[#1339 ] getSvc: Fix access denied error handling

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
[#1328 ] pilorama: Do not skip items in SortedByFilename
2024-08-28 14:00:57 +03:00 · 2024-08-23 13:41:01 +03:00 · 2024-08-23 13:23:15 +03:00 · 2024-08-20 16:34:42 +03:00 · 2024-08-20 16:31:59 +03:00 · 2024-08-19 18:39:25 +03:00
836 changed files with 12689 additions and 18195 deletions
--- a/.docker/Dockerfile.adm
+++ b/.docker/Dockerfile.adm
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ci
+++ b/.docker/Dockerfile.ci
@ -1,4 +1,4 @@
-FROM golang:1.23
+FROM golang:1.22

 WORKDIR /tmp

--- a/.docker/Dockerfile.cli
+++ b/.docker/Dockerfile.cli
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ir
+++ b/.docker/Dockerfile.ir
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.storage
+++ b/.docker/Dockerfile.storage
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.forgejo/workflows/build.yml
+++ b/.forgejo/workflows/build.yml
@ -1,10 +1,6 @@
 name: Build

-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  build:
@ -12,7 +8,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.22', '1.23' ]
+        go_versions: [ '1.21', '1.22' ]

    steps:
      - uses: actions/checkout@v3
--- a/.forgejo/workflows/pre-commit.yml
+++ b/.forgejo/workflows/pre-commit.yml
@ -1,10 +1,5 @@
 name: Pre-commit hooks
-
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  precommit:
@ -21,7 +16,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: 1.23
+          go-version: 1.22
      - name: Set up Python
        run: |
          apt update
--- a/.forgejo/workflows/tests.yml
+++ b/.forgejo/workflows/tests.yml
@ -1,10 +1,5 @@
 name: Tests and linters
-
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  lint:
@ -16,7 +11,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.22'
          cache: true

      - name: Install linters
@ -30,7 +25,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.22', '1.23' ]
+        go_versions: [ '1.21', '1.22' ]
      fail-fast: false
    steps:
      - uses: actions/checkout@v3
@ -53,7 +48,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.22'
+          go-version: '1.21'
          cache: true

      - name: Run tests
@ -68,7 +63,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.22'
          cache: true

      - name: Install staticcheck
@ -86,7 +81,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.22'
+          go-version: '1.21'
          cache: true

      - name: Install gopls
@ -94,23 +89,3 @@ jobs:

      - name: Run gopls
        run: make gopls-run
-
-  fumpt:
-    name: Run gofumpt
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Set up Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: '1.23'
-          cache: true
-
-      - name: Install gofumpt
-        run: make fumpt-install
-
-      - name: Run gofumpt
-        run: |
-          make fumpt
-          git diff --exit-code --quiet
--- a/.forgejo/workflows/vulncheck.yml
+++ b/.forgejo/workflows/vulncheck.yml
@ -1,10 +1,5 @@
 name: Vulncheck
-
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  vulncheck:
@ -18,7 +13,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.23'
+          go-version: '1.22'

      - name: Install govulncheck
        run: go install golang.org/x/vuln/cmd/govulncheck@latest
--- a/.forgejo/ISSUE_TEMPLATE/bug_report.md
+++ b/.forgejo/ISSUE_TEMPLATE/bug_report.md
--- a/.forgejo/ISSUE_TEMPLATE/config.yml
+++ b/.forgejo/ISSUE_TEMPLATE/config.yml
--- a/.forgejo/ISSUE_TEMPLATE/feature_request.md
+++ b/.forgejo/ISSUE_TEMPLATE/feature_request.md
--- a/.forgejo/logo.svg
+++ b/.forgejo/logo.svg
--- a/.golangci.yml
+++ b/.golangci.yml
@ -12,8 +12,7 @@ run:
 # output configuration options
 output:
  # colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
-  formats:
-    - format: tab
+  format: tab

 # all available settings of specific linters
 linters-settings:
@ -38,10 +37,6 @@ linters-settings:
    alias:
      pkg: git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object
      alias: objectSDK
-  unused:
-    field-writes-are-uses: false
-    exported-fields-are-used: false
-    local-variables-are-used: false
  custom:
    truecloudlab-linters:
      path: bin/linters/external_linters.so
@ -71,7 +66,7 @@ linters:
    - bidichk
    - durationcheck
    - exhaustive
-    - copyloopvar
+    - exportloopref
    - gofmt
    - goimports
    - misspell
@ -87,7 +82,5 @@ linters:
    - perfsprint
    - testifylint
    - protogetter
-    - intrange
-    - tenv
  disable-all: true
  fast: false
--- a/.woodpecker/pre-commit.yml
+++ b/.woodpecker/pre-commit.yml
@ -0,0 +1,11 @@
+pipeline:
+  # Kludge for non-root containers under WoodPecker
+  fix-ownership:
+    image: alpine:latest
+    commands: chown -R 1234:1234 .
+
+  pre-commit:
+    image: git.frostfs.info/truecloudlab/frostfs-ci:v0.36
+    commands:
+      - export HOME="$(getent passwd $(id -u) | cut '-d:' -f6)"
+      - pre-commit run --hook-stage manual
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -9,30 +9,6 @@ Changelog for FrostFS Node
 ### Removed
 ### Updated

-## [v0.44.0] - 2024-25-11 - Rongbuk
-
-### Added
- Allow to prioritize nodes during GET traversal via attributes (#1439)
- Add metrics for the frostfsid cache (#1464)
- Customize constant attributes attached to every tracing span (#1488)
- Manage additional keys in the `frostfsid` contract (#1505)
- Describe `--rule` flag in detail for `frostfs-cli ape-manager` subcommands (#1519)
-
-### Changed
- Support richer interaction with the console in `frostfs-cli container policy-playground` (#1396)
- Print address in base58 format in `frostfs-adm morph policy set-admin` (#1515)
-
-### Fixed
- Fix EC object search (#1408)
- Fix EC object put when one of the nodes is unavailable (#1427)
-
-### Removed
- Drop most of the eACL-related code (#1425)
- Remove `--basic-acl` flag from `frostfs-cli container create` (#1483)
-
-### Upgrading from v0.43.0
-The metabase schema has changed completely, resync is required.
-
 ## [v0.42.0]

 ### Added
--- a/61
+++ b/61
@ -4,19 +4,20 @@ SHELL = bash
 REPO ?= $(shell go list -m)
 VERSION ?= $(shell git describe --tags --dirty --match "v*" --always --abbrev=8 2>/dev/null || cat VERSION 2>/dev/null || echo "develop")

-HUB_IMAGE ?= git.frostfs.info/truecloudlab/frostfs
+HUB_IMAGE ?= truecloudlab/frostfs
 HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"

 GO_VERSION ?= 1.22
-LINT_VERSION ?= 1.62.0
-TRUECLOUDLAB_LINT_VERSION ?= 0.0.8
+LINT_VERSION ?= 1.56.1
+TRUECLOUDLAB_LINT_VERSION ?= 0.0.5
 PROTOC_VERSION ?= 25.0
-PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-sdk-go)
+PROTOC_GEN_GO_VERSION ?= $(shell go list -f '{{.Version}}' -m google.golang.org/protobuf)
+PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-api-go/v2)
 PROTOC_OS_VERSION=osx-x86_64
 ifeq ($(shell uname), Linux)
 	PROTOC_OS_VERSION=linux-x86_64
 endif
-STATICCHECK_VERSION ?= 2024.1.1
+STATICCHECK_VERSION ?= 2023.1.6
 ARCH = amd64

 BIN = bin
@ -27,21 +28,24 @@ DIRS = $(BIN) $(RELEASE)
 CMDS = $(notdir $(basename $(wildcard cmd/frostfs-*)))
 BINS = $(addprefix $(BIN)/, $(CMDS))

+# .deb package versioning
+OS_RELEASE = $(shell lsb_release -cs)
+PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
+			sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
+			sed "s/-/~/")-${OS_RELEASE}
+
 OUTPUT_LINT_DIR ?= $(abspath $(BIN))/linters
 LINT_DIR = $(OUTPUT_LINT_DIR)/golangci-lint-$(LINT_VERSION)-v$(TRUECLOUDLAB_LINT_VERSION)
 TMP_DIR := .cache
 PROTOBUF_DIR ?= $(abspath $(BIN))/protobuf
 PROTOC_DIR ?= $(PROTOBUF_DIR)/protoc-v$(PROTOC_VERSION)
+PROTOC_GEN_GO_DIR ?= $(PROTOBUF_DIR)/protoc-gen-go-$(PROTOC_GEN_GO_VERSION)
 PROTOGEN_FROSTFS_DIR ?= $(PROTOBUF_DIR)/protogen-$(PROTOGEN_FROSTFS_VERSION)
 STATICCHECK_DIR ?= $(abspath $(BIN))/staticcheck
 STATICCHECK_VERSION_DIR ?= $(STATICCHECK_DIR)/$(STATICCHECK_VERSION)

 SOURCES = $(shell find . -type f -name "*.go" -print)

-GOFUMPT_VERSION ?= v0.7.0
-GOFUMPT_DIR ?= $(abspath $(BIN))/gofumpt
-GOFUMPT_VERSION_DIR ?= $(GOFUMPT_DIR)/$(GOFUMPT_VERSION)
-
 GOPLS_VERSION ?= v0.15.1
 GOPLS_DIR ?= $(abspath $(BIN))/gopls
 GOPLS_VERSION_DIR ?= $(GOPLS_DIR)/$(GOPLS_VERSION)
@ -52,7 +56,7 @@ LOCODE_DB_PATH=$(abspath ./.cache/locode_db)
 LOCODE_DB_VERSION=v0.4.0

 .PHONY: help all images dep clean fmts fumpt imports test lint docker/lint
-		prepare-release pre-commit unpre-commit
+		prepare-release debpackage pre-commit unpre-commit

 # To build a specific binary, use it's name prefix with bin/ as a target
 # For example `make bin/frostfs-node` will build only storage node binary
@ -99,15 +103,17 @@ export-metrics: dep

 # Regenerate proto files:
 protoc:
-	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
+	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOC_GEN_GO_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
 		make protoc-install; \
 	fi
 	@for f in `find . -type f -name '*.proto' -not -path './bin/*'`; do \
 		echo "⇒ Processing $$f "; \
 		$(PROTOC_DIR)/bin/protoc \
 			--proto_path=.:$(PROTOC_DIR)/include:/usr/local/include \
+			--plugin=protoc-gen-go=$(PROTOC_GEN_GO_DIR)/protoc-gen-go \
 			--plugin=protoc-gen-go-frostfs=$(PROTOGEN_FROSTFS_DIR)/protogen \
 			--go-frostfs_out=. --go-frostfs_opt=paths=source_relative \
+			--go_out=. --go_opt=paths=source_relative \
 			--go-grpc_opt=require_unimplemented_servers=false \
 			--go-grpc_out=. --go-grpc_opt=paths=source_relative $$f; \
 	done
@ -120,8 +126,10 @@ protoc-install:
 	@wget -q -O $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip 'https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/protoc-$(PROTOC_VERSION)-$(PROTOC_OS_VERSION).zip'
 	@unzip -q -o $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip -d $(PROTOC_DIR)
 	@rm $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip
+	@echo "⇒ Installing protoc-gen-go..."
+	@GOBIN=$(PROTOC_GEN_GO_DIR) go install -v google.golang.org/protobuf/...@$(PROTOC_GEN_GO_VERSION)
 	@echo "⇒ Instaling protogen FrostFS plugin..."
-	@GOBIN=$(PROTOGEN_FROSTFS_DIR) go install -mod=mod -v git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/util/protogen@$(PROTOGEN_FROSTFS_VERSION)
+	@GOBIN=$(PROTOGEN_FROSTFS_DIR) go install -mod=mod -v git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/util/protogen@$(PROTOGEN_FROSTFS_VERSION)

 # Build FrostFS component's docker image
 image-%:
@ -157,19 +165,10 @@ imports:
 	@echo "⇒ Processing goimports check"
 	@goimports -w cmd/ pkg/ misc/

-# Install gofumpt
-fumpt-install:
-	@rm -rf $(GOFUMPT_DIR)
-	@mkdir $(GOFUMPT_DIR)
-	@GOBIN=$(GOFUMPT_VERSION_DIR) go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION)
-
 # Run gofumpt
 fumpt:
-	@if [ ! -d "$(GOFUMPT_VERSION_DIR)" ]; then \
-		make fumpt-install; \
-	fi
 	@echo "⇒ Processing gofumpt check"
-	$(GOFUMPT_VERSION_DIR)/gofumpt -l -w cmd/ pkg/ misc/
+	@gofumpt -l -w cmd/ pkg/ misc/

 # Run Unit Test with go test
 test: GOFLAGS ?= "-count=1"
@ -191,7 +190,7 @@ lint-install:
 	@@make -C $(TMP_DIR)/linters lib CGO_ENABLED=1 OUT_DIR=$(OUTPUT_LINT_DIR)
 	@rm -rf $(TMP_DIR)/linters
 	@rmdir $(TMP_DIR) 2>/dev/null || true
-	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install -trimpath github.com/golangci/golangci-lint/cmd/golangci-lint@v$(LINT_VERSION)
+	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install github.com/golangci/golangci-lint/cmd/golangci-lint@v$(LINT_VERSION)

 # Run linters
 lint:
@ -257,6 +256,19 @@ clean:
 	rm -rf $(BIN)
 	rm -rf $(RELEASE)

+# Package for Debian
+debpackage:
+	dch -b --package frostfs-node \
+			--controlmaint \
+			--newversion $(PKG_VERSION) \
+			--distribution $(OS_RELEASE) \
+			"Please see CHANGELOG.md for code changes for $(VERSION)"
+	dpkg-buildpackage --no-sign -b
+
+# Cleanup deb package build directories
+debclean:
+	dh clean
+
 # Download locode database
 locode-download:
 	mkdir -p $(TMP_DIR)
@ -282,6 +294,7 @@ env-up: all

 # Shutdown dev environment
 env-down:
-	docker compose -f dev/docker-compose.yml down -v
+	docker compose -f dev/docker-compose.yml down
+	docker volume rm -f frostfs-node_neo-go
 	rm -rf ./$(TMP_DIR)/state
 	rm -rf ./$(TMP_DIR)/storage
--- a/README.md
+++ b/README.md
@ -1,5 +1,5 @@
 <p align="center">
-  <img src="./.forgejo/logo.svg" width="500px" alt="FrostFS">
+  <img src="./.github/logo.svg" width="500px" alt="FrostFS">
 </p>

 <p align="center">
@ -7,8 +7,9 @@
 </p>

 ---
-[![Report](https://goreportcard.com/badge/git.frostfs.info/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/git.frostfs.info/TrueCloudLab/frostfs-node)
-![Release (latest)](https://git.frostfs.info/TrueCloudLab/frostfs-node/badges/release.svg)
+[![Report](https://goreportcard.com/badge/github.com/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/github.com/TrueCloudLab/frostfs-node)
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/TrueCloudLab/frostfs-node?sort=semver)
+![License](https://img.shields.io/github/license/TrueCloudLab/frostfs-node.svg?style=popout)

 # Overview

@ -32,8 +33,8 @@ manipulate large amounts of data without paying a prohibitive price.

 FrostFS has a native [gRPC API](https://git.frostfs.info/TrueCloudLab/frostfs-api) and has
 protocol gateways for popular protocols such as [AWS
-S3](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw),
-[HTTP](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw),
+S3](https://github.com/TrueCloudLab/frostfs-s3-gw),
+[HTTP](https://github.com/TrueCloudLab/frostfs-http-gw),
 [FUSE](https://wikipedia.org/wiki/Filesystem_in_Userspace) and
 [sFTP](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol) allowing
 developers to integrate applications without rewriting their code.
@ -44,11 +45,11 @@ Now, we only support GNU/Linux on amd64 CPUs with AVX/AVX2 instructions. More
 platforms will be officially supported after release `1.0`.

 The latest version of frostfs-node works with frostfs-contract
-[v0.19.2](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/tag/v0.19.2).
+[v0.16.0](https://github.com/TrueCloudLab/frostfs-contract/releases/tag/v0.16.0).

