobra.Command{
 	Use:   "set-status",
 	Short: "Set status of the storage node in FrostFS network map",
@ -52,8 +43,6 @@ func initControlSetNetmapStatusCmd() {
 	flags.BoolP(commonflags.ForceFlag, commonflags.ForceFlagShorthand, false,
 		"Force turning to local maintenance")
 	flags.Bool(commonflags.AwaitFlag, false, commonflags.AwaitFlagUsage)
 }
 func setNetmapStatus(cmd *cobra.Command, _ []string) {
@ -67,27 +56,22 @@ func setNetmapStatus(cmd *cobra.Command, _ []string) {
 		}
 	}
 	await, _ := cmd.Flags().GetBool(commonflags.AwaitFlag)
 	var targetStatus control.NetmapStatus
 	switch st, _ := cmd.Flags().GetString(netmapStatusFlag); st {
 	default:
 		commonCmd.ExitOnErr(cmd, "", fmt.Errorf("unsupported status %s", st))
 	case netmapStatusOnline:
 		body.SetStatus(control.NetmapStatus_ONLINE)
 		printIgnoreForce(control.NetmapStatus_ONLINE)
 		targetStatus = control.NetmapStatus_ONLINE
 	case netmapStatusOffline:
 		body.SetStatus(control.NetmapStatus_OFFLINE)
 		printIgnoreForce(control.NetmapStatus_OFFLINE)
 		targetStatus = control.NetmapStatus_OFFLINE
 	case netmapStatusMaintenance:
 		body.SetStatus(control.NetmapStatus_MAINTENANCE)
 		if force {
-			body.SetForceMaintenance(true)
+			body.SetForceMaintenance()
 			common.PrintVerbose(cmd, "Local maintenance will be forced.")
 		}
 		targetStatus = control.NetmapStatus_MAINTENANCE
 	}
 	req := new(control.SetNetmapStatusRequest)
@ -108,52 +92,4 @@ func setNetmapStatus(cmd *cobra.Command, _ []string) {
 	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
 	cmd.Println("Network status update request successfully sent.")
 	if await {
 		awaitSetNetmapStatus(cmd, pk, cli, targetStatus)
 	}
 }
 func awaitSetNetmapStatus(cmd *cobra.Command, pk *ecdsa.PrivateKey, cli *client.Client, targetStatus control.NetmapStatus) {
 	req := &control.GetNetmapStatusRequest{
 		Body: &control.GetNetmapStatusRequest_Body{},
 	}
 	signRequest(cmd, pk, req)
 	var epoch uint64
 	var status control.NetmapStatus
 	startTime := time.Now()
 	cmd.Println("Wait until epoch and netmap status change...")
 	for {
 		var resp *control.GetNetmapStatusResponse
 		var err error
 		err = cli.ExecRaw(func(client *rawclient.Client) error {
 			resp, err = control.GetNetmapStatus(client, req)
 			return err
 		})
 		commonCmd.ExitOnErr(cmd, "failed to get current netmap status: %w", err)
 		if epoch == 0 {
 			epoch = resp.GetBody().GetEpoch()
 		}
 		status = resp.GetBody().GetStatus()
 		if resp.GetBody().GetEpoch() > epoch {
 			epoch = resp.GetBody().GetEpoch()
 			cmd.Printf("Epoch changed to %d\n", resp.GetBody().GetEpoch())
 		}
 		if status == targetStatus {
 			break
 		}
 		if time.Since(startTime) > maxSetStatusMaxWaitTime {
 			commonCmd.ExitOnErr(cmd, "failed to wait netmap status: %w", errNetmapStatusAwaitFailed)
 			return
 		}
 		time.Sleep(setStatusWaitTimeout)
 		cmd.Printf("Current netmap status '%s', target status '%s'\n", status.String(), targetStatus.String())
 	}
 	cmd.Printf("Netmap status changed to '%s' successfully.\n", status.String())
 }
--- a/Show more
+++ b/Show more
`@ -1,4 +1,4 @@`
	`FROM golang:1.22`	`FROM golang:1.21`

	`WORKDIR /tmp`	`WORKDIR /tmp`