 # Building

-To make all binaries you need Go 1.22+ and `make`:
+To make all binaries you need Go 1.21+ and `make`:
 ```
 make all
 ```
@ -70,7 +71,7 @@ make docker/bin/frostfs-<name> # build a specific binary

 ## Docker images

-To make docker images suitable for use in [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/) use:
+To make docker images suitable for use in [frostfs-dev-env](https://github.com/TrueCloudLab/frostfs-dev-env/) use:
 ```
 make images
 ```
@ -98,7 +99,7 @@ See `frostfs-contract`'s README.md for build instructions.
 4. To create container and put object into it run (container and object IDs will be different):

 ```
-./bin/frostfs-cli container create -r 127.0.0.1:8080 --wallet ./dev/wallet.json --policy "REP 1 IN X CBF 1 SELECT 1 FROM * AS X" --await
+./bin/frostfs-cli container create -r 127.0.0.1:8080 --wallet ./dev/wallet.json --policy "REP 1 IN X CBF 1 SELECT 1 FROM * AS X" --basic-acl public-read-write --await
 Enter password >  <- press ENTER, the is no password for wallet
 CID: CfPhEuHQ2PRvM4gfBQDC4dWZY3NccovyfcnEdiq2ixju

@ -124,7 +125,7 @@ the feature/topic you are going to implement.

 # Credits

-FrostFS is maintained by [True Cloud Lab](https://git.frostfs.info/TrueCloudLab/) with the help and
+FrostFS is maintained by [True Cloud Lab](https://github.com/TrueCloudLab/) with the help and
 contributions from community members.

 Please see [CREDITS](CREDITS.md) for details.
--- a/2
+++ b/2
@ -1 +1 @@
-v0.44.0
+v0.42.0
--- a/cmd/frostfs-adm/docs/deploy.md
+++ b/cmd/frostfs-adm/docs/deploy.md
@ -9,8 +9,8 @@ related configuration details.

 To follow this guide you need:
 - latest released version of [neo-go](https://github.com/nspcc-dev/neo-go/releases) (v0.97.2 at the moment),
- latest released version of [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/releases) utility (v0.42.9 at the moment),
- latest released version of compiled [frostfs-contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases) (v0.19.2 at the moment).
+- latest released version of [frostfs-adm](https://github.com/TrueCloudLab/frostfs-node/releases) utility (v0.25.1 at the moment),
+- latest released version of compiled [frostfs-contract](https://github.com/TrueCloudLab/frostfs-contract/releases) (v0.11.0 at the moment).

 ## Step 1: Prepare network configuration

--- a/cmd/frostfs-adm/internal/commonflags/flags.go
+++ b/cmd/frostfs-adm/internal/commonflags/flags.go
@ -20,7 +20,6 @@ const (
 	AlphabetWalletsFlagDesc = "Path to alphabet wallets dir"

 	LocalDumpFlag                   = "local-dump"
-	ProtoConfigPath                 = "protocol"
 	ContractsInitFlag               = "contracts"
 	ContractsInitFlagDesc           = "Path to archive with compiled FrostFS contracts (the default is to fetch the latest release from the official repository)"
 	ContractsURLFlag                = "contracts-url"
--- a/cmd/frostfs-adm/internal/modules/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/config/config.go
@ -128,7 +128,7 @@ func generateConfigExample(appDir string, credSize int) (string, error) {
 	tmpl.AlphabetDir = filepath.Join(appDir, "alphabet-wallets")

 	var i innerring.GlagoliticLetter
-	for i = range innerring.GlagoliticLetter(credSize) {
+	for i = 0; i < innerring.GlagoliticLetter(credSize); i++ {
 		tmpl.Glagolitics = append(tmpl.Glagolitics, i.String())
 	}

--- a/cmd/frostfs-adm/internal/modules/metabase/root.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/root.go
@ -1,15 +0,0 @@
-package metabase
-
-import "github.com/spf13/cobra"
-
-// RootCmd is a root command of config section.
-var RootCmd = &cobra.Command{
-	Use:   "metabase",
-	Short: "Section for metabase commands",
-}
-
-func init() {
-	RootCmd.AddCommand(UpgradeCmd)
-
-	initUpgradeCommand()
-}
--- a/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
@ -1,150 +0,0 @@
-package metabase
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"sync"
-	"time"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
-	engineconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine"
-	shardconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard"
-	morphconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/morph"
-	nodeconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/node"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
-	meta "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/metabase"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
-	morphcontainer "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client/container"
-	"github.com/spf13/cobra"
-	"golang.org/x/sync/errgroup"
-)
-
-const (
-	noCompactFlag = "no-compact"
-)
-
-var (
-	errNoPathsFound          = errors.New("no metabase paths found")
-	errNoMorphEndpointsFound = errors.New("no morph endpoints found")
-)
-
-var UpgradeCmd = &cobra.Command{
-	Use:   "upgrade",
-	Short: "Upgrade metabase to latest version",
-	RunE:  upgrade,
-}
-
-func upgrade(cmd *cobra.Command, _ []string) error {
-	configFile, err := cmd.Flags().GetString(commonflags.ConfigFlag)
-	if err != nil {
-		return err
-	}
-	configDir, err := cmd.Flags().GetString(commonflags.ConfigDirFlag)
-	if err != nil {
-		return err
-	}
-	appCfg := config.New(configFile, configDir, config.EnvPrefix)
-	paths, err := getMetabasePaths(appCfg)
-	if err != nil {
-		return err
-	}
-	if len(paths) == 0 {
-		return errNoPathsFound
-	}
-	cmd.Println("found", len(paths), "metabases:")
-	for i, path := range paths {
-		cmd.Println(i+1, ":", path)
-	}
-	mc, err := createMorphClient(cmd.Context(), appCfg)
-	if err != nil {
-		return err
-	}
-	defer mc.Close()
-	civ, err := createContainerInfoProvider(mc)
-	if err != nil {
-		return err
-	}
-	noCompact, _ := cmd.Flags().GetBool(noCompactFlag)
-	result := make(map[string]bool)
-	var resultGuard sync.Mutex
-	eg, ctx := errgroup.WithContext(cmd.Context())
-	for _, path := range paths {
-		eg.Go(func() error {
-			var success bool
-			cmd.Println("upgrading metabase", path, "...")
-			if err := meta.Upgrade(ctx, path, !noCompact, civ, func(a ...any) {
-				cmd.Println(append([]any{time.Now().Format(time.RFC3339), ":", path, ":"}, a...)...)
-			}); err != nil {
-				cmd.Println("error: failed to upgrade metabase", path, ":", err)
-			} else {
-				success = true
-				cmd.Println("metabase", path, "upgraded successfully")
-			}
-			resultGuard.Lock()
-			result[path] = success
-			resultGuard.Unlock()
-			return nil
-		})
-	}
-	if err := eg.Wait(); err != nil {
-		return err
-	}
-	for mb, ok := range result {
-		if ok {
-			cmd.Println(mb, ": success")
-		} else {
-			cmd.Println(mb, ": failed")
-		}
-	}
-	return nil
-}
-
-func getMetabasePaths(appCfg *config.Config) ([]string, error) {
-	var paths []string
-	if err := engineconfig.IterateShards(appCfg, false, func(sc *shardconfig.Config) error {
-		paths = append(paths, sc.Metabase().Path())
-		return nil
-	}); err != nil {
-		return nil, fmt.Errorf("get metabase paths: %w", err)
-	}
-	return paths, nil
-}
-
-func createMorphClient(ctx context.Context, appCfg *config.Config) (*client.Client, error) {
-	addresses := morphconfig.RPCEndpoint(appCfg)
-	if len(addresses) == 0 {
-		return nil, errNoMorphEndpointsFound
-	}
-	key := nodeconfig.Key(appCfg)
-	cli, err := client.New(ctx,
-		key,
-		client.WithDialTimeout(morphconfig.DialTimeout(appCfg)),
-		client.WithEndpoints(addresses...),
-		client.WithSwitchInterval(morphconfig.SwitchInterval(appCfg)),
-	)
-	if err != nil {
-		return nil, fmt.Errorf("create morph client:%w", err)
-	}
-	return cli, nil
-}
-
-func createContainerInfoProvider(cli *client.Client) (container.InfoProvider, error) {
-	sh, err := cli.NNSContractAddress(client.NNSContainerContractName)
-	if err != nil {
-		return nil, fmt.Errorf("resolve container contract hash: %w", err)
-	}
-	cc, err := morphcontainer.NewFromMorph(cli, sh, 0, morphcontainer.TryNotary())
-	if err != nil {
-		return nil, fmt.Errorf("create morph container client: %w", err)
-	}
-	return container.NewInfoProvider(func() (container.Source, error) {
-		return morphcontainer.AsContainerSource(cc), nil
-	}), nil
-}
-
-func initUpgradeCommand() {
-	flags := UpgradeCmd.Flags()
-	flags.Bool(noCompactFlag, false, "Do not compact upgraded metabase file")
-}
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
@ -5,19 +5,35 @@ import (
 	"encoding/json"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
+	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )

 const (
-	jsonFlag      = "json"
-	jsonFlagDesc  = "Output rule chains in JSON format"
-	addrAdminFlag = "addr"
-	addrAdminDesc = "The address of the admins wallet"
+	namespaceTarget   = "namespace"
+	containerTarget   = "container"
+	userTarget        = "user"
+	groupTarget       = "group"
+	jsonFlag          = "json"
+	jsonFlagDesc      = "Output rule chains in JSON format"
+	chainIDFlag       = "chain-id"
+	chainIDDesc       = "Rule chain ID"
+	ruleFlag          = "rule"
+	ruleFlagDesc      = "Rule chain in text format"
+	pathFlag          = "path"
+	pathFlagDesc      = "path to encoded chain in JSON or binary format"
+	targetNameFlag    = "target-name"
+	targetNameDesc    = "Resource name in APE resource name format"
+	targetTypeFlag    = "target-type"
+	targetTypeDesc    = "Resource type(container/namespace)"
+	addrAdminFlag     = "addr"
+	addrAdminDesc     = "The address of the admins wallet"
+	chainNameFlag     = "chain-name"
+	chainNameFlagDesc = "Chain name(ingress|s3)"
 )

 var (
@ -85,17 +101,17 @@ func initAddRuleChainCmd() {
 	addRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	addRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

-	addRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	addRuleChainCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.TargetNameFlag)
+	addRuleChainCmd.Flags().String(targetTypeFlag, "", targetTypeDesc)
+	_ = addRuleChainCmd.MarkFlagRequired(targetTypeFlag)
+	addRuleChainCmd.Flags().String(targetNameFlag, "", targetNameDesc)
+	_ = addRuleChainCmd.MarkFlagRequired(targetNameFlag)

-	addRuleChainCmd.Flags().String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.ChainIDFlag)
-	addRuleChainCmd.Flags().StringArray(apeCmd.RuleFlag, []string{}, apeCmd.RuleFlagDesc)
-	addRuleChainCmd.Flags().String(apeCmd.PathFlag, "", apeCmd.PathFlagDesc)
-	addRuleChainCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
-	addRuleChainCmd.MarkFlagsMutuallyExclusive(apeCmd.RuleFlag, apeCmd.PathFlag)
+	addRuleChainCmd.Flags().String(chainIDFlag, "", chainIDDesc)
+	_ = addRuleChainCmd.MarkFlagRequired(chainIDFlag)
+	addRuleChainCmd.Flags().StringArray(ruleFlag, []string{}, ruleFlagDesc)
+	addRuleChainCmd.Flags().String(pathFlag, "", pathFlagDesc)
+	addRuleChainCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
+	addRuleChainCmd.MarkFlagsMutuallyExclusive(ruleFlag, pathFlag)
 }

 func initRemoveRuleChainCmd() {
@ -104,25 +120,26 @@ func initRemoveRuleChainCmd() {
 	removeRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	removeRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

-	removeRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = removeRuleChainCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	removeRuleChainCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	_ = removeRuleChainCmd.MarkFlagRequired(apeCmd.TargetNameFlag)
-	removeRuleChainCmd.Flags().String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
-	removeRuleChainCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
+	removeRuleChainCmd.Flags().String(targetTypeFlag, "", targetTypeDesc)
+	_ = removeRuleChainCmd.MarkFlagRequired(targetTypeFlag)
+	removeRuleChainCmd.Flags().String(targetNameFlag, "", targetNameDesc)
+	_ = removeRuleChainCmd.MarkFlagRequired(targetNameFlag)
+	removeRuleChainCmd.Flags().String(chainIDFlag, "", chainIDDesc)
+	removeRuleChainCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
 	removeRuleChainCmd.Flags().Bool(commonflags.AllFlag, false, "Remove all chains for target")
-	removeRuleChainCmd.MarkFlagsMutuallyExclusive(commonflags.AllFlag, apeCmd.ChainIDFlag)
+	removeRuleChainCmd.MarkFlagsMutuallyExclusive(commonflags.AllFlag, chainIDFlag)
 }

 func initListRuleChainsCmd() {
 	Cmd.AddCommand(listRuleChainsCmd)

 	listRuleChainsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	listRuleChainsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
-	_ = listRuleChainsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	listRuleChainsCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	listRuleChainsCmd.Flags().StringP(targetTypeFlag, "t", "", targetTypeDesc)
+	_ = listRuleChainsCmd.MarkFlagRequired(targetTypeFlag)
+	listRuleChainsCmd.Flags().String(targetNameFlag, "", targetNameDesc)
+	_ = listRuleChainsCmd.MarkFlagRequired(targetNameFlag)
 	listRuleChainsCmd.Flags().Bool(jsonFlag, false, jsonFlagDesc)
-	listRuleChainsCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
+	listRuleChainsCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
 }

 func initSetAdminCmd() {
@ -144,15 +161,15 @@ func initListTargetsCmd() {
 	Cmd.AddCommand(listTargetsCmd)

 	listTargetsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	listTargetsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
-	_ = listTargetsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	listTargetsCmd.Flags().StringP(targetTypeFlag, "t", "", targetTypeDesc)
+	_ = listTargetsCmd.MarkFlagRequired(targetTypeFlag)
 }

 func addRuleChain(cmd *cobra.Command, _ []string) {
-	chain := apeCmd.ParseChain(cmd)
+	chain := parseChain(cmd)
 	target := parseTarget(cmd)
 	pci, ac := newPolicyContractInterface(cmd)
-	h, vub, err := pci.AddMorphRuleChain(apeCmd.ParseChainName(cmd), target, chain)
+	h, vub, err := pci.AddMorphRuleChain(parseChainName(cmd), target, chain)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = ac.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "add rule chain error: %w", err)
@ -164,14 +181,14 @@ func removeRuleChain(cmd *cobra.Command, _ []string) {
 	pci, ac := newPolicyContractInterface(cmd)
 	removeAll, _ := cmd.Flags().GetBool(commonflags.AllFlag)
 	if removeAll {
-		h, vub, err := pci.RemoveMorphRuleChainsByTarget(apeCmd.ParseChainName(cmd), target)
+		h, vub, err := pci.RemoveMorphRuleChainsByTarget(parseChainName(cmd), target)
 		cmd.Println("Waiting for transaction to persist...")
 		_, err = ac.Wait(h, vub, err)
 		commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
 		cmd.Println("All chains for target removed successfully")
 	} else {
-		chainID := apeCmd.ParseChainID(cmd)
-		h, vub, err := pci.RemoveMorphRuleChain(apeCmd.ParseChainName(cmd), target, chainID)
+		chainID := parseChainID(cmd)
+		h, vub, err := pci.RemoveMorphRuleChain(parseChainName(cmd), target, chainID)
 		cmd.Println("Waiting for transaction to persist...")
 		_, err = ac.Wait(h, vub, err)
 		commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
@ -182,7 +199,7 @@ func removeRuleChain(cmd *cobra.Command, _ []string) {
 func listRuleChains(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
 	pci, _ := newPolicyContractReaderInterface(cmd)
-	chains, err := pci.ListMorphRuleChains(apeCmd.ParseChainName(cmd), target)
+	chains, err := pci.ListMorphRuleChains(parseChainName(cmd), target)
 	commonCmd.ExitOnErr(cmd, "list rule chains error: %w", err)
 	if len(chains) == 0 {
 		return
@ -193,14 +210,14 @@ func listRuleChains(cmd *cobra.Command, _ []string) {
 		prettyJSONFormat(cmd, chains)
 	} else {
 		for _, c := range chains {
-			apeCmd.PrintHumanReadableAPEChain(cmd, c)
+			parseutil.PrintHumanReadableAPEChain(cmd, c)
 		}
 	}
 }

 func setAdmin(cmd *cobra.Command, _ []string) {
 	s, _ := cmd.Flags().GetString(addrAdminFlag)
-	addr, err := address.StringToUint160(s)
+	addr, err := util.Uint160DecodeStringLE(s)
 	commonCmd.ExitOnErr(cmd, "can't decode admin addr: %w", err)
 	pci, ac := newPolicyContractInterface(cmd)
 	h, vub, err := pci.SetAdmin(addr)
@ -214,11 +231,12 @@ func getAdmin(cmd *cobra.Command, _ []string) {
 	pci, _ := newPolicyContractReaderInterface(cmd)
 	addr, err := pci.GetAdmin()
 	commonCmd.ExitOnErr(cmd, "unable to get admin: %w", err)
-	cmd.Println(address.Uint160ToString(addr))
+	cmd.Println(addr.StringLE())
 }

 func listTargets(cmd *cobra.Command, _ []string) {
-	typ := apeCmd.ParseTargetType(cmd)
+	typ, err := parseTargetType(cmd)
+	commonCmd.ExitOnErr(cmd, "parse target type error: %w", err)
 	pci, inv := newPolicyContractReaderInterface(cmd)

 	sid, it, err := pci.ListTargetsIterator(typ)
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
@ -2,12 +2,13 @@ package ape

 import (
 	"errors"
+	"strings"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
+	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	policyengine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
 	morph "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
@ -17,29 +18,90 @@ import (
 	"github.com/spf13/viper"
 )

-var errUnknownTargetType = errors.New("unknown target type")
+const (
+	ingress = "ingress"
+	s3      = "s3"
+)
+
+var mChainName = map[string]apechain.Name{
+	ingress: apechain.Ingress,
+	s3:      apechain.S3,
+}
+
+var (
+	errUnknownTargetType    = errors.New("unknown target type")
+	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
+	errRuleIsNotParsed      = errors.New("rule is not passed")
+	errUnsupportedChainName = errors.New("unsupported chain name")
+)

 func parseTarget(cmd *cobra.Command) policyengine.Target {
-	typ := apeCmd.ParseTargetType(cmd)
-	name, _ := cmd.Flags().GetString(apeCmd.TargetNameFlag)
-	switch typ {
-	case policyengine.Namespace:
-		if name == "root" {
-			name = ""
-		}
-		return policyengine.NamespaceTarget(name)
-	case policyengine.Container:
-		var cnr cid.ID
-		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
-		return policyengine.ContainerTarget(name)
-	case policyengine.User:
-		return policyengine.UserTarget(name)
-	case policyengine.Group:
-		return policyengine.GroupTarget(name)
-	default:
-		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
+	name, _ := cmd.Flags().GetString(targetNameFlag)
+	typ, err := parseTargetType(cmd)
+
+	// interpret "root" namespace as empty
+	if typ == policyengine.Namespace && name == "root" {
+		name = ""
 	}
-	panic("unreachable")
+
+	commonCmd.ExitOnErr(cmd, "read target type error: %w", err)
+
+	return policyengine.Target{
+		Name: name,
+		Type: typ,
+	}
+}
+
+func parseTargetType(cmd *cobra.Command) (policyengine.TargetType, error) {
+	typ, _ := cmd.Flags().GetString(targetTypeFlag)
+	switch typ {
+	case namespaceTarget:
+		return policyengine.Namespace, nil
+	case containerTarget:
+		return policyengine.Container, nil
+	case userTarget:
+		return policyengine.User, nil
+	case groupTarget:
+		return policyengine.Group, nil
+	}
+	return -1, errUnknownTargetType
+}
+
+func parseChainID(cmd *cobra.Command) apechain.ID {
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	if chainID == "" {
+		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
+			errChainIDCannotBeEmpty)
+	}
+	return apechain.ID(chainID)
+}
+
+func parseChain(cmd *cobra.Command) *apechain.Chain {
+	chain := new(apechain.Chain)
+
+	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", parseutil.ParseAPEChain(chain, rules))
+	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
+		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
+	} else {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
+	}
+
+	chain.ID = parseChainID(cmd)
+
+	cmd.Println("Parsed chain:")
+	parseutil.PrintHumanReadableAPEChain(cmd, chain)
+
+	return chain
+}
+
+func parseChainName(cmd *cobra.Command) apechain.Name {
+	chainName, _ := cmd.Flags().GetString(chainNameFlag)
+	apeChainName, ok := mChainName[strings.ToLower(chainName)]
+	if !ok {
+		commonCmd.ExitOnErr(cmd, "", errUnsupportedChainName)
+	}
+	return apeChainName
 }

 // invokerAdapter adapats invoker.Invoker to ContractStorageInvoker interface.
@ -53,15 +115,16 @@ func (n *invokerAdapter) GetRPCInvoker() invoker.RPCInvoke {
 }

 func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorageReader, *invoker.Invoker) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

 	inv := invoker.New(c, nil)
+	var ch util.Uint160
 	r := management.NewReader(inv)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)

-	ch, err := helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
+	ch, err = helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
 	commonCmd.ExitOnErr(cmd, "unable to resolve policy contract hash: %w", err)

 	invokerAdapter := &invokerAdapter{
@ -73,10 +136,10 @@ func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorag
 }

 func newPolicyContractInterface(cmd *cobra.Command) (*morph.ContractStorage, *helper.LocalActor) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

-	ac, err := helper.NewLocalActor(cmd, c, constants.ConsensusAccountName)
+	ac, err := helper.NewLocalActor(cmd, c)
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)

 	var ch util.Uint160
--- a/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
+++ b/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
@ -51,7 +51,7 @@ func dumpBalances(cmd *cobra.Command, _ []string) error {
 		nmHash          util.Uint160
 	)

-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/config.go
@ -26,7 +26,7 @@ import (
 const forceConfigSet = "force"

 func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/constants/const.go
+++ b/cmd/frostfs-adm/internal/modules/morph/constants/const.go
@ -4,6 +4,7 @@ import "time"

 const (
 	ConsensusAccountName = "consensus"
+	ProtoConfigPath      = "protocol"

 	// MaxAlphabetNodes is the maximum number of candidates allowed, which is currently limited by the size
 	// of the invocation script.
--- a/cmd/frostfs-adm/internal/modules/morph/container/container.go
+++ b/cmd/frostfs-adm/internal/modules/morph/container/container.go
@ -76,7 +76,7 @@ func dumpContainers(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("invalid filename: %w", err)
 	}

-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -139,12 +139,13 @@ func dumpContainers(cmd *cobra.Command, _ []string) error {
 func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invoker, id []byte) (*Container, error) {
 	bw.Reset()
 	emit.AppCall(bw.BinWriter, ch, "get", callflag.All, id)
+	emit.AppCall(bw.BinWriter, ch, "eACL", callflag.All, id)
 	res, err := inv.Run(bw.Bytes())
 	if err != nil {
 		return nil, fmt.Errorf("can't get container info: %w", err)
 	}
-	if len(res.Stack) != 1 {
-		return nil, fmt.Errorf("%w: expected 1 items on stack", errInvalidContainerResponse)
+	if len(res.Stack) != 2 {
+		return nil, fmt.Errorf("%w: expected 2 items on stack", errInvalidContainerResponse)
 	}

 	cnt := new(Container)
@ -153,11 +154,19 @@ func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invo
 		return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
 	}

+	ea := new(EACL)
+	err = ea.FromStackItem(res.Stack[1])
+	if err != nil {
+		return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
+	}
+	if len(ea.Value) != 0 {
+		cnt.EACL = ea
+	}
 	return cnt, nil
 }

 func listContainers(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -249,6 +258,10 @@ func restoreOrPutContainers(containers []Container, isOK func([]byte) bool, cmd
 func putContainer(bw *io.BufBinWriter, ch util.Uint160, cnt Container) {
 	emit.AppCall(bw.BinWriter, ch, "put", callflag.All,
 		cnt.Value, cnt.Signature, cnt.PublicKey, cnt.Token)
+	if ea := cnt.EACL; ea != nil {
+		emit.AppCall(bw.BinWriter, ch, "setEACL", callflag.All,
+			ea.Value, ea.Signature, ea.PublicKey, ea.Token)
+	}
 }

 func isContainerRestored(cmd *cobra.Command, wCtx *helper.InitializeContext, containerHash util.Uint160, bw *io.BufBinWriter, hashValue util.Uint256) (bool, error) {
@ -309,6 +322,15 @@ type Container struct {
 	Signature []byte `json:"signature"`
 	PublicKey []byte `json:"public_key"`
 	Token     []byte `json:"token"`
+	EACL      *EACL  `json:"eacl"`
+}
+
+// EACL represents extended ACL struct in contract storage.
+type EACL struct {
+	Value     []byte `json:"value"`
+	Signature []byte `json:"signature"`
+	PublicKey []byte `json:"public_key"`
+	Token     []byte `json:"token"`
 }

 // ToStackItem implements stackitem.Convertible.
@ -355,6 +377,50 @@ func (c *Container) FromStackItem(item stackitem.Item) error {
 	return nil
 }

+// ToStackItem implements stackitem.Convertible.
+func (c *EACL) ToStackItem() (stackitem.Item, error) {
+	return stackitem.NewStruct([]stackitem.Item{
+		stackitem.NewByteArray(c.Value),
+		stackitem.NewByteArray(c.Signature),
+		stackitem.NewByteArray(c.PublicKey),
+		stackitem.NewByteArray(c.Token),
+	}), nil
+}
+
+// FromStackItem implements stackitem.Convertible.
+func (c *EACL) FromStackItem(item stackitem.Item) error {
+	arr, ok := item.Value().([]stackitem.Item)
+	if !ok || len(arr) != 4 {
+		return errors.New("invalid stack item type")
+	}
+
+	value, err := arr[0].TryBytes()
+	if err != nil {
+		return errors.New("invalid eACL value")
+	}
+
+	sig, err := arr[1].TryBytes()
+	if err != nil {
+		return errors.New("invalid eACL signature")
+	}
+
+	pub, err := arr[2].TryBytes()
+	if err != nil {
+		return errors.New("invalid eACL public key")
+	}
+
+	tok, err := arr[3].TryBytes()
+	if err != nil {
+		return errors.New("invalid eACL token")
+	}
+
+	c.Value = value
+	c.Signature = sig
+	c.PublicKey = pub
+	c.Token = tok
+	return nil
+}
+
 // getCIDFilterFunc returns filtering function for container IDs.
 // Raw byte slices are used because it works with structures returned
 // from contract.
--- a/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
@ -36,7 +36,7 @@ type contractDumpInfo struct {
 }

 func dumpContractHashes(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -68,7 +68,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {

 	if irSize != 0 {
 		bw.Reset()
-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			emit.AppCall(bw.BinWriter, cs.Hash, "resolve", callflag.ReadOnly,
 				helper.GetAlphabetNNSDomain(i),
 				int64(nns.TXT))
@ -79,7 +79,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 			return fmt.Errorf("can't fetch info from NNS: %w", err)
 		}

-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			info := contractDumpInfo{name: fmt.Sprintf("alphabet %d", i)}
 			if h, err := helper.ParseNNSResolveResult(alphaRes.Stack[i]); err == nil {
 				info.hash = h
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
@ -1,83 +0,0 @@
-package frostfsid
-
-import (
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
-	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
-)
-
-var (
-	frostfsidAddSubjectKeyCmd = &cobra.Command{
-		Use:   "add-subject-key",
-		Short: "Add a public key to the subject in frostfsid contract",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-		},
-		Run: frostfsidAddSubjectKey,
-	}
-	frostfsidRemoveSubjectKeyCmd = &cobra.Command{
-		Use:   "remove-subject-key",
-		Short: "Remove a public key from the subject in frostfsid contract",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-		},
-		Run: frostfsidRemoveSubjectKey,
-	}
-)
-
-func initFrostfsIDAddSubjectKeyCmd() {
-	Cmd.AddCommand(frostfsidAddSubjectKeyCmd)
-
-	ff := frostfsidAddSubjectKeyCmd.Flags()
-	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-
-	ff.String(subjectAddressFlag, "", "Subject address")
-	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectAddressFlag)
-
-	ff.String(subjectKeyFlag, "", "Public key to add")
-	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectKeyFlag)
-}
-
-func initFrostfsIDRemoveSubjectKeyCmd() {
-	Cmd.AddCommand(frostfsidRemoveSubjectKeyCmd)
-
-	ff := frostfsidRemoveSubjectKeyCmd.Flags()
-	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-
-	ff.String(subjectAddressFlag, "", "Subject address")
-	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectAddressFlag)
-
-	ff.String(subjectKeyFlag, "", "Public key to remove")
-	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectKeyFlag)
-}
-
-func frostfsidAddSubjectKey(cmd *cobra.Command, _ []string) {
-	addr := getFrostfsIDSubjectAddress(cmd)
-	pub := getFrostfsIDSubjectKey(cmd)
-
-	ffsid, err := newFrostfsIDClient(cmd)
-	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
-
-	ffsid.addCall(ffsid.roCli.AddSubjectKeyCall(addr, pub))
-
-	err = ffsid.sendWait()
-	commonCmd.ExitOnErr(cmd, "add subject key: %w", err)
-}
-
-func frostfsidRemoveSubjectKey(cmd *cobra.Command, _ []string) {
-	addr := getFrostfsIDSubjectAddress(cmd)
-	pub := getFrostfsIDSubjectKey(cmd)
-
-	ffsid, err := newFrostfsIDClient(cmd)
-	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
-
-	ffsid.addCall(ffsid.roCli.RemoveSubjectKeyCall(addr, pub))
-
-	err = ffsid.sendWait()
-	commonCmd.ExitOnErr(cmd, "remove subject key: %w", err)
-}
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
@ -1,6 +1,7 @@
 package frostfsid

 import (
+	"errors"
 	"fmt"
 	"math/big"
 	"sort"
@ -60,6 +61,7 @@ var (
 		Use:   "list-namespaces",
 		Short: "List all namespaces in frostfsid",
 		PreRun: func(cmd *cobra.Command, _ []string) {
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListNamespaces,
@ -89,6 +91,7 @@ var (
 		Use:   "list-subjects",
 		Short: "List subjects in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListSubjects,
@ -118,6 +121,7 @@ var (
 		Use:   "list-groups",
 		Short: "List groups in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListGroups,
@ -147,6 +151,7 @@ var (
 		Use:   "list-group-subjects",
 		Short: "List subjects in group",
 		PreRun: func(cmd *cobra.Command, _ []string) {
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListGroupSubjects,
@ -164,6 +169,7 @@ func initFrostfsIDCreateNamespaceCmd() {
 func initFrostfsIDListNamespacesCmd() {
 	Cmd.AddCommand(frostfsidListNamespacesCmd)
 	frostfsidListNamespacesCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	frostfsidListNamespacesCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDCreateSubjectCmd() {
@ -187,6 +193,7 @@ func initFrostfsIDListSubjectsCmd() {
 	frostfsidListSubjectsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace to list subjects")
 	frostfsidListSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
+	frostfsidListSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDCreateGroupCmd() {
@ -210,6 +217,7 @@ func initFrostfsIDListGroupsCmd() {
 	Cmd.AddCommand(frostfsidListGroupsCmd)
 	frostfsidListGroupsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListGroupsCmd.Flags().String(namespaceFlag, "", "Namespace to list groups")
+	frostfsidListGroupsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDAddSubjectToGroupCmd() {
@ -234,6 +242,7 @@ func initFrostfsIDListGroupSubjectsCmd() {
 	frostfsidListGroupSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace name")
 	frostfsidListGroupSubjectsCmd.Flags().Int64(groupIDFlag, 0, "Group id")
 	frostfsidListGroupSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
+	frostfsidListGroupSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func frostfsidCreateNamespace(cmd *cobra.Command, _ []string) {
@ -488,6 +497,10 @@ func (f *frostfsidClient) sendWaitRes() (*state.AppExecResult, error) {
 	}
 	f.bw.Reset()

+	if len(f.wCtx.SentTxs) == 0 {
+		return nil, errors.New("no transactions to wait")
+	}
+
 	f.wCtx.Command.Println("Waiting for transactions to persist...")
 	return f.roCli.Wait(f.wCtx.SentTxs[0].Hash, f.wCtx.SentTxs[0].Vub, nil)
 }
@ -509,7 +522,7 @@ func readIterator(inv *invoker.Invoker, iter *result.Iterator, batchSize int, se
 }

 func initInvoker(cmd *cobra.Command) (*invoker.Invoker, *state.Contract, util.Uint160) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
@ -1,12 +1,59 @@
 package frostfsid

 import (
+	"encoding/hex"
 	"testing"

+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/ape"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
+	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 )

+func TestFrostfsIDConfig(t *testing.T) {
+	pks := make([]*keys.PrivateKey, 4)
+	for i := range pks {
+		pk, err := keys.NewPrivateKey()
+		require.NoError(t, err)
+		pks[i] = pk
+	}
+
+	fmts := []string{
+		pks[0].GetScriptHash().StringLE(),
+		address.Uint160ToString(pks[1].GetScriptHash()),
+		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
+		hex.EncodeToString(pks[3].PublicKey().Bytes()),
+	}
+
+	for i := range fmts {
+		v := viper.New()
+		v.Set("frostfsid.admin", fmts[i])
+
+		actual, found, err := helper.GetFrostfsIDAdmin(v)
+		require.NoError(t, err)
+		require.True(t, found)
+		require.Equal(t, pks[i].GetScriptHash(), actual)
+	}
+
+	t.Run("bad key", func(t *testing.T) {
+		v := viper.New()
+		v.Set("frostfsid.admin", "abc")
+
+		_, found, err := helper.GetFrostfsIDAdmin(v)
+		require.Error(t, err)
+		require.True(t, found)
+	})
+	t.Run("missing key", func(t *testing.T) {
+		v := viper.New()
+
+		_, found, err := helper.GetFrostfsIDAdmin(v)
+		require.NoError(t, err)
+		require.False(t, found)
+	})
+}
+
 func TestNamespaceRegexp(t *testing.T) {
 	for _, tc := range []struct {
 		name      string
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
@ -12,6 +12,4 @@ func init() {
 	initFrostfsIDAddSubjectToGroupCmd()
 	initFrostfsIDRemoveSubjectFromGroupCmd()
 	initFrostfsIDListGroupSubjectsCmd()
-	initFrostfsIDAddSubjectKeyCmd()
-	initFrostfsIDRemoveSubjectKeyCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
@ -73,6 +73,7 @@ func initializeWallets(v *viper.Viper, walletDir string, size int) ([]string, er
 			return nil, fmt.Errorf("can't fetch password: %w", err)
 		}

+		i := i
 		errG.Go(func() error {
 			p := filepath.Join(walletDir, innerring.GlagoliticLetter(i).String()+".json")
 			f, err := os.OpenFile(p, os.O_CREATE, 0o644)
@ -106,6 +107,7 @@ func initializeWallets(v *viper.Viper, walletDir string, size int) ([]string, er
 	// Create consensus account with 2*N/3+1 multi-signature.
 	bftCount := smartcontract.GetDefaultHonestNodeCount(size)
 	for i := range wallets {
+		i := i
 		ps := pubs.Copy()
 		errG.Go(func() error {
 			if err := addMultisigAccount(wallets[i], majCount, constants.CommitteeAccountName, passwords[i], ps); err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
@ -63,7 +63,7 @@ func TestGenerateAlphabet(t *testing.T) {
 	buf.Reset()
 	v.Set(commonflags.AlphabetWalletsFlag, walletDir)
 	require.NoError(t, GenerateAlphabetCmd.Flags().Set(commonflags.AlphabetSizeFlag, strconv.FormatUint(size, 10)))
-	for i := range uint64(size) {
+	for i := uint64(0); i < size; i++ {
 		buf.WriteString(strconv.FormatUint(i, 10) + "\r")
 	}

--- a/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
@ -5,6 +5,7 @@ import (

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
@ -30,32 +31,42 @@ type LocalActor struct {

 // NewLocalActor create LocalActor with accounts form provided wallets.
 // In case of empty wallets provided created actor with dummy account only for read operation.
-//
-// If wallets are provided, the contract client will use accounts with accName name from these wallets.
-// To determine which account name should be used in a contract client, refer to how the contract
-// verifies the transaction signature.
-func NewLocalActor(cmd *cobra.Command, c actor.RPCActor, accName string) (*LocalActor, error) {
+func NewLocalActor(cmd *cobra.Command, c actor.RPCActor) (*LocalActor, error) {
 	walletDir := config.ResolveHomePath(viper.GetString(commonflags.AlphabetWalletsFlag))
 	var act *actor.Actor
 	var accounts []*wallet.Account
+	if walletDir == "" {
+		account, err := wallet.NewAccount()
+		commonCmd.ExitOnErr(cmd, "unable to create dummy account: %w", err)
+		act, err = actor.New(c, []actor.SignerAccount{{
+			Signer: transaction.Signer{
+				Account: account.Contract.ScriptHash(),
+				Scopes:  transaction.Global,
+			},
+			Account: account,
+		}})
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		wallets, err := GetAlphabetWallets(viper.GetViper(), walletDir)
+		commonCmd.ExitOnErr(cmd, "unable to get alphabet wallets: %w", err)

-	wallets, err := GetAlphabetWallets(viper.GetViper(), walletDir)
-	commonCmd.ExitOnErr(cmd, "unable to get alphabet wallets: %w", err)
-
-	for _, w := range wallets {
-		acc, err := GetWalletAccount(w, accName)
-		commonCmd.ExitOnErr(cmd, fmt.Sprintf("can't find %s account: %%w", accName), err)
-		accounts = append(accounts, acc)
-	}
-	act, err = actor.New(c, []actor.SignerAccount{{
-		Signer: transaction.Signer{
-			Account: accounts[0].Contract.ScriptHash(),
-			Scopes:  transaction.Global,
-		},
-		Account: accounts[0],
-	}})
-	if err != nil {
-		return nil, err
+		for _, w := range wallets {
+			acc, err := GetWalletAccount(w, constants.CommitteeAccountName)
+			commonCmd.ExitOnErr(cmd, "can't find committee account: %w", err)
+			accounts = append(accounts, acc)
+		}
+		act, err = actor.New(c, []actor.SignerAccount{{
+			Signer: transaction.Signer{
+				Account: accounts[0].Contract.ScriptHash(),
+				Scopes:  transaction.Global,
+			},
+			Account: accounts[0],
+		}})
+		if err != nil {
+			return nil, err
+		}
 	}
 	return &LocalActor{
 		neoActor:   act,
--- a/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
@ -82,7 +82,7 @@ func GetContractDeployData(c *InitializeContext, ctrName string, keysParam []any
 			h, found, err = getFrostfsIDAdminFromContract(c.ReadOnlyInvoker)
 		}
 		if method != constants.UpdateMethodName || err == nil && !found {
-			h, found, err = getFrostfsIDAdmin(viper.GetViper())
+			h, found, err = GetFrostfsIDAdmin(viper.GetViper())
 		}
 		if err != nil {
 			return nil, err
@ -166,6 +166,5 @@ func DeployNNS(c *InitializeContext, method string) error {
 		return fmt.Errorf("can't send deploy transaction: %w", err)
 	}

-	c.Command.Println("NNS hash:", invokeHash.StringLE())
 	return c.AwaitTx()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
@ -11,7 +11,7 @@ import (

 const frostfsIDAdminConfigKey = "frostfsid.admin"

-func getFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
+func GetFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
 	admin := v.GetString(frostfsIDAdminConfigKey)
 	if admin == "" {
 		return util.Uint160{}, false, nil
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
@ -1,53 +0,0 @@
-package helper
-
-import (
-	"encoding/hex"
-	"testing"
-
-	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
-	"github.com/spf13/viper"
-	"github.com/stretchr/testify/require"
-)
-
-func TestFrostfsIDConfig(t *testing.T) {
-	pks := make([]*keys.PrivateKey, 4)
-	for i := range pks {
-		pk, err := keys.NewPrivateKey()
-		require.NoError(t, err)
-		pks[i] = pk
-	}
-
-	fmts := []string{
-		pks[0].GetScriptHash().StringLE(),
-		address.Uint160ToString(pks[1].GetScriptHash()),
-		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
-		hex.EncodeToString(pks[3].PublicKey().Bytes()),
-	}
-
-	for i := range fmts {
-		v := viper.New()
-		v.Set("frostfsid.admin", fmts[i])
-
-		actual, found, err := getFrostfsIDAdmin(v)
-		require.NoError(t, err)
-		require.True(t, found)
-		require.Equal(t, pks[i].GetScriptHash(), actual)
-	}
-
-	t.Run("bad key", func(t *testing.T) {
-		v := viper.New()
-		v.Set("frostfsid.admin", "abc")
-
-		_, found, err := getFrostfsIDAdmin(v)
-		require.Error(t, err)
-		require.True(t, found)
-	})
-	t.Run("missing key", func(t *testing.T) {
-		v := viper.New()
-
-		_, found, err := getFrostfsIDAdmin(v)
-		require.NoError(t, err)
-		require.False(t, found)
-	})
-}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
@ -134,12 +134,12 @@ func NewInitializeContext(cmd *cobra.Command, v *viper.Viper) (*InitializeContex
 		return nil, err
 	}

-	accounts, err := getSingleAccounts(wallets)
+	accounts, err := createWalletAccounts(wallets)
 	if err != nil {
 		return nil, err
 	}

-	cliCtx, err := defaultClientContext(c, committeeAcc)
+	cliCtx, err := DefaultClientContext(c, committeeAcc)
 	if err != nil {
 		return nil, fmt.Errorf("client context: %w", err)
 	}
@ -191,7 +191,7 @@ func createClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet)
 		}
 		c, err = NewLocalClient(cmd, v, wallets, ldf.Value.String())
 	} else {
-		c, err = NewRemoteClient(v)
+		c, err = GetN3Client(v)
 	}
 	if err != nil {
 		return nil, fmt.Errorf("can't create N3 client: %w", err)
@ -211,7 +211,7 @@ func getContractsPath(cmd *cobra.Command, needContracts bool) (string, error) {
 	return ctrPath, nil
 }

-func getSingleAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
+func createWalletAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
 	accounts := make([]*wallet.Account, len(wallets))
 	for i, w := range wallets {
 		acc, err := GetWalletAccount(w, constants.SingleAccountName)
--- a/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
@ -8,7 +8,6 @@ import (
 	"sort"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/config"
@ -48,7 +47,7 @@ type LocalClient struct {
 }

 func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet, dumpPath string) (*LocalClient, error) {
-	cfg, err := config.LoadFile(v.GetString(commonflags.ProtoConfigPath))
+	cfg, err := config.LoadFile(v.GetString(constants.ProtoConfigPath))
 	if err != nil {
 		return nil, err
 	}
@ -58,59 +57,17 @@ func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet
 		return nil, err
 	}

-	go bc.Run()
-
-	accounts, err := getBlockSigningAccounts(cfg.ProtocolConfiguration, wallets)
-	if err != nil {
-		return nil, err
-	}
-
-	if cmd.Name() != "init" {
-		if err := restoreDump(bc, dumpPath); err != nil {
-			return nil, fmt.Errorf("restore dump: %w", err)
-		}
-	}
-
-	return &LocalClient{
-		bc:       bc,
-		dumpPath: dumpPath,
-		accounts: accounts,
-	}, nil
-}
-
-func restoreDump(bc *core.Blockchain, dumpPath string) error {
-	f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
-	if err != nil {
-		return fmt.Errorf("can't open local dump: %w", err)
-	}
-	defer f.Close()
-
-	r := io.NewBinReaderFromIO(f)
-
-	var skip uint32
-	if bc.BlockHeight() != 0 {
-		skip = bc.BlockHeight() + 1
-	}
-
-	count := r.ReadU32LE() - skip
-	if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
-		return err
-	}
-	return nil
-}
-
-func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet.Wallet) ([]*wallet.Account, error) {
+	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ProtocolConfiguration.ValidatorsCount))
 	accounts := make([]*wallet.Account, len(wallets))
 	for i := range accounts {
-		acc, err := GetWalletAccount(wallets[i], constants.ConsensusAccountName)
+		accounts[i], err = GetWalletAccount(wallets[i], constants.ConsensusAccountName)
 		if err != nil {
 			return nil, err
 		}
-		accounts[i] = acc
 	}

 	indexMap := make(map[string]int)
-	for i, pub := range cfg.StandbyCommittee {
+	for i, pub := range cfg.ProtocolConfiguration.StandbyCommittee {
 		indexMap[pub] = i
 	}

@ -119,12 +76,37 @@ func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet
 		pj := accounts[j].PrivateKey().PublicKey().Bytes()
 		return indexMap[string(pi)] < indexMap[string(pj)]
 	})
-	sort.Slice(accounts[:cfg.ValidatorsCount], func(i, j int) bool {
+	sort.Slice(accounts[:cfg.ProtocolConfiguration.ValidatorsCount], func(i, j int) bool {
 		return accounts[i].PublicKey().Cmp(accounts[j].PublicKey()) == -1
 	})

-	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ValidatorsCount))
-	return accounts[:m], nil
+	go bc.Run()
+
+	if cmd.Name() != "init" {
+		f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
+		if err != nil {
+			return nil, fmt.Errorf("can't open local dump: %w", err)
+		}
+		defer f.Close()
+
+		r := io.NewBinReaderFromIO(f)
+
+		var skip uint32
+		if bc.BlockHeight() != 0 {
+			skip = bc.BlockHeight() + 1
+		}
+
+		count := r.ReadU32LE() - skip
+		if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
+			return nil, fmt.Errorf("can't restore local dump: %w", err)
+		}
+	}
+
+	return &LocalClient{
+		bc:       bc,
+		dumpPath: dumpPath,
+		accounts: accounts[:m],
+	}, nil
 }

 func (l *LocalClient) GetBlockCount() (uint32, error) {
@ -145,6 +127,11 @@ func (l *LocalClient) GetApplicationLog(h util.Uint256, t *trigger.Type) (*resul
 	return &a, nil
 }

+func (l *LocalClient) GetCommittee() (keys.PublicKeys, error) {
+	// not used by `morph init` command
+	panic("unexpected call")
+}
+
 // InvokeFunction is implemented via `InvokeScript`.
 func (l *LocalClient) InvokeFunction(h util.Uint160, method string, sPrm []smartcontract.Parameter, ss []transaction.Signer) (*result.Invoke, error) {
 	var err error
@ -237,7 +224,7 @@ func (l *LocalClient) CalculateNetworkFee(tx *transaction.Transaction) (int64, e
 					paramz = []manifest.Parameter{{Type: smartcontract.SignatureType}}
 				} else if nSigs, _, ok := vm.ParseMultiSigContract(w.VerificationScript); ok {
 					paramz = make([]manifest.Parameter, nSigs)
-					for j := range nSigs {
+					for j := 0; j < nSigs; j++ {
 						paramz[j] = manifest.Parameter{Type: smartcontract.SignatureType}
 					}
 				}
@ -308,7 +295,13 @@ func (l *LocalClient) InvokeScript(script []byte, signers []transaction.Signer)
 }

 func (l *LocalClient) SendRawTransaction(tx *transaction.Transaction) (util.Uint256, error) {
-	tx = tx.Copy()
+	// We need to test that transaction was formed correctly to catch as many errors as we can.
+	bs := tx.Bytes()
+	_, err := transaction.NewTransactionFromBytes(bs)
+	if err != nil {
+		return tx.Hash(), fmt.Errorf("invalid transaction: %w", err)
+	}
+
 	l.transactions = append(l.transactions, tx)
 	return tx.Hash(), nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
@ -10,6 +10,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/neorpc/result"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
@ -24,10 +25,15 @@ import (
 // Client represents N3 client interface capable of test-invoking scripts
 // and sending signed transactions to chain.
 type Client interface {
-	actor.RPCActor
+	invoker.RPCInvoke

+	GetBlockCount() (uint32, error)
 	GetNativeContracts() ([]state.Contract, error)
 	GetApplicationLog(util.Uint256, *trigger.Type) (*result.ApplicationLog, error)
+	GetVersion() (*result.Version, error)
+	SendRawTransaction(*transaction.Transaction) (util.Uint256, error)
+	GetCommittee() (keys.PublicKeys, error)
+	CalculateNetworkFee(tx *transaction.Transaction) (int64, error)
 }

 type HashVUBPair struct {
@ -42,7 +48,7 @@ type ClientContext struct {
 	SentTxs         []HashVUBPair
 }

-func NewRemoteClient(v *viper.Viper) (Client, error) {
+func GetN3Client(v *viper.Viper) (Client, error) {
 	// number of opened connections
 	// by neo-go client per one host
 	const (
@ -82,14 +88,8 @@ func NewRemoteClient(v *viper.Viper) (Client, error) {
 	return c, nil
 }

-func defaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
-	commAct, err := actor.New(c, []actor.SignerAccount{{
-		Signer: transaction.Signer{
-			Account: committeeAcc.Contract.ScriptHash(),
-			Scopes:  transaction.Global,
-		},
-		Account: committeeAcc,
-	}})
+func DefaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
+	commAct, err := NewActor(c, committeeAcc)
 	if err != nil {
 		return nil, err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
@ -72,17 +72,13 @@ func InvalidConfigValueErr(key string) error {
 	return fmt.Errorf("invalid %s config value from netmap contract", key)
 }

-func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160, countEpoch int64) error {
-	if countEpoch <= 0 {
-		return errors.New("number of epochs cannot be less than 1")
-	}
-
+func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160) error {
 	curr, err := unwrap.Int64(wCtx.ReadOnlyInvoker.Call(nmHash, "epoch"))
 	if err != nil {
 		return errors.New("can't fetch current epoch from the netmap contract")
 	}

-	newEpoch := curr + countEpoch
+	newEpoch := curr + 1
 	wCtx.Command.Printf("Current epoch: %d, increase to %d.\n", curr, newEpoch)

 	// In NeoFS this is done via Notary contract. Here, however, we can form the
--- a/cmd/frostfs-adm/internal/modules/morph/helper/util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/util.go
@ -15,8 +15,10 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
+	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
+	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/viper"
@ -42,7 +44,7 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er

 	var wallets []*wallet.Wallet
 	var letter string
-	for i := range constants.MaxAlphabetNodes {
+	for i := 0; i < constants.MaxAlphabetNodes; i++ {
 		letter = innerring.GlagoliticLetter(i).String()
 		p := filepath.Join(walletDir, letter+".json")
 		var w *wallet.Wallet
@ -85,6 +87,16 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 	return wallets, nil
 }

+func NewActor(c actor.RPCActor, committeeAcc *wallet.Account) (*actor.Actor, error) {
+	return actor.New(c, []actor.SignerAccount{{
+		Signer: transaction.Signer{
+			Account: committeeAcc.Contract.ScriptHash(),
+			Scopes:  transaction.Global,
+		},
+		Account: committeeAcc,
+	}})
+}
+
 func ReadContract(ctrPath, ctrName string) (*ContractState, error) {
 	rawNef, err := os.ReadFile(filepath.Join(ctrPath, ctrName+"_contract.nef"))
 	if err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
@ -1,8 +1,6 @@
 package initialize

 import (
-	"fmt"
-
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"github.com/nspcc-dev/neo-go/pkg/core/native/noderoles"
 	"github.com/nspcc-dev/neo-go/pkg/io"
@ -31,14 +29,10 @@ func setNotaryAndAlphabetNodes(c *helper.InitializeContext) error {
 		callflag.States|callflag.AllowNotify, int64(noderoles.NeoFSAlphabet), pubs)

 	if err := c.SendCommitteeTx(w.Bytes(), false); err != nil {
-		return fmt.Errorf("send committee transaction: %w", err)
+		return err
 	}

-	err := c.AwaitTx()
-	if err != nil {
-		err = fmt.Errorf("await committee transaction: %w", err)
-	}
-	return err
+	return c.AwaitTx()
 }

 func setRolesFinished(c *helper.InitializeContext) (bool, error) {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
@ -62,7 +62,7 @@ func testInitialize(t *testing.T, committeeSize int) {
 	v := viper.GetViper()

 	require.NoError(t, generateTestData(testdataDir, committeeSize))
-	v.Set(commonflags.ProtoConfigPath, filepath.Join(testdataDir, protoFileName))
+	v.Set(constants.ProtoConfigPath, filepath.Join(testdataDir, protoFileName))

 	// Set to the path or remove the next statement to download from the network.
 	require.NoError(t, Cmd.Flags().Set(commonflags.ContractsInitFlag, contractsPath))
@ -113,7 +113,7 @@ func generateTestData(dir string, size int) error {
 	}

 	var pubs []string
-	for i := range size {
+	for i := 0; i < size; i++ {
 		p := filepath.Join(dir, innerring.GlagoliticLetter(i).String()+".json")
 		w, err := wallet.NewWalletFromFile(p)
 		if err != nil {
@ -148,7 +148,7 @@ func generateTestData(dir string, size int) error {
 }

 func setTestCredentials(v *viper.Viper, size int) {
-	for i := range size {
+	for i := 0; i < size; i++ {
 		v.Set("credentials."+innerring.GlagoliticLetter(i).String(), strconv.FormatUint(uint64(i), 10))
 	}
 	v.Set("credentials.contract", constants.TestContractPassword)
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
@ -3,7 +3,6 @@ package initialize
 import (
 	"fmt"
 	"math/big"
-	"strings"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
@ -27,12 +26,12 @@ const (
 	initialAlphabetGASAmount = 10_000 * native.GASFactor
 	// initialProxyGASAmount represents the amount of GAS given to a proxy contract.
 	initialProxyGASAmount = 50_000 * native.GASFactor
+	// alphabetGasRatio is a coefficient that defines the threshold below which
+	// the balance of the alphabet node is considered not replenished. The value
+	// of this coefficient is determined empirically.
+	alphabetGasRatio = 5
 )

-func initialCommitteeGASAmount(c *helper.InitializeContext) int64 {
-	return (gasInitialTotalSupply - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2
-}
-
 func transferFunds(c *helper.InitializeContext) error {
 	ok, err := transferFundsFinished(c)
 	if ok || err != nil {
@ -59,7 +58,7 @@ func transferFunds(c *helper.InitializeContext) error {
 		transferTarget{
 			Token:   gas.Hash,
 			Address: c.CommitteeAcc.Contract.ScriptHash(),
-			Amount:  initialCommitteeGASAmount(c),
+			Amount:  (gasInitialTotalSupply - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2,
 		},
 		transferTarget{
 			Token:   neo.Hash,
@ -80,19 +79,12 @@ func transferFunds(c *helper.InitializeContext) error {
 	return c.AwaitTx()
 }

-// transferFundsFinished checks balances of accounts we transfer GAS to.
-// The stage is considered finished if the balance is greater than the half of what we need to transfer.
 func transferFundsFinished(c *helper.InitializeContext) (bool, error) {
 	acc := c.Accounts[0]

 	r := nep17.NewReader(c.ReadOnlyInvoker, gas.Hash)
 	res, err := r.BalanceOf(acc.Contract.ScriptHash())
-	if err != nil || res.Cmp(big.NewInt(initialAlphabetGASAmount/2)) != 1 {
-		return false, err
-	}
-
-	res, err = r.BalanceOf(c.CommitteeAcc.ScriptHash())
-	return res != nil && res.Cmp(big.NewInt(initialCommitteeGASAmount(c)/2)) == 1, err
+	return res.Cmp(big.NewInt(alphabetGasRatio*native.GASFactor)) == 1, err
 }

 func transferGASToProxy(c *helper.InitializeContext) error {
@ -152,17 +144,5 @@ func createNEP17MultiTransferTx(c helper.Client, acc *wallet.Account, recipients
 	if err != nil {
 		return nil, fmt.Errorf("can't create actor: %w", err)
 	}
-	tx, err := act.MakeRun(w.Bytes())
-	if err != nil {
-		sum := make(map[util.Uint160]int64)
-		for _, recipient := range recipients {
-			sum[recipient.Token] += recipient.Amount
-		}
-		detail := make([]string, 0, len(sum))
-		for _, value := range sum {
-			detail = append(detail, fmt.Sprintf("amount=%v", value))
-		}
-		err = fmt.Errorf("transfer failed: from=%s(%s) %s: %w", acc.Label, acc.Address, strings.Join(detail, " "), err)
-	}
-	return tx, err
+	return act.MakeRun(w.Bytes())
 }
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
@ -2,6 +2,7 @@ package initialize

 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -31,7 +32,7 @@ var Cmd = &cobra.Command{
 		_ = viper.BindPFlag(commonflags.ContainerFeeInitFlag, cmd.Flags().Lookup(containerFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.ContainerAliasFeeInitFlag, cmd.Flags().Lookup(containerAliasFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.WithdrawFeeInitFlag, cmd.Flags().Lookup(withdrawFeeCLIFlag))
-		_ = viper.BindPFlag(commonflags.ProtoConfigPath, cmd.Flags().Lookup(commonflags.ProtoConfigPath))
+		_ = viper.BindPFlag(constants.ProtoConfigPath, cmd.Flags().Lookup(constants.ProtoConfigPath))
 	},
 	RunE: initializeSideChainCmd,
 }
@ -47,7 +48,7 @@ func initInitCmd() {
 	// Defaults are taken from neo-preodolenie.
 	Cmd.Flags().Uint64(containerFeeCLIFlag, 1000, "Container registration fee")
 	Cmd.Flags().Uint64(containerAliasFeeCLIFlag, 500, "Container alias fee")
-	Cmd.Flags().String(commonflags.ProtoConfigPath, "", "Path to the consensus node configuration")
+	Cmd.Flags().String(constants.ProtoConfigPath, "", "Path to the consensus node configuration")
 	Cmd.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 	Cmd.MarkFlagsMutuallyExclusive(commonflags.ContractsInitFlag, commonflags.ContractsURLFlag)
 }
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
@ -12,8 +12,6 @@ import (
 	"github.com/spf13/viper"
 )

-const deltaFlag = "delta"
-
 func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
@ -32,8 +30,7 @@ func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	}

 	bw := io.NewBufBinWriter()
-	delta, _ := cmd.Flags().GetInt64(deltaFlag)
-	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, delta); err != nil {
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 		return err
 	}

--- a/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
@ -13,7 +13,7 @@ import (
 )

 func listNetmapCandidatesNodes(cmd *cobra.Command, _ []string) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
@ -12,6 +12,7 @@ var (
 		Short: "List netmap candidates nodes",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: listNetmapCandidatesNodes,
 	}
@ -34,7 +35,6 @@ func initForceNewEpochCmd() {
 	ForceNewEpoch.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	ForceNewEpoch.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	ForceNewEpoch.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
-	ForceNewEpoch.Flags().Int64(deltaFlag, 1, "Number of epochs to increase the current epoch")
 }

 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
@ -2,37 +2,24 @@ package nns

 import (
 	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )

-func nnsWriter(cmd *cobra.Command) (*client.Contract, *helper.LocalActor) {
+func getRPCClient(cmd *cobra.Command) (*client.Contract, *helper.LocalActor, util.Uint160) {
 	v := viper.GetViper()
-	c, err := helper.NewRemoteClient(v)
+	c, err := helper.GetN3Client(v)
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

-	ac, err := helper.NewLocalActor(cmd, c, constants.CommitteeAccountName)
+	ac, err := helper.NewLocalActor(cmd, c)
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)

 	r := management.NewReader(ac.Invoker)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-	return client.New(ac, nnsCs.Hash), ac
-}
-
-func nnsReader(cmd *cobra.Command) (*client.ContractReader, *invoker.Invoker) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
-	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
-
-	inv := invoker.New(c, nil)
-	r := management.NewReader(inv)
-	nnsCs, err := helper.GetContractByID(r, 1)
-	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-
-	return client.NewReader(inv, nnsCs.Hash), inv
+	return client.New(ac, nnsCs.Hash), ac, nnsCs.Hash
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/record.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/record.go
@ -8,6 +8,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
+	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/spf13/cobra"
 )
@ -28,6 +29,7 @@ func initAddRecordCmd() {
 func initGetRecordsCmd() {
 	Cmd.AddCommand(getRecordsCmd)
 	getRecordsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	getRecordsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	getRecordsCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	getRecordsCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)

@ -45,21 +47,8 @@ func initDelRecordsCmd() {
 	_ = cobra.MarkFlagRequired(delRecordsCmd.Flags(), nnsRecordTypeFlag)
 }

-func initDelRecordCmd() {
-	Cmd.AddCommand(delRecordCmd)
-	delRecordCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	delRecordCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	delRecordCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
-	delRecordCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
-	delRecordCmd.Flags().String(nnsRecordDataFlag, "", nnsRecordDataFlagDesc)
-
-	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsNameFlag)
-	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsRecordTypeFlag)
-	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsRecordDataFlag)
-}
-
 func addRecord(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
@ -75,16 +64,16 @@ func addRecord(cmd *cobra.Command, _ []string) {
 }

 func getRecords(cmd *cobra.Command, _ []string) {
-	c, inv := nnsReader(cmd)
+	c, act, hash := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	if recordType == "" {
-		sid, r, err := c.GetAllRecords(name)
+		sid, r, err := unwrap.SessionIterator(act.Invoker.Call(hash, "getAllRecords", name))
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		defer func() {
-			_ = inv.TerminateSession(sid)
+			_ = act.Invoker.TerminateSession(sid)
 		}()
-		items, err := inv.TraverseIterator(sid, &r, 0)
+		items, err := act.Invoker.TraverseIterator(sid, &r, 0)
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		for len(items) != 0 {
 			for j := range items {
@ -95,7 +84,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 					recordTypeToString(nns.RecordType(rs[1].Value().(*big.Int).Int64())),
 					string(bs))
 			}
-			items, err = inv.TraverseIterator(sid, &r, 0)
+			items, err = act.Invoker.TraverseIterator(sid, &r, 0)
 			commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		}
 	} else {
@ -112,7 +101,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 }

 func delRecords(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	typ, err := getRecordType(recordType)
@ -126,22 +115,6 @@ func delRecords(cmd *cobra.Command, _ []string) {
 	cmd.Println("Records removed successfully")
 }

-func delRecord(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
-	name, _ := cmd.Flags().GetString(nnsNameFlag)
-	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
-	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
-	typ, err := getRecordType(recordType)
-	commonCmd.ExitOnErr(cmd, "unable to parse record type: %w", err)
-	h, vub, err := c.DeleteRecord(name, typ, data)
-	commonCmd.ExitOnErr(cmd, "unable to delete record: %w", err)
-
-	cmd.Println("Waiting for transaction to persist...")
-	_, err = actor.Wait(h, vub, err)
-	commonCmd.ExitOnErr(cmd, "delete records error: %w", err)
-	cmd.Println("Record removed successfully")
-}
-
 func getRecordType(recordType string) (*big.Int, error) {
 	switch strings.ToUpper(recordType) {
 	case "A":
--- a/cmd/frostfs-adm/internal/modules/morph/nns/register.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/register.go
@ -24,7 +24,7 @@ func initRegisterCmd() {
 }

 func registerDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)

 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
@ -42,23 +42,3 @@ func registerDomain(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "register domain error: %w", err)
 	cmd.Println("Domain registered successfully")
 }
-
-func initDeleteCmd() {
-	Cmd.AddCommand(deleteCmd)
-	deleteCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	deleteCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	deleteCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
-
-	_ = cobra.MarkFlagRequired(deleteCmd.Flags(), nnsNameFlag)
-}
-
-func deleteDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
-
-	name, _ := cmd.Flags().GetString(nnsNameFlag)
-	h, vub, err := c.DeleteDomain(name)
-
-	_, err = actor.Wait(h, vub, err)
-	commonCmd.ExitOnErr(cmd, "delete domain error: %w", err)
-	cmd.Println("Domain deleted successfully")
-}
--- a/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
@ -14,7 +14,7 @@ func initRenewCmd() {
 }

 func renewDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.Renew(name)
 	commonCmd.ExitOnErr(cmd, "unable to renew domain: %w", err)
--- a/cmd/frostfs-adm/internal/modules/morph/nns/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/root.go
@ -42,15 +42,6 @@ var (
 		},
 		Run: registerDomain,
 	}
-	deleteCmd = &cobra.Command{
-		Use:   "delete",
-		Short: "Delete a domain by name",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-		},
-		Run: deleteDomain,
-	}
 	renewCmd = &cobra.Command{
 		Use:   "renew",
 		Short: "Increases domain expiration date",
@ -95,25 +86,14 @@ var (
 		},
 		Run: delRecords,
 	}
-	delRecordCmd = &cobra.Command{
-		Use:   "delete-record",
-		Short: "Removes domain record with the specified type and data",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-		},
-		Run: delRecord,
-	}
 )

 func init() {
 	initTokensCmd()
 	initRegisterCmd()
-	initDeleteCmd()
 	initRenewCmd()
 	initUpdateCmd()
 	initAddRecordCmd()
 	initGetRecordsCmd()
 	initDelRecordsCmd()
-	initDelRecordCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
@ -1,65 +1,24 @@
 package nns

 import (
-	"math/big"
-	"strings"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
-	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/spf13/cobra"
 )

-const (
-	verboseDesc = "Include additional information about CNAME record."
-)
-
 func initTokensCmd() {
 	Cmd.AddCommand(tokensCmd)
 	tokensCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	tokensCmd.Flags().BoolP(commonflags.Verbose, commonflags.VerboseShorthand, false, verboseDesc)
+	tokensCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func listTokens(cmd *cobra.Command, _ []string) {
-	c, _ := nnsReader(cmd)
+	c, _, _ := getRPCClient(cmd)
 	it, err := c.Tokens()
 	commonCmd.ExitOnErr(cmd, "unable to get tokens: %w", err)
 	for toks, err := it.Next(10); err == nil && len(toks) > 0; toks, err = it.Next(10) {
 		for _, token := range toks {
-			output := string(token)
-			if verbose, _ := cmd.Flags().GetBool(commonflags.Verbose); verbose {
-				cname, err := getCnameRecord(c, token)
-				commonCmd.ExitOnErr(cmd, "", err)
-				if cname != "" {
-					output += " (CNAME: " + cname + ")"
-				}
-			}
-			cmd.Println(output)
+			cmd.Println(string(token))
 		}
 	}
 }
-
-func getCnameRecord(c *client.ContractReader, token []byte) (string, error) {
-	items, err := c.GetRecords(string(token), big.NewInt(int64(nns.CNAME)))
-
-	// GetRecords returns the error "not an array" if the domain does not contain records.
-	if err != nil && strings.Contains(err.Error(), "not an array") {
-		return "", nil
-	}
-
-	if err != nil {
-		return "", err
-	}
-
-	if len(items) == 0 {
-		return "", nil
-	}
-
-	record, err := items[0].TryBytes()
-	if err != nil {
-		return "", err
-	}
-
-	return string(record), nil
-}
--- a/cmd/frostfs-adm/internal/modules/morph/nns/update.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/update.go
@ -30,7 +30,7 @@ func initUpdateCmd() {
 }

 func updateSOA(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)

 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
--- a/cmd/frostfs-adm/internal/modules/morph/node/remove.go
+++ b/cmd/frostfs-adm/internal/modules/morph/node/remove.go
@ -53,7 +53,7 @@ func RemoveNodesCmd(cmd *cobra.Command, args []string) error {
 			int64(netmapcontract.NodeStateOffline), nodeKeys[i].Bytes())
 	}

-	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, 1); err != nil {
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 		return err
 	}

--- a/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
@ -89,7 +89,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 }

 func transferGas(cmd *cobra.Command, acc *wallet.Account, accHash util.Uint160, gasAmount fixedn.Fixed8, till int64) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
@ -62,7 +62,7 @@ func SetPolicyCmd(cmd *cobra.Command, args []string) error {
 }

 func dumpPolicyCmd(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client:", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
@ -30,13 +30,11 @@ var (
 func initProxyAddAccount() {
 	AddAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	AddAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
-	AddAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initProxyRemoveAccount() {
 	RemoveAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	RemoveAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
-	RemoveAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func init() {
--- a/cmd/frostfs-adm/internal/modules/root.go
+++ b/cmd/frostfs-adm/internal/modules/root.go
@ -5,7 +5,6 @@ import (

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/metabase"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/storagecfg"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/misc"
@ -42,7 +41,6 @@ func init() {
 	rootCmd.AddCommand(config.RootCmd)
 	rootCmd.AddCommand(morph.RootCmd)
 	rootCmd.AddCommand(storagecfg.RootCmd)
-	rootCmd.AddCommand(metabase.RootCmd)

 	rootCmd.AddCommand(autocomplete.Command("frostfs-adm"))
 	rootCmd.AddCommand(gendoc.Command(rootCmd, gendoc.Options{}))
--- a/cmd/frostfs-cli/docs/sessions.md
+++ b/cmd/frostfs-cli/docs/sessions.md
@ -72,3 +72,4 @@ All other `object` sub-commands support only static sessions (2).
 List of commands supporting sessions (static only):
 - `create`
 - `delete`
+- `set-eacl`
--- a/cmd/frostfs-cli/internal/client/client.go
+++ b/cmd/frostfs-cli/internal/client/client.go
@ -2,13 +2,10 @@ package internal

 import (
 	"bytes"
-	"cmp"
 	"context"
 	"errors"
 	"fmt"
 	"io"
-	"os"
-	"slices"
 	"sort"
 	"strings"

@ -17,6 +14,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	containerSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
@ -191,6 +189,31 @@ func DeleteContainer(ctx context.Context, prm DeleteContainerPrm) (res DeleteCon
 	return
 }

+// EACLPrm groups parameters of EACL operation.
+type EACLPrm struct {
+	Client       *client.Client
+	ClientParams client.PrmContainerEACL
+}
+
+// EACLRes groups the resulting values of EACL operation.
+type EACLRes struct {
+	cliRes *client.ResContainerEACL
+}
+
+// EACL returns requested eACL table.
+func (x EACLRes) EACL() eacl.Table {
+	return x.cliRes.Table()
+}
+
+// EACL reads eACL table from FrostFS by container ID.
+//
+// Returns any error which prevented the operation from completing correctly in error return.
+func EACL(ctx context.Context, prm EACLPrm) (res EACLRes, err error) {
+	res.cliRes, err = prm.Client.ContainerEACL(ctx, prm.ClientParams)
+
+	return
+}
+
 // NetworkInfoPrm groups parameters of NetworkInfo operation.
 type NetworkInfoPrm struct {
 	Client       *client.Client
@ -565,6 +588,13 @@ type HeadObjectPrm struct {
 	commonObjectPrm
 	objectAddressPrm
 	rawPrm
+
+	mainOnly bool
+}
+
+// SetMainOnlyFlag sets flag to get only main fields of an object header in terms of FrostFS API.
+func (x *HeadObjectPrm) SetMainOnlyFlag(v bool) {
+	x.mainOnly = v
 }

 // HeadObjectRes groups the resulting values of HeadObject operation.
@ -659,7 +689,9 @@ func SearchObjects(ctx context.Context, prm SearchObjectsPrm) (*SearchObjectsRes

 	for {
 		n, ok = rdr.Read(buf)
-		list = append(list, buf[:n]...)
+		for i := 0; i < n; i++ {
+			list = append(list, buf[i])
+		}
 		if !ok {
 			break
 		}
@ -670,8 +702,9 @@ func SearchObjects(ctx context.Context, prm SearchObjectsPrm) (*SearchObjectsRes
 		return nil, fmt.Errorf("read object list: %w", err)
 	}

-	slices.SortFunc(list, func(a, b oid.ID) int {
-		return strings.Compare(a.EncodeToString(), b.EncodeToString())
+	sort.Slice(list, func(i, j int) bool {
+		lhs, rhs := list[i].EncodeToString(), list[j].EncodeToString()
+		return strings.Compare(lhs, rhs) < 0
 	})

 	return &SearchObjectsRes{
@ -836,65 +869,3 @@ func SyncContainerSettings(ctx context.Context, prm SyncContainerPrm) (*SyncCont

 	return new(SyncContainerRes), nil
 }
-
-// PatchObjectPrm groups parameters of PatchObject operation.
-type PatchObjectPrm struct {
-	commonObjectPrm
-	objectAddressPrm
-
-	NewAttributes []objectSDK.Attribute
-
-	ReplaceAttribute bool
-
-	PayloadPatches []PayloadPatch
-}
-
-type PayloadPatch struct {
-	Range objectSDK.Range
-
-	PayloadPath string
-}
-
-type PatchRes struct {
-	OID oid.ID
-}
-
-func Patch(ctx context.Context, prm PatchObjectPrm) (*PatchRes, error) {
-	patchPrm := client.PrmObjectPatch{
-		XHeaders:    prm.xHeaders,
-		BearerToken: prm.bearerToken,
-		Session:     prm.sessionToken,
-		Address:     prm.objAddr,
-	}
-
-	slices.SortFunc(prm.PayloadPatches, func(a, b PayloadPatch) int {
-		return cmp.Compare(a.Range.GetOffset(), b.Range.GetOffset())
-	})
-
-	patcher, err := prm.cli.ObjectPatchInit(ctx, patchPrm)
-	if err != nil {
-		return nil, fmt.Errorf("init payload reading: %w", err)
-	}
-
-	if patcher.PatchAttributes(ctx, prm.NewAttributes, prm.ReplaceAttribute) {
-		for _, pp := range prm.PayloadPatches {
-			payloadFile, err := os.OpenFile(pp.PayloadPath, os.O_RDONLY, os.ModePerm)
-			if err != nil {
-				return nil, err
-			}
-			applied := patcher.PatchPayload(ctx, &pp.Range, payloadFile)
-			_ = payloadFile.Close()
-			if !applied {
-				break
-			}
-		}
-	}
-
-	res, err := patcher.Close(ctx)
-	if err != nil {
-		return nil, err
-	}
-	return &PatchRes{
-		OID: res.ObjectID(),
-	}, nil
-}
--- a/cmd/frostfs-cli/internal/client/sdk.go
+++ b/cmd/frostfs-cli/internal/client/sdk.go
@ -58,7 +58,6 @@ func GetSDKClient(ctx context.Context, cmd *cobra.Command, key *ecdsa.PrivateKey
 		GRPCDialOptions: []grpc.DialOption{
 			grpc.WithChainUnaryInterceptor(tracing.NewUnaryClientInteceptor()),
 			grpc.WithChainStreamInterceptor(tracing.NewStreamClientInterceptor()),
-			grpc.WithDefaultCallOptions(grpc.WaitForReady(true)),
 		},
 	}
 	if timeout := viper.GetDuration(commonflags.Timeout); timeout > 0 {
--- a/cmd/frostfs-cli/internal/common/tracing.go
+++ b/cmd/frostfs-cli/internal/common/tracing.go
@ -2,7 +2,7 @@ package common

 import (
 	"context"
-	"slices"
+	"sort"
 	"strings"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -45,11 +45,15 @@ func StartClientCommandSpan(cmd *cobra.Command) {
 	})
 	commonCmd.ExitOnErr(cmd, "init tracing: %w", err)

-	var components []string
+	var components sort.StringSlice
 	for c := cmd; c != nil; c = c.Parent() {
 		components = append(components, c.Name())
 	}
-	slices.Reverse(components)
+	for i, j := 0, len(components)-1; i < j; {
+		components.Swap(i, j)
+		i++
+		j--
+	}

 	operation := strings.Join(components, ".")
 	ctx, span := tracing.StartSpanFromContext(cmd.Context(), operation)
--- a/cmd/frostfs-cli/internal/key/key_test.go
+++ b/cmd/frostfs-cli/internal/key/key_test.go
@ -24,8 +24,6 @@ var testCmd = &cobra.Command{
 }

 func Test_getOrGenerate(t *testing.T) {
-	t.Cleanup(viper.Reset)
-
 	dir := t.TempDir()

 	wallPath := filepath.Join(dir, "wallet.json")
--- a/cmd/frostfs-cli/modules/ape_manager/add_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/add_chain.go
@ -1,19 +1,45 @@
 package apemanager

 import (
-	"fmt"
+	"encoding/hex"
+	"errors"

 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
-	"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
+	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )

+const (
+	chainIDFlag    = "chain-id"
+	chainIDHexFlag = "chain-id-hex"
+	ruleFlag       = "rule"
+	pathFlag       = "path"
+)
+
+const (
+	targetNameFlag = "target-name"
+	targetNameDesc = "Resource name in APE resource name format"
+	targetTypeFlag = "target-type"
+	targetTypeDesc = "Resource type(container/namespace)"
+)
+
+const (
+	defaultNamespace = ""
+	namespaceTarget  = "namespace"
+	containerTarget  = "container"
+	userTarget       = "user"
+	groupTarget      = "group"
+)
+
+var errUnknownTargetType = errors.New("unknown target type")
+
 var addCmd = &cobra.Command{
 	Use:   "add",
 	Short: "Add rule chain for a target",
@ -24,28 +50,55 @@ var addCmd = &cobra.Command{
 }

 func parseTarget(cmd *cobra.Command) (ct apeSDK.ChainTarget) {
-	t := apeCmd.ParseTarget(cmd)
+	typ, _ := cmd.Flags().GetString(targetTypeFlag)
+	name, _ := cmd.Flags().GetString(targetNameFlag)

-	ct.Name = t.Name
+	ct.Name = name

-	switch t.Type {
-	case engine.Namespace:
+	switch typ {
+	case namespaceTarget:
 		ct.TargetType = apeSDK.TargetTypeNamespace
-	case engine.Container:
+	case containerTarget:
+		var cnr cid.ID
+		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
 		ct.TargetType = apeSDK.TargetTypeContainer
-	case engine.User:
+	case userTarget:
 		ct.TargetType = apeSDK.TargetTypeUser
-	case engine.Group:
+	case groupTarget:
 		ct.TargetType = apeSDK.TargetTypeGroup
 	default:
-		commonCmd.ExitOnErr(cmd, "conversion error: %w", fmt.Errorf("unknown type '%c'", t.Type))
+		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
 	}
 	return ct
 }

 func parseChain(cmd *cobra.Command) apeSDK.Chain {
-	c := apeCmd.ParseChain(cmd)
-	serialized := c.Bytes()
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
+
+	chainIDRaw := []byte(chainID)
+
+	if hexEncoded {
+		var err error
+		chainIDRaw, err = hex.DecodeString(chainID)
+		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
+	}
+
+	chain := new(apechain.Chain)
+	chain.ID = apechain.ID(chainIDRaw)
+
+	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", util.ParseAPEChain(chain, rules))
+	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
+		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", util.ParseAPEChainBinaryOrJSON(chain, encPath))
+	} else {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", errors.New("rule is not passed"))
+	}
+
+	cmd.Println("Parsed chain:")
+	util.PrintHumanReadableAPEChain(cmd, chain)
+
+	serialized := chain.Bytes()
 	return apeSDK.Chain{
 		Raw: serialized,
 	}
@ -74,13 +127,13 @@ func initAddCmd() {
 	commonflags.Init(addCmd)

 	ff := addCmd.Flags()
-	ff.StringArray(apeCmd.RuleFlag, []string{}, apeCmd.RuleFlagDesc)
-	ff.String(apeCmd.PathFlag, "", apeCmd.PathFlagDesc)
-	ff.String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = addCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	ff.Bool(apeCmd.ChainIDHexFlag, false, apeCmd.ChainIDHexFlagDesc)
+	ff.StringArray(ruleFlag, []string{}, "Rule statement")
+	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
+	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = addCmd.MarkFlagRequired(targetTypeFlag)
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")

-	addCmd.MarkFlagsMutuallyExclusive(apeCmd.PathFlag, apeCmd.RuleFlag)
+	addCmd.MarkFlagsMutuallyExclusive(pathFlag, ruleFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/list_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/list_chain.go
@ -4,8 +4,8 @@ import (
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	apeutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
@ -35,7 +35,7 @@ func list(cmd *cobra.Command, _ []string) {
 	for _, respChain := range resp.Chains {
 		var chain apechain.Chain
 		commonCmd.ExitOnErr(cmd, "decode error: %w", chain.DecodeBytes(respChain.Raw))
-		apeCmd.PrintHumanReadableAPEChain(cmd, &chain)
+		apeutil.PrintHumanReadableAPEChain(cmd, &chain)
 	}
 }

@ -43,7 +43,7 @@ func initListCmd() {
 	commonflags.Init(listCmd)

 	ff := listCmd.Flags()
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = listCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = listCmd.MarkFlagRequired(targetTypeFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
@ -1,23 +1,29 @@
 package apemanager

 import (
+	"encoding/hex"
+	"errors"
+
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )

-var removeCmd = &cobra.Command{
-	Use:   "remove",
-	Short: "Remove rule chain for a target",
-	Run:   remove,
-	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
-		commonflags.Bind(cmd)
-	},
-}
+var (
+	errEmptyChainID = errors.New("chain id cannot be empty")
+
+	removeCmd = &cobra.Command{
+		Use:   "remove",
+		Short: "Remove rule chain for a target",
+		Run:   remove,
+		PersistentPreRun: func(cmd *cobra.Command, _ []string) {
+			commonflags.Bind(cmd)
+		},
+	}
+)

 func remove(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
@ -25,9 +31,19 @@ func remove(cmd *cobra.Command, _ []string) {
 	key := key.Get(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)

-	chainID := apeCmd.ParseChainID(cmd)
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	if chainID == "" {
+		commonCmd.ExitOnErr(cmd, "read chain id error: %w", errEmptyChainID)
+	}
 	chainIDRaw := []byte(chainID)

+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
+	if hexEncoded {
+		var err error
+		chainIDRaw, err = hex.DecodeString(chainID)
+		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
+	}
+
 	_, err := cli.APEManagerRemoveChain(cmd.Context(), client_sdk.PrmAPEManagerRemoveChain{
 		ChainTarget: target,
 		ChainID:     chainIDRaw,
@ -42,10 +58,9 @@ func initRemoveCmd() {
 	commonflags.Init(removeCmd)

 	ff := removeCmd.Flags()
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = removeCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	ff.String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
-	_ = removeCmd.MarkFlagRequired(apeCmd.ChainIDFlag)
-	ff.Bool(apeCmd.ChainIDHexFlag, false, apeCmd.ChainIDHexFlagDesc)
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = removeCmd.MarkFlagRequired(targetTypeFlag)
+	ff.String(chainIDFlag, "", "Chain id")
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 }
--- a/cmd/frostfs-cli/modules/bearer/generate_override.go
+++ b/cmd/frostfs-cli/modules/bearer/generate_override.go
@ -1,20 +1,31 @@
 package bearer

 import (
+	"errors"
 	"fmt"
 	"os"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
+	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
 	cidSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )

+var (
+	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
+	errRuleIsNotParsed      = errors.New("rule is not passed")
+)
+
 const (
-	outputFlag = "output"
+	chainIDFlag    = "chain-id"
+	chainIDHexFlag = "chain-id-hex"
+	ruleFlag       = "rule"
+	pathFlag       = "path"
+	outputFlag     = "output"
 )

 var generateAPEOverrideCmd = &cobra.Command{
@ -29,7 +40,7 @@ Generated APE override can be dumped to a file in JSON format that is passed to
 }

 func genereateAPEOverride(cmd *cobra.Command, _ []string) {
-	c := apeCmd.ParseChain(cmd)
+	c := parseChain(cmd)

 	targetCID, _ := cmd.Flags().GetString(commonflags.CIDFlag)
 	var cid cidSDK.ID
@ -66,11 +77,39 @@ func init() {
 	ff.StringP(commonflags.CIDFlag, "", "", "Target container ID.")
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), commonflags.CIDFlag)

-	ff.StringArray(apeCmd.RuleFlag, []string{}, "Rule statement")
-	ff.String(apeCmd.PathFlag, "", "Path to encoded chain in JSON or binary format")
-	ff.String(apeCmd.ChainIDFlag, "", "Assign ID to the parsed chain")
-	ff.Bool(apeCmd.ChainIDHexFlag, false, "Flag to parse chain ID as hex")
+	ff.StringArray(ruleFlag, []string{}, "Rule statement")
+	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
+	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")

 	ff.String(outputFlag, "", "Output path to dump result JSON-encoded APE override")
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), outputFlag)
 }
+
+func parseChainID(cmd *cobra.Command) apechain.ID {
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	if chainID == "" {
+		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
+			errChainIDCannotBeEmpty)
+	}
+	return apechain.ID(chainID)
+}
+
+func parseChain(cmd *cobra.Command) *apechain.Chain {
+	chain := new(apechain.Chain)
+
+	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", parseutil.ParseAPEChain(chain, rules))
+	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
+		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
+	} else {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
+	}
+
+	chain.ID = parseChainID(cmd)
+
+	cmd.Println("Parsed chain:")
+	parseutil.PrintHumanReadableAPEChain(cmd, chain)
+
+	return chain
+}
--- a/cmd/frostfs-cli/modules/container/create.go
+++ b/cmd/frostfs-cli/modules/container/create.go
@ -7,20 +7,22 @@ import (
 	"strings"
 	"time"

+	containerApi "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	containerApi "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
+	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
 )

 var (
+	containerACL         string
 	containerPolicy      string
 	containerAttributes  []string
 	containerAwait       bool
@ -87,6 +89,9 @@ It will be stored in sidechain when inner ring will accepts it.`,
 		err = parseAttributes(&cnr, containerAttributes)
 		commonCmd.ExitOnErr(cmd, "", err)

+		var basicACL acl.Basic
+		commonCmd.ExitOnErr(cmd, "decode basic ACL string: %w", basicACL.DecodeString(containerACL))
+
 		tok := getSession(cmd)

 		if tok != nil {
@ -100,6 +105,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 		}

 		cnr.SetPlacementPolicy(*placementPolicy)
+		cnr.SetBasicACL(basicACL)

 		var syncContainerPrm internalclient.SyncContainerPrm
 		syncContainerPrm.SetClient(cli)
@ -133,7 +139,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 				},
 			}

-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)

 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
@ -157,6 +163,10 @@ func initContainerCreateCmd() {
 	flags.DurationP(commonflags.Timeout, commonflags.TimeoutShorthand, commonflags.TimeoutDefault, commonflags.TimeoutUsage)
 	flags.StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, commonflags.WalletPathDefault, commonflags.WalletPathUsage)
 	flags.StringP(commonflags.Account, commonflags.AccountShorthand, commonflags.AccountDefault, commonflags.AccountUsage)
+
+	flags.StringVar(&containerACL, "basic-acl", acl.NamePrivate, fmt.Sprintf("HEX encoded basic ACL value or keywords like '%s', '%s', '%s'",
+		acl.NamePublicRW, acl.NamePrivate, acl.NamePublicROExtended,
+	))
 	flags.StringVarP(&containerPolicy, "policy", "p", "", "QL-encoded or JSON-encoded placement policy or path to file with it")
 	flags.StringSliceVarP(&containerAttributes, "attributes", "a", nil, "Comma separated pairs of container attributes in form of Key1=Value1,Key2=Value2")
 	flags.BoolVar(&containerAwait, "await", false, "Block execution until container is persisted")
--- a/cmd/frostfs-cli/modules/container/delete.go
+++ b/cmd/frostfs-cli/modules/container/delete.go
@ -110,7 +110,7 @@ Only owner of the container has a permission to remove container.`,
 				},
 			}

-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)

 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
--- a/cmd/frostfs-cli/modules/container/get_eacl.go
+++ b/cmd/frostfs-cli/modules/container/get_eacl.go
@ -0,0 +1,68 @@
+package container
+
+import (
+	"os"
+
+	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
+	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
+	"github.com/spf13/cobra"
+)
+
+var getExtendedACLCmd = &cobra.Command{
+	Use:   "get-eacl",
+	Short: "Get extended ACL table of container",
+	Long:  `Get extended ACL table of container`,
+	Run: func(cmd *cobra.Command, _ []string) {
+		id := parseContainerID(cmd)
+		pk := key.GetOrGenerate(cmd)
+		cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC)
+
+		eaclPrm := internalclient.EACLPrm{
+			Client: cli,
+			ClientParams: client.PrmContainerEACL{
+				ContainerID: &id,
+			},
+		}
+
+		res, err := internalclient.EACL(cmd.Context(), eaclPrm)
+		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
+
+		eaclTable := res.EACL()
+
+		if containerPathTo == "" {
+			cmd.Println("eACL: ")
+			common.PrettyPrintJSON(cmd, &eaclTable, "eACL")
+
+			return
+		}
+
+		var data []byte
+
+		if containerJSON {
+			data, err = eaclTable.MarshalJSON()
+			commonCmd.ExitOnErr(cmd, "can't encode to JSON: %w", err)
+		} else {
+			data, err = eaclTable.Marshal()
+			commonCmd.ExitOnErr(cmd, "can't encode to binary: %w", err)
+		}
+
+		cmd.Println("dumping data to file:", containerPathTo)
+
+		err = os.WriteFile(containerPathTo, data, 0o644)
+		commonCmd.ExitOnErr(cmd, "could not write eACL to file: %w", err)
+	},
+}
+
+func initContainerGetEACLCmd() {
+	commonflags.Init(getExtendedACLCmd)
+
+	flags := getExtendedACLCmd.Flags()
+
+	flags.StringVar(&containerID, commonflags.CIDFlag, "", commonflags.CIDFlagUsage)
+	flags.StringVar(&containerPathTo, "to", "", "Path to dump encoded container (default: binary encoded)")
+	flags.BoolVar(&containerJSON, commonflags.JSON, false, "Encode EACL table in json format")
+}
--- a/cmd/frostfs-cli/modules/container/list.go
+++ b/cmd/frostfs-cli/modules/container/list.go
@ -1,6 +1,9 @@
 package container

 import (
+	"strings"
+
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -67,6 +70,7 @@ var listContainersCmd = &cobra.Command{
 				continue
 			}

+			cnrID := cnrID
 			prmGet.ClientParams.ContainerID = &cnrID
 			res, err := internalclient.GetContainer(cmd.Context(), prmGet)
 			if err != nil {
@ -81,8 +85,12 @@ var listContainersCmd = &cobra.Command{
 			cmd.Println(cnrID.String())

 			if flagVarListPrintAttr {
-				cnr.IterateUserAttributes(func(key, val string) {
-					cmd.Printf("  %s: %s\n", key, val)
+				cnr.IterateAttributes(func(key, val string) {
+					if !strings.HasPrefix(key, container.SysAttributePrefix) && !strings.HasPrefix(key, container.SysAttributePrefixNeoFS) {
+						// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
+						//	Use dedicated method to skip system attributes.
+						cmd.Printf("  %s: %s\n", key, val)
+					}
 				})
 			}
 		}
--- a/cmd/frostfs-cli/modules/container/list_objects.go
+++ b/cmd/frostfs-cli/modules/container/list_objects.go
@ -1,6 +1,9 @@
 package container

 import (
+	"strings"
+
+	v2object "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -64,8 +67,14 @@ var listContainerObjectsCmd = &cobra.Command{

 				resHead, err := internalclient.HeadObject(cmd.Context(), prmHead)
 				if err == nil {
-					for _, attr := range resHead.Header().UserAttributes() {
-						cmd.Printf("  %s: %s\n", attr.Key(), attr.Value())
+					attrs := resHead.Header().Attributes()
+					for i := range attrs {
+						attrKey := attrs[i].Key()
+						if !strings.HasPrefix(attrKey, v2object.SysAttributePrefix) && !strings.HasPrefix(attrKey, v2object.SysAttributePrefixNeoFS) {
+							// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
+							//	Use dedicated method to skip system attributes.
+							cmd.Printf("  %s: %s\n", attrKey, attrs[i].Value())
+						}
 					}
 				} else {
 					cmd.Printf("  failed to read attributes: %v\n", err)
--- a/cmd/frostfs-cli/modules/container/policy_playground.go
+++ b/cmd/frostfs-cli/modules/container/policy_playground.go
@ -1,10 +1,11 @@
 package container

 import (
+	"bufio"
 	"encoding/hex"
 	"encoding/json"
-	"errors"
 	"fmt"
+	"io"
 	"os"
 	"strings"

@ -13,7 +14,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	"github.com/chzyer/readline"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -163,16 +163,6 @@ func (repl *policyPlaygroundREPL) netMap() netmap.NetMap {
 	return nm
 }

-var policyPlaygroundCompleter = readline.NewPrefixCompleter(
-	readline.PcItem("list"),
-	readline.PcItem("ls"),
-	readline.PcItem("add"),
-	readline.PcItem("load"),
-	readline.PcItem("remove"),
-	readline.PcItem("rm"),
-	readline.PcItem("eval"),
-)
-
 func (repl *policyPlaygroundREPL) run() error {
 	if len(viper.GetString(commonflags.RPC)) > 0 {
 		key := key.GetOrGenerate(repl.cmd)
@ -199,38 +189,22 @@ func (repl *policyPlaygroundREPL) run() error {
 		"rm":     repl.handleRemove,
 		"eval":   repl.handleEval,
 	}
-
-	rl, err := readline.NewEx(&readline.Config{
-		Prompt:          "> ",
-		InterruptPrompt: "^C",
-		AutoComplete:    policyPlaygroundCompleter,
-	})
-	if err != nil {
-		return fmt.Errorf("error initializing readline: %w", err)
-	}
-	defer rl.Close()
-
-	var exit bool
-	for {
-		line, err := rl.Readline()
+	for reader := bufio.NewReader(os.Stdin); ; {
+		fmt.Print("> ")
+		line, err := reader.ReadString('\n')
 		if err != nil {
-			if errors.Is(err, readline.ErrInterrupt) {
-				if exit {
-					return nil
-				}
-				exit = true
-				continue
+			if err == io.EOF {
+				return nil
 			}
-			return fmt.Errorf("reading line: %w", err)
+			return fmt.Errorf("reading line: %v", err)
 		}
-		exit = false
-
 		parts := strings.Fields(line)
 		if len(parts) == 0 {
 			continue
 		}
 		cmd := parts[0]
-		if handler, exists := cmdHandlers[cmd]; exists {
+		handler, exists := cmdHandlers[cmd]
+		if exists {
 			if err := handler(parts[1:]); err != nil {
 				fmt.Printf("error: %v\n", err)
 			}
--- a/cmd/frostfs-cli/modules/container/root.go
+++ b/cmd/frostfs-cli/modules/container/root.go
@ -25,6 +25,7 @@ func init() {
 		deleteContainerCmd,
 		listContainerObjectsCmd,
 		getContainerInfoCmd,
+		getExtendedACLCmd,
 		containerNodesCmd,
 		policyPlaygroundCmd,
 	}
@ -36,6 +37,7 @@ func init() {
 	initContainerDeleteCmd()
 	initContainerListObjectsCmd()
 	initContainerInfoCmd()
+	initContainerGetEACLCmd()
 	initContainerNodesCmd()
 	initContainerPolicyPlaygroundCmd()

--- a/cmd/frostfs-cli/modules/control/add_rule.go
+++ b/cmd/frostfs-cli/modules/control/add_rule.go
@ -1,14 +1,23 @@
 package control

 import (
+	"encoding/hex"
+	"errors"
+
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
+	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )

+const (
+	ruleFlag = "rule"
+	pathFlag = "path"
+)
+
 var addRuleCmd = &cobra.Command{
 	Use:   "add-rule",
 	Short: "Add local override",
@ -22,12 +31,41 @@ control add-rule --endpoint ... -w ... --address ... --chain-id ChainID --cid ..
 	Run: addRule,
 }

+func parseChain(cmd *cobra.Command) *apechain.Chain {
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
+
+	chainIDRaw := []byte(chainID)
+
+	if hexEncoded {
+		var err error
+		chainIDRaw, err = hex.DecodeString(chainID)
+		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
+	}
+
+	chain := new(apechain.Chain)
+	chain.ID = apechain.ID(chainIDRaw)
+
+	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
+		commonCmd.ExitOnErr(cmd, "parser error: %w", util.ParseAPEChain(chain, rules))
+	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
+		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", util.ParseAPEChainBinaryOrJSON(chain, encPath))
+	} else {
+		commonCmd.ExitOnErr(cmd, "parser error", errors.New("rule is not passed"))
+	}
+
+	cmd.Println("Parsed chain:")
+	util.PrintHumanReadableAPEChain(cmd, chain)
+
+	return chain
+}
+
 func addRule(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)

 	target := parseTarget(cmd)

-	parsed := apeCmd.ParseChain(cmd)
+	parsed := parseChain(cmd)

 	req := &control.AddChainLocalOverrideRequest{
 		Body: &control.AddChainLocalOverrideRequest_Body{
@ -56,13 +94,13 @@ func initControlAddRuleCmd() {
 	initControlFlags(addRuleCmd)

 	ff := addRuleCmd.Flags()
-	ff.StringArray(apeCmd.RuleFlag, []string{}, "Rule statement")
-	ff.String(apeCmd.PathFlag, "", "Path to encoded chain in JSON or binary format")
-	ff.String(apeCmd.ChainIDFlag, "", "Assign ID to the parsed chain")
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = addRuleCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
-	ff.Bool(apeCmd.ChainIDHexFlag, false, "Flag to parse chain ID as hex")
+	ff.StringArray(ruleFlag, []string{}, "Rule statement")
+	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
+	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = addRuleCmd.MarkFlagRequired(targetTypeFlag)
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")

-	addRuleCmd.MarkFlagsMutuallyExclusive(apeCmd.PathFlag, apeCmd.RuleFlag)
+	addRuleCmd.MarkFlagsMutuallyExclusive(pathFlag, ruleFlag)
 }
--- a/cmd/frostfs-cli/modules/control/detach_shards.go
+++ b/cmd/frostfs-cli/modules/control/detach_shards.go
@ -1,10 +1,10 @@
 package control

 import (
+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/doctor.go
+++ b/cmd/frostfs-cli/modules/control/doctor.go
@ -1,10 +1,10 @@
 package control

 import (
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/drop_objects.go
+++ b/cmd/frostfs-cli/modules/control/drop_objects.go
@ -1,10 +1,10 @@
 package control

 import (
+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/evacuate_shard.go
+++ b/cmd/frostfs-cli/modules/control/evacuate_shard.go
@ -1,10 +1,10 @@
 package control

 import (
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/evacuation.go
+++ b/cmd/frostfs-cli/modules/control/evacuation.go
@ -7,11 +7,11 @@ import (
 	"sync/atomic"
 	"time"

+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/shard"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	clientSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
@ -20,10 +20,6 @@ const (
 	awaitFlag      = "await"
 	noProgressFlag = "no-progress"
 	scopeFlag      = "scope"
-	repOneOnlyFlag = "rep-one-only"
-
-	containerWorkerCountFlag = "container-worker-count"
-	objectWorkerCountFlag    = "object-worker-count"

 	scopeAll     = "all"
 	scopeObjects = "objects"
@ -68,18 +64,12 @@ func startEvacuateShard(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)

 	ignoreErrors, _ := cmd.Flags().GetBool(ignoreErrorsFlag)
-	containerWorkerCount, _ := cmd.Flags().GetUint32(containerWorkerCountFlag)
-	objectWorkerCount, _ := cmd.Flags().GetUint32(objectWorkerCountFlag)
-	repOneOnly, _ := cmd.Flags().GetBool(repOneOnlyFlag)

 	req := &control.StartShardEvacuationRequest{
 		Body: &control.StartShardEvacuationRequest_Body{
-			Shard_ID:             getShardIDList(cmd),
-			IgnoreErrors:         ignoreErrors,
-			Scope:                getEvacuationScope(cmd),
-			ContainerWorkerCount: containerWorkerCount,
-			ObjectWorkerCount:    objectWorkerCount,
-			RepOneOnly:           repOneOnly,
+			Shard_ID:     getShardIDList(cmd),
+			IgnoreErrors: ignoreErrors,
+			Scope:        getEvacuationScope(cmd),
 		},
 	}

@ -381,9 +371,6 @@ func initControlStartEvacuationShardCmd() {
 	flags.String(scopeFlag, scopeAll, fmt.Sprintf("Evacuation scope; possible values: %s, %s, %s", scopeTrees, scopeObjects, scopeAll))
 	flags.Bool(awaitFlag, false, "Block execution until evacuation is completed")
 	flags.Bool(noProgressFlag, false, fmt.Sprintf("Print progress if %s provided", awaitFlag))
-	flags.Uint32(containerWorkerCountFlag, 0, "Count of concurrent container evacuation workers")
-	flags.Uint32(objectWorkerCountFlag, 0, "Count of concurrent object evacuation workers")
-	flags.Bool(repOneOnlyFlag, false, "Evacuate objects only from containers with policy 'REP 1 ...'")

 	startEvacuationShardCmd.MarkFlagsMutuallyExclusive(shardIDFlag, shardAllFlag)
 }
--- a/cmd/frostfs-cli/modules/control/flush_cache.go
+++ b/cmd/frostfs-cli/modules/control/flush_cache.go
@ -1,10 +1,10 @@
 package control

 import (
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/get_rule.go
+++ b/cmd/frostfs-cli/modules/control/get_rule.go
@ -3,11 +3,11 @@ package control
 import (
 	"encoding/hex"

+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apecmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
@ -24,8 +24,8 @@ func getRule(cmd *cobra.Command, _ []string) {

 	target := parseTarget(cmd)

-	chainID, _ := cmd.Flags().GetString(apecmd.ChainIDFlag)
-	hexEncoded, _ := cmd.Flags().GetBool(apecmd.ChainIDHexFlag)
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)

 	if hexEncoded {
 		chainIDBytes, err := hex.DecodeString(chainID)
@ -56,16 +56,16 @@ func getRule(cmd *cobra.Command, _ []string) {

 	var chain apechain.Chain
 	commonCmd.ExitOnErr(cmd, "decode error: %w", chain.DecodeBytes(resp.GetBody().GetChain()))
-	apecmd.PrintHumanReadableAPEChain(cmd, &chain)
+	util.PrintHumanReadableAPEChain(cmd, &chain)
 }

 func initControGetRuleCmd() {
 	initControlFlags(getRuleCmd)

 	ff := getRuleCmd.Flags()
-	ff.String(apecmd.TargetNameFlag, "", apecmd.TargetNameFlagDesc)
-	ff.String(apecmd.TargetTypeFlag, "", apecmd.TargetTypeFlagDesc)
-	_ = getRuleCmd.MarkFlagRequired(apecmd.TargetTypeFlag)
-	ff.String(apecmd.ChainIDFlag, "", "Chain id")
-	ff.Bool(apecmd.ChainIDHexFlag, false, "Flag to parse chain ID as hex")
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = getRuleCmd.MarkFlagRequired(targetTypeFlag)
+	ff.String(chainIDFlag, "", "Chain id")
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 }
--- a/cmd/frostfs-cli/modules/control/healthcheck.go
+++ b/cmd/frostfs-cli/modules/control/healthcheck.go
@ -3,11 +3,11 @@ package control
 import (
 	"os"

+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/ir_healthcheck.go
+++ b/cmd/frostfs-cli/modules/control/ir_healthcheck.go
@ -3,12 +3,12 @@ package control
 import (
 	"os"

+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	ircontrol "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
 	ircontrolsrv "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir/server"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/ir_remove_container.go
+++ b/cmd/frostfs-cli/modules/control/ir_remove_container.go
@ -1,13 +1,13 @@
 package control

 import (
+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	ircontrol "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
 	ircontrolsrv "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir/server"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
--- a/cmd/frostfs-cli/modules/control/ir_remove_node.go
+++ b/cmd/frostfs-cli/modules/control/ir_remove_node.go
@ -4,11 +4,11 @@ import (
 	"encoding/hex"
 	"errors"

+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	ircontrol "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
 	ircontrolsrv "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir/server"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/ir_tick_epoch.go
+++ b/cmd/frostfs-cli/modules/control/ir_tick_epoch.go
@ -1,11 +1,11 @@
 package control

 import (
+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	ircontrol "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
 	ircontrolsrv "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir/server"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

--- a/cmd/frostfs-cli/modules/control/list_rules.go
+++ b/cmd/frostfs-cli/modules/control/list_rules.go
@ -1,16 +1,18 @@
 package control

 import (
+	"errors"
 	"fmt"
 	"strings"

+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
+	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
-	policyengine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
+	"github.com/nspcc-dev/neo-go/cli/input"
 	"github.com/spf13/cobra"
 )

@ -21,25 +23,65 @@ var listRulesCmd = &cobra.Command{
 	Run:   listRules,
 }

-var engineToControlSvcType = map[policyengine.TargetType]control.ChainTarget_TargetType{
-	policyengine.Namespace: control.ChainTarget_NAMESPACE,
-	policyengine.Container: control.ChainTarget_CONTAINER,
-	policyengine.User:      control.ChainTarget_USER,
-	policyengine.Group:     control.ChainTarget_GROUP,
-}
+const (
+	defaultNamespace = "root"
+	namespaceTarget  = "namespace"
+	containerTarget  = "container"
+	userTarget       = "user"
+	groupTarget      = "group"
+)
+
+const (
+	targetNameFlag = "target-name"
+	targetNameDesc = "Resource name in APE resource name format"
+	targetTypeFlag = "target-type"
+	targetTypeDesc = "Resource type(container/namespace)"
+)
+
+var (
+	errSettingDefaultValueWasDeclined = errors.New("setting default value was declined")
+	errUnknownTargetType              = errors.New("unknown target type")
+)

 func parseTarget(cmd *cobra.Command) *control.ChainTarget {
-	target := apeCmd.ParseTarget(cmd)
-
-	typ, ok := engineToControlSvcType[target.Type]
-	if !ok {
-		commonCmd.ExitOnErr(cmd, "%w", fmt.Errorf("unknown type '%c", target.Type))
-	}
-
-	return &control.ChainTarget{
-		Name: target.Name,
-		Type: typ,
+	typ, _ := cmd.Flags().GetString(targetTypeFlag)
+	name, _ := cmd.Flags().GetString(targetNameFlag)
+	switch typ {
+	case namespaceTarget:
+		if name == "" {
+			ln, err := input.ReadLine(fmt.Sprintf("Target name is not set. Confirm to use %s namespace (n|Y)> ", defaultNamespace))
+			commonCmd.ExitOnErr(cmd, "read line error: %w", err)
+			ln = strings.ToLower(ln)
+			if len(ln) > 0 && (ln[0] == 'n') {
+				commonCmd.ExitOnErr(cmd, "read namespace error: %w", errSettingDefaultValueWasDeclined)
+			}
+			name = defaultNamespace
+		}
+		return &control.ChainTarget{
+			Name: name,
+			Type: control.ChainTarget_NAMESPACE,
+		}
+	case containerTarget:
+		var cnr cid.ID
+		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
+		return &control.ChainTarget{
+			Name: name,
+			Type: control.ChainTarget_CONTAINER,
+		}
+	case userTarget:
+		return &control.ChainTarget{
+			Name: name,
+			Type: control.ChainTarget_USER,
+		}
+	case groupTarget:
+		return &control.ChainTarget{
+			Name: name,
+			Type: control.ChainTarget_GROUP,
+		}
+	default:
+		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
 	}
+	return nil
 }

 func listRules(cmd *cobra.Command, _ []string) {
@ -75,7 +117,7 @@ func listRules(cmd *cobra.Command, _ []string) {
 	for _, c := range chains {
 		var chain apechain.Chain
 		commonCmd.ExitOnErr(cmd, "decode error: %w", chain.DecodeBytes(c))
-		apeCmd.PrintHumanReadableAPEChain(cmd, &chain)
+		util.PrintHumanReadableAPEChain(cmd, &chain)
 	}
 }

@ -83,7 +125,7 @@ func initControlListRulesCmd() {
 	initControlFlags(listRulesCmd)

 	ff := listRulesCmd.Flags()
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
-	_ = listRulesCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = listRulesCmd.MarkFlagRequired(targetTypeFlag)
 }
--- a/cmd/frostfs-cli/modules/control/list_targets.go
+++ b/cmd/frostfs-cli/modules/control/list_targets.go
@ -2,20 +2,26 @@ package control

 import (
 	"bytes"
+	"crypto/sha256"
 	"fmt"
 	"strconv"
 	"text/tabwriter"

+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
+	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 )

+const (
+	chainNameFlag      = "chain-name"
+	chainNameFlagUsage = "Chain name(ingress|s3)"
+)
+
 var listTargetsCmd = &cobra.Command{
 	Use:   "list-targets",
 	Short: "List local targets",
@ -26,11 +32,15 @@ var listTargetsCmd = &cobra.Command{
 func listTargets(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)

-	chainName := apeCmd.ParseChainName(cmd)
+	var cnr cid.ID
+	chainName, _ := cmd.Flags().GetString(chainNameFlag)
+
+	rawCID := make([]byte, sha256.Size)
+	cnr.Encode(rawCID)

 	req := &control.ListTargetsLocalOverridesRequest{
 		Body: &control.ListTargetsLocalOverridesRequest_Body{
-			ChainName: string(chainName),
+			ChainName: chainName,
 		},
 	}

@ -72,7 +82,7 @@ func initControlListTargetsCmd() {
 	initControlFlags(listTargetsCmd)

 	ff := listTargetsCmd.Flags()
-	ff.String(apeCmd.ChainNameFlag, "", apeCmd.ChainNameFlagDesc)
+	ff.String(chainNameFlag, "", chainNameFlagUsage)

-	_ = cobra.MarkFlagRequired(ff, apeCmd.ChainNameFlag)
+	_ = cobra.MarkFlagRequired(ff, chainNameFlag)
 }
--- a/cmd/frostfs-cli/modules/control/rebuild_shards.go
+++ b/cmd/frostfs-cli/modules/control/rebuild_shards.go
@ -1,88 +0,0 @@
-package control
-
-import (
-	"fmt"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
-	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
-	"github.com/mr-tron/base58"
-	"github.com/spf13/cobra"
-)
-
-const (
-	fillPercentFlag = "fill_percent"
-)
-
-var shardsRebuildCmd = &cobra.Command{
-	Use:   "rebuild",
-	Short: "Rebuild shards",
-	Long:  "Rebuild reclaims storage occupied by dead objects and adjusts the storage structure according to the configuration (for blobovnicza only now)",
-	Run:   shardsRebuild,
-}
-
-func shardsRebuild(cmd *cobra.Command, _ []string) {
-	pk := key.Get(cmd)
-
-	req := &control.StartShardRebuildRequest{
-		Body: &control.StartShardRebuildRequest_Body{
-			Shard_ID:          getShardIDList(cmd),
-			TargetFillPercent: getFillPercentValue(cmd),
-			ConcurrencyLimit:  getConcurrencyValue(cmd),
-		},
-	}
-
-	signRequest(cmd, pk, req)
-
-	cli := getClient(cmd, pk)
-
-	var resp *control.StartShardRebuildResponse
-	var err error
-	err = cli.ExecRaw(func(client *rawclient.Client) error {
-		resp, err = control.StartShardRebuild(client, req)
-		return err
-	})
-	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
-
-	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
-
-	var success, failed uint
-	for _, res := range resp.GetBody().GetResults() {
-		if res.GetSuccess() {
-			success++
-			cmd.Printf("Shard %s: OK\n", base58.Encode(res.GetShard_ID()))
-		} else {
-			failed++
-			cmd.Printf("Shard %s: failed with error %q\n", base58.Encode(res.GetShard_ID()), res.GetError())
-		}
-	}
-	cmd.Printf("Total: %d success, %d failed\n", success, failed)
-}
-
-func getFillPercentValue(cmd *cobra.Command) uint32 {
-	v, _ := cmd.Flags().GetUint32(fillPercentFlag)
-	if v <= 0 || v > 100 {
-		commonCmd.ExitOnErr(cmd, "invalid fill_percent value", fmt.Errorf("fill_percent value must be (0, 100], current value: %d", v))
-	}
-	return v
-}
-
-func getConcurrencyValue(cmd *cobra.Command) uint32 {
-	v, _ := cmd.Flags().GetUint32(concurrencyFlag)
-	if v <= 0 || v > 10000 {
-		commonCmd.ExitOnErr(cmd, "invalid concurrency value", fmt.Errorf("concurrency value must be (0, 10 000], current value: %d", v))
-	}
-	return v
-}
-
-func initControlShardRebuildCmd() {
-	initControlFlags(shardsRebuildCmd)
-
-	flags := shardsRebuildCmd.Flags()
-	flags.StringSlice(shardIDFlag, nil, "List of shard IDs in base58 encoding")
-	flags.Bool(shardAllFlag, false, "Process all shards")
-	flags.Uint32(fillPercentFlag, 80, "Target fill percent to reclaim space")
-	flags.Uint32(concurrencyFlag, 20, "Maximum count of concurrently rebuilding files")
-	setShardModeCmd.MarkFlagsMutuallyExclusive(shardIDFlag, shardAllFlag)
-}
--- a/cmd/frostfs-cli/modules/control/remove_rule.go
+++ b/cmd/frostfs-cli/modules/control/remove_rule.go
@ -4,14 +4,19 @@ import (
 	"encoding/hex"
 	"errors"

+	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apecmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"github.com/spf13/cobra"
 )

+const (
+	chainIDFlag    = "chain-id"
+	chainIDHexFlag = "chain-id-hex"
+	allFlag        = "all"
+)
+
 var (
 	errEmptyChainID = errors.New("chain id cannot be empty")

@ -25,8 +30,8 @@ var (

 func removeRule(cmd *cobra.Command, _ []string) {
 	pk := key.Get(cmd)
-	hexEncoded, _ := cmd.Flags().GetBool(apecmd.ChainIDHexFlag)
-	removeAll, _ := cmd.Flags().GetBool(apecmd.AllFlag)
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
+	removeAll, _ := cmd.Flags().GetBool(allFlag)
 	if removeAll {
 		req := &control.RemoveChainLocalOverridesByTargetRequest{
 			Body: &control.RemoveChainLocalOverridesByTargetRequest_Body{
@ -47,7 +52,7 @@ func removeRule(cmd *cobra.Command, _ []string) {
 		return
 	}

-	chainID, _ := cmd.Flags().GetString(apecmd.ChainIDFlag)
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w", errEmptyChainID)
 	}
@ -87,11 +92,11 @@ func initControlRemoveRuleCmd() {
 	initControlFlags(removeRuleCmd)

 	ff := removeRuleCmd.Flags()
-	ff.String(apecmd.TargetNameFlag, "", apecmd.TargetNameFlagDesc)
-	ff.String(apecmd.TargetTypeFlag, "", apecmd.TargetTypeFlagDesc)
-	_ = removeRuleCmd.MarkFlagRequired(apecmd.TargetTypeFlag)
-	ff.String(apecmd.ChainIDFlag, "", apecmd.ChainIDFlagDesc)
-	ff.Bool(apecmd.ChainIDHexFlag, false, apecmd.ChainIDHexFlagDesc)
-	ff.Bool(apecmd.AllFlag, false, "Remove all chains")
-	removeRuleCmd.MarkFlagsMutuallyExclusive(apecmd.AllFlag, apecmd.ChainIDFlag)
+	ff.String(targetNameFlag, "", targetNameDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
+	_ = removeRuleCmd.MarkFlagRequired(targetTypeFlag)
+	ff.String(chainIDFlag, "", "Chain id")
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
+	ff.Bool(allFlag, false, "Remove all chains")
+	removeRuleCmd.MarkFlagsMutuallyExclusive(allFlag, chainIDFlag)
 }
--- a/cmd/frostfs-cli/modules/control/set_netmap_status.go
+++ b/cmd/frostfs-cli/modules/control/set_netmap_status.go
@ -6,12 +6,12 @@ import (
 	"fmt"
 	"time"

+	rawclient "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
-	rawclient "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
@ -84,7 +84,7 @@ func setNetmapStatus(cmd *cobra.Command, _ []string) {
 		body.SetStatus(control.NetmapStatus_MAINTENANCE)

 		if force {
-			body.SetForceMaintenance(true)
+			body.SetForceMaintenance()
 			common.PrintVerbose(cmd, "Local maintenance will be forced.")
 		}
 		targetStatus = control.NetmapStatus_MAINTENANCE
--- a/cmd/frostfs-cli/modules/control/shards.go
+++ b/cmd/frostfs-cli/modules/control/shards.go
@ -19,7 +19,6 @@ func initControlShardsCmd() {
 	shardsCmd.AddCommand(doctorCmd)
 	shardsCmd.AddCommand(writecacheShardCmd)
 	shardsCmd.AddCommand(shardsDetachCmd)
-	shardsCmd.AddCommand(shardsRebuildCmd)

 	initControlShardsListCmd()
 	initControlSetShardModeCmd()
@ -29,5 +28,4 @@ func initControlShardsCmd() {
 	initControlDoctorCmd()
 	initControlShardsWritecacheCmd()
 	initControlShardsDetachCmd()
-	initControlShardRebuildCmd()
 }
--- a/Show more
+++ b/Show more
Author	SHA1	Message	Date
Dmitrii Stepanov	43d6fbf73b	[#1339 ] getSvc: Fix access denied error handling All checks were successful DCO action / DCO (pull_request) Successful in 5m19s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 6m5s Details Vulncheck / Vulncheck (pull_request) Successful in 5m59s Details Tests and linters / Tests (1.22) (pull_request) Successful in 6m19s Details Tests and linters / Tests (1.21) (pull_request) Successful in 6m21s Details Tests and linters / Staticcheck (pull_request) Successful in 6m38s Details Tests and linters / Tests with -race (pull_request) Successful in 6m39s Details Tests and linters / Lint (pull_request) Successful in 6m49s Details Tests and linters / gopls check (pull_request) Successful in 6m46s Details Build / Build Components (1.22) (pull_request) Successful in 6m45s Details Build / Build Components (1.21) (pull_request) Successful in 6m44s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-28 14:00:57 +03:00
Evgenii Stratonikov	01e18eda43	[#1328 ] pilorama: Do not skip items in SortedByFilename All checks were successful DCO action / DCO (pull_request) Successful in 1m36s Details Vulncheck / Vulncheck (pull_request) Successful in 2m22s Details Build / Build Components (1.21) (pull_request) Successful in 2m50s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 3m8s Details Build / Build Components (1.22) (pull_request) Successful in 3m14s Details Tests and linters / Tests (1.22) (pull_request) Successful in 3m27s Details Tests and linters / Tests (1.21) (pull_request) Successful in 3m28s Details Tests and linters / Staticcheck (pull_request) Successful in 3m23s Details Tests and linters / Tests with -race (pull_request) Successful in 3m34s Details Tests and linters / Lint (pull_request) Successful in 3m47s Details Tests and linters / gopls check (pull_request) Successful in 4m5s Details Benchmark results: ``` goos: linux goarch: amd64 pkg: git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/pilorama cpu: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz │ old │ new │ │ sec/op │ sec/op vs base │ ForestSortedIteration/bbolt,root-8 207.2µ ± 6% 173.6µ ± 6% -16.23% (p=0.000 n=10) ForestSortedIteration/bbolt,leaf-8 3.910µ ± 5% 3.928µ ± 7% ~ (p=0.529 n=10) geomean 28.46µ 26.11µ -8.27% ``` They are not representative, as the worst case is when we have multiple items of different lengths. However, `FileName` is usually less than 100 in practice, so the asymptotics is the same. Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-08-23 13:41:01 +03:00
Evgenii Stratonikov	3e89e744aa	[#1328 ] pilorama: Add tricky test for SortedByFilename Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-08-23 13:23:15 +03:00
Anton Nikiforov	5aef303259	[#1318 ] meta: Add test `TestInhumeECObject` All checks were successful DCO action / DCO (pull_request) Successful in 1m40s Details Vulncheck / Vulncheck (pull_request) Successful in 1m56s Details Build / Build Components (1.21) (pull_request) Successful in 2m26s Details Build / Build Components (1.22) (pull_request) Successful in 2m34s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m55s Details Tests and linters / Tests (1.21) (pull_request) Successful in 2m55s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m54s Details Tests and linters / Staticcheck (pull_request) Successful in 2m52s Details Tests and linters / Tests with -race (pull_request) Successful in 2m58s Details Tests and linters / Lint (pull_request) Successful in 3m11s Details Tests and linters / gopls check (pull_request) Successful in 3m47s Details Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-08-20 16:34:42 +03:00
Anton Nikiforov	dd570c9344	[#1318 ] metrics: Fix `container_size_bytes` for EC When node put chunk into EC container, `policer` may remove it as redundant. This chunk marked as removed. When parent object removed and `gc` start iterating over chunk, node count removing chunk twice. Signed-off-by: Anton Nikiforov <an.nikiforov@yadro.com>	2024-08-20 16:31:59 +03:00
Dmitrii Stepanov	149f8f4b08	[#1319 ] treeSvc: Do not wrap error from APE All checks were successful Vulncheck / Vulncheck (pull_request) Successful in 3m40s Details DCO action / DCO (pull_request) Successful in 3m35s Details Build / Build Components (1.21) (pull_request) Successful in 4m19s Details Build / Build Components (1.22) (pull_request) Successful in 4m17s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 4m16s Details Tests and linters / Tests (1.21) (pull_request) Successful in 4m16s Details Tests and linters / Tests (1.22) (pull_request) Successful in 4m18s Details Tests and linters / Staticcheck (pull_request) Successful in 4m34s Details Tests and linters / Tests with -race (pull_request) Successful in 4m38s Details Tests and linters / Lint (pull_request) Successful in 4m52s Details Tests and linters / gopls check (pull_request) Successful in 5m11s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-19 18:39:25 +03:00
Ekaterina Lebedeva	f82b7e1ae3	[#1135 ] ir: Add healthstatus RECONFIGURING All checks were successful DCO action / DCO (pull_request) Successful in 1m57s Details Vulncheck / Vulncheck (pull_request) Successful in 2m0s Details Build / Build Components (1.21) (pull_request) Successful in 2m38s Details Build / Build Components (1.22) (pull_request) Successful in 2m36s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m54s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m48s Details Tests and linters / Tests (1.21) (pull_request) Successful in 2m50s Details Tests and linters / Tests with -race (pull_request) Successful in 2m53s Details Tests and linters / Staticcheck (pull_request) Successful in 2m58s Details Tests and linters / Lint (pull_request) Successful in 3m15s Details Tests and linters / gopls check (pull_request) Successful in 3m33s Details Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com>	2024-08-15 18:24:10 +03:00
Evgenii Stratonikov	4c520be9f1	[#1313 ] blobovnicza: Prevent concurrent Put/Close All checks were successful Vulncheck / Vulncheck (pull_request) Successful in 1m59s Details DCO action / DCO (pull_request) Successful in 1m53s Details Build / Build Components (1.21) (pull_request) Successful in 2m20s Details Build / Build Components (1.22) (pull_request) Successful in 2m26s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m56s Details Tests and linters / Staticcheck (pull_request) Successful in 2m47s Details Tests and linters / Tests (1.21) (pull_request) Successful in 2m56s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m57s Details Tests and linters / Lint (pull_request) Successful in 3m7s Details Tests and linters / Tests with -race (pull_request) Successful in 3m7s Details Tests and linters / gopls check (pull_request) Successful in 3m46s Details Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-08-15 15:49:07 +03:00
Dmitrii Stepanov	8b4f3d82c9	[#1302 ] putSvc: Override SuccessAfter for non-regular objects in EC containers Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-09 10:06:18 +00:00
Dmitrii Stepanov	078b5fdd6e	[#1302 ] writecache: Allow to specify custom page size All checks were successful DCO action / DCO (pull_request) Successful in 2m44s Details Vulncheck / Vulncheck (pull_request) Successful in 2m49s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 3m31s Details Build / Build Components (1.22) (pull_request) Successful in 3m23s Details Build / Build Components (1.21) (pull_request) Successful in 3m25s Details Tests and linters / Tests (1.21) (pull_request) Successful in 3m41s Details Tests and linters / Tests (1.22) (pull_request) Successful in 3m41s Details Tests and linters / Tests with -race (pull_request) Successful in 3m49s Details Tests and linters / Staticcheck (pull_request) Successful in 3m52s Details Tests and linters / Lint (pull_request) Successful in 4m15s Details Tests and linters / gopls check (pull_request) Successful in 4m19s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-09 12:39:11 +03:00
Dmitrii Stepanov	b3ab9589a5	[#1302 ] writecache: Add put->flush->put benchmark Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-09 12:35:05 +03:00
Dmitrii Stepanov	54862250b2	[#1295 ] getSvc: Assemble complex EC object headers without linking object All checks were successful DCO action / DCO (pull_request) Successful in 1m30s Details Vulncheck / Vulncheck (pull_request) Successful in 1m46s Details Build / Build Components (1.22) (pull_request) Successful in 2m18s Details Build / Build Components (1.21) (pull_request) Successful in 2m27s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m46s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m46s Details Tests and linters / Tests (1.21) (pull_request) Successful in 2m48s Details Tests and linters / Staticcheck (pull_request) Successful in 2m42s Details Tests and linters / Tests with -race (pull_request) Successful in 2m51s Details Tests and linters / Lint (pull_request) Successful in 3m9s Details Tests and linters / gopls check (pull_request) Successful in 3m20s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-06 17:51:23 +03:00
Dmitrii Stepanov	89d670c2f0	[#1295 ] engine: Resolve funlen linter Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-06 17:51:06 +03:00
Dmitrii Stepanov	87c5954f4e	[#1295 ] engine: Log object address in case of error Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-06 17:50:48 +03:00
Dmitrii Stepanov	28fc41bd98	[#1291 ] morph: Reconnect to the highest priority endpoint All checks were successful DCO action / DCO (pull_request) Successful in 1m50s Details Vulncheck / Vulncheck (pull_request) Successful in 2m7s Details Build / Build Components (1.21) (pull_request) Successful in 2m28s Details Build / Build Components (1.22) (pull_request) Successful in 2m25s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 3m4s Details Tests and linters / Tests (1.22) (pull_request) Successful in 3m7s Details Tests and linters / Staticcheck (pull_request) Successful in 3m0s Details Tests and linters / Lint (pull_request) Successful in 3m16s Details Tests and linters / Tests with -race (pull_request) Successful in 3m15s Details Tests and linters / Tests (1.21) (pull_request) Successful in 3m30s Details Tests and linters / gopls check (pull_request) Successful in 4m10s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-05 13:17:44 +03:00
Dmitrii Stepanov	20f308876c	[#1288 ] putSvc: Respect TTL for EC put All checks were successful DCO action / DCO (pull_request) Successful in 3m6s Details Vulncheck / Vulncheck (pull_request) Successful in 3m10s Details Tests and linters / Tests (1.22) (pull_request) Successful in 3m33s Details Build / Build Components (1.22) (pull_request) Successful in 3m47s Details Build / Build Components (1.21) (pull_request) Successful in 3m51s Details Tests and linters / Staticcheck (pull_request) Successful in 4m0s Details Tests and linters / Tests with -race (pull_request) Successful in 4m5s Details Tests and linters / Lint (pull_request) Successful in 4m18s Details Tests and linters / gopls check (pull_request) Successful in 5m14s Details Tests and linters / Tests (1.21) (pull_request) Successful in 1m57s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 57s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-02 17:55:54 +03:00
Airat Arifullin	02d191e9a6	[#1279 ] adm: Interpret "root" name as empty for namespace target type All checks were successful DCO action / DCO (pull_request) Successful in 1m35s Details Vulncheck / Vulncheck (pull_request) Successful in 1m57s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m11s Details Build / Build Components (1.22) (pull_request) Successful in 2m26s Details Build / Build Components (1.21) (pull_request) Successful in 2m32s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m30s Details Tests and linters / Staticcheck (pull_request) Successful in 2m45s Details Tests and linters / Tests with -race (pull_request) Successful in 2m54s Details Tests and linters / Lint (pull_request) Successful in 3m8s Details Tests and linters / gopls check (pull_request) Successful in 4m16s Details Tests and linters / Tests (1.21) (pull_request) Successful in 1m57s Details Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-08-01 16:11:44 +03:00
Dmitrii Stepanov	cecb3f7867	[#1282 ] cli: Allow to external addresses first for `object nodes` All checks were successful DCO action / DCO (pull_request) Successful in 1m12s Details Build / Build Components (1.22) (pull_request) Successful in 2m14s Details Build / Build Components (1.21) (pull_request) Successful in 2m14s Details Vulncheck / Vulncheck (pull_request) Successful in 1m56s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m44s Details Tests and linters / Staticcheck (pull_request) Successful in 2m49s Details Tests and linters / Tests (1.22) (pull_request) Successful in 2m53s Details Tests and linters / Lint (pull_request) Successful in 3m15s Details Tests and linters / Tests with -race (pull_request) Successful in 3m22s Details Tests and linters / gopls check (pull_request) Successful in 3m34s Details Tests and linters / Tests (1.21) (pull_request) Successful in 1m58s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-08-01 09:18:18 +03:00
Dmitrii Stepanov	f53d30fa95	[#1278 ] containerSvc: Validate FrostFSID subject exitence on Put All checks were successful Build / Build Components (1.21) (pull_request) Successful in 1m37s Details Build / Build Components (1.22) (pull_request) Successful in 2m49s Details Vulncheck / Vulncheck (pull_request) Successful in 2m25s Details Tests and linters / Tests with -race (pull_request) Successful in 5m21s Details Tests and linters / Tests (1.22) (pull_request) Successful in 5m48s Details DCO action / DCO (pull_request) Successful in 31s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 1m12s Details Tests and linters / Staticcheck (pull_request) Successful in 1m44s Details Tests and linters / Lint (pull_request) Successful in 2m20s Details Tests and linters / gopls check (pull_request) Successful in 2m33s Details Tests and linters / Tests (1.21) (pull_request) Successful in 3m36s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-07-29 16:05:10 +03:00
Dmitrii Stepanov	1b92817bd3	[#1278 ] ir: Do not allow to create container without FrostFSID record Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-07-29 16:04:53 +03:00
Evgenii Stratonikov	32ec421ac7	[#1277 ] go.mod: Update api-go All checks were successful DCO action / DCO (pull_request) Successful in 1m24s Details Vulncheck / Vulncheck (pull_request) Successful in 1m26s Details Build / Build Components (1.21) (pull_request) Successful in 2m17s Details Build / Build Components (1.22) (pull_request) Successful in 2m9s Details Tests and linters / Staticcheck (pull_request) Successful in 3m1s Details Tests and linters / gopls check (pull_request) Successful in 3m29s Details Tests and linters / Lint (pull_request) Successful in 4m16s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 5m27s Details Tests and linters / Tests with -race (pull_request) Successful in 7m5s Details Tests and linters / Tests (1.21) (pull_request) Successful in 8m1s Details Tests and linters / Tests (1.22) (pull_request) Successful in 8m2s Details Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-07-26 17:27:41 +03:00
Airat Arifullin	4d102b05e5	[#1274 ] go.mod: Update neo-go version that fixes ws-client All checks were successful DCO action / DCO (pull_request) Successful in 1m17s Details Build / Build Components (1.21) (pull_request) Successful in 1m59s Details Build / Build Components (1.22) (pull_request) Successful in 2m9s Details Vulncheck / Vulncheck (pull_request) Successful in 1m45s Details Tests and linters / Staticcheck (pull_request) Successful in 2m45s Details Tests and linters / gopls check (pull_request) Successful in 3m18s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 5m2s Details Tests and linters / Lint (pull_request) Successful in 4m58s Details Tests and linters / Tests with -race (pull_request) Successful in 5m4s Details Tests and linters / Tests (1.21) (pull_request) Successful in 7m46s Details Tests and linters / Tests (1.22) (pull_request) Successful in 7m48s Details * Update go.mod; * This neo-go package version contains fix for the wsclient that allows to morph event listener refresh the invalidated websocket connection to neo-go. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>	2024-07-26 15:52:03 +03:00
Dmitrii Stepanov	308da7cb01	[#1271 ] getSvc: Fix local EC chunk get All checks were successful DCO action / DCO (pull_request) Successful in 1m2s Details Vulncheck / Vulncheck (pull_request) Successful in 1m22s Details Build / Build Components (1.22) (pull_request) Successful in 2m36s Details Build / Build Components (1.21) (pull_request) Successful in 2m36s Details Tests and linters / Staticcheck (pull_request) Successful in 3m19s Details Tests and linters / gopls check (pull_request) Successful in 3m27s Details Tests and linters / Lint (pull_request) Successful in 4m22s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 5m14s Details Tests and linters / Tests (1.21) (pull_request) Successful in 8m12s Details Tests and linters / Tests (1.22) (pull_request) Successful in 8m14s Details Tests and linters / Tests with -race (pull_request) Successful in 8m29s Details Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-07-24 10:23:35 +03:00
Dmitrii Stepanov	37b83c0856	[#1271 ] getSvc: Fix `head --raw` assemble for EC Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>	2024-07-24 10:23:15 +03:00