[#9999 ] adm: Drop rpc-endpoint flag from zombie scan

Morph addresses from config are used. Change-Id: I6b93c638a1366ad952e5210569c6d9d9a9c35889 Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
[#9999 ] core: Extend object info string with EC header
2025-04-10 16:07:58 +03:00 · 2025-04-09 17:45:55 +03:00 · 2025-04-09 17:45:55 +03:00 · 2025-04-09 11:17:59 +03:00 · 2024-12-11 13:21:52 +03:00 · 2024-12-06 11:20:16 +03:00
1015 changed files with 37184 additions and 57049 deletions
--- a/.ci/Jenkinsfile
+++ b/.ci/Jenkinsfile
@ -1,81 +0,0 @@
 def golang = ['1.23', '1.24']
 def golangDefault = "golang:${golang.last()}"
 async {
    for (version in golang) {
        def go = version
        task("test/go${go}") {
            container("golang:${go}") {
                sh 'make test'
            }
        }
        task("build/go${go}") {
            container("golang:${go}") {
                for (app in ['cli', 'node', 'ir', 'adm', 'lens']) {
                    sh """
                        make bin/frostfs-${app}
                        bin/frostfs-${app} --version
                    """
                }
            }
        }
    }
    task('test/race') {
        container(golangDefault) {
            sh 'make test GOFLAGS="-count=1 -race"'
        }
    }
    task('lint') {
        container(golangDefault) {
            sh 'make lint-install lint'
        }
    }
    task('staticcheck') {
        container(golangDefault) {
            sh 'make staticcheck-install staticcheck-run'
        }
    }
    task('gopls') {
        container(golangDefault) {
            sh 'make gopls-install gopls-run'
        }
    }
    task('gofumpt') {
        container(golangDefault) {
            sh '''
                make fumpt-install
                make fumpt
                git diff --exit-code --quiet
            '''
        }
    }
    task('vulncheck') {
        container(golangDefault) {
            sh '''
                go install golang.org/x/vuln/cmd/govulncheck@latest
                govulncheck ./...
            '''
        }
    }
    task('pre-commit') {
        dockerfile("""
            FROM ${golangDefault}
            RUN apt update && \
                apt install -y --no-install-recommends pre-commit
        """) {
            withEnv(['SKIP=make-lint,go-staticcheck-repo-mod,go-unit-tests,gofumpt']) {
                sh 'pre-commit run --color=always --hook-stage=manual --all-files'
            }
        }
    }
 }
--- a/.docker/Dockerfile.adm
+++ b/.docker/Dockerfile.adm
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ci
+++ b/.docker/Dockerfile.ci
@ -1,4 +1,4 @@
-FROM golang:1.23
+FROM golang:1.22
 WORKDIR /tmp
--- a/.docker/Dockerfile.cli
+++ b/.docker/Dockerfile.cli
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.ir
+++ b/.docker/Dockerfile.ir
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.docker/Dockerfile.storage
+++ b/.docker/Dockerfile.storage
@ -1,4 +1,4 @@
-FROM golang:1.23 AS builder
+FROM golang:1.22 as builder
 ARG BUILD=now
 ARG VERSION=dev
 ARG REPO=repository
--- a/.forgejo/workflows/build.yml
+++ b/.forgejo/workflows/build.yml
@ -1,10 +1,6 @@
 name: Build
-on:
+on: [pull_request]
  pull_request:
  push:
    branches:
      - master
 jobs:
  build:
@ -12,7 +8,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.23', '1.24' ]
+        go_versions: [ '1.22', '1.23' ]
    steps:
      - uses: actions/checkout@v3
--- a/.forgejo/workflows/dco.yml
+++ b/.forgejo/workflows/dco.yml
@ -13,7 +13,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.24'
+          go-version: '1.22'
      - name: Run commit format checker
        uses: https://git.frostfs.info/TrueCloudLab/dco-go@v3
--- a/.forgejo/workflows/oci-image.yml
+++ b/.forgejo/workflows/oci-image.yml
@ -1,28 +0,0 @@
 name: OCI image
 on:
  push:
  workflow_dispatch:
 jobs:
  image:
    name: Build container images
    runs-on: docker
    container: git.frostfs.info/truecloudlab/env:oci-image-builder-bookworm
    steps:
      - name: Clone git repo
        uses: actions/checkout@v3
      - name: Build OCI image
        run: make images
      - name: Push image to OCI registry
        run: |
          echo "$REGISTRY_PASSWORD" \
            | docker login --username truecloudlab --password-stdin git.frostfs.info
          make push-images
        if: >-
          startsWith(github.ref, 'refs/tags/v') &&
          (github.event_name == 'workflow_dispatch' || github.event_name == 'push')
        env:
          REGISTRY_PASSWORD: ${{secrets.FORGEJO_OCI_REGISTRY_PUSH_TOKEN}}
--- a/.forgejo/workflows/pre-commit.yml
+++ b/.forgejo/workflows/pre-commit.yml
@ -1,10 +1,5 @@
 name: Pre-commit hooks
-
+on: [pull_request]
 on:
  pull_request:
  push:
    branches:
      - master
 jobs:
  precommit:
@ -21,7 +16,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: 1.24
+          go-version: 1.23
      - name: Set up Python
        run: |
          apt update
--- a/.forgejo/workflows/tests.yml
+++ b/.forgejo/workflows/tests.yml
@ -1,10 +1,5 @@
 name: Tests and linters
-
+on: [pull_request]
 on:
  pull_request:
  push:
    branches:
      - master
 jobs:
  lint:
@ -16,7 +11,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.24'
+          go-version: '1.23'
          cache: true
      - name: Install linters
@ -30,7 +25,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        go_versions: [ '1.23', '1.24' ]
+        go_versions: [ '1.22', '1.23' ]
      fail-fast: false
    steps:
      - uses: actions/checkout@v3
@ -53,7 +48,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.24'
+          go-version: '1.22'
          cache: true
      - name: Run tests
@ -68,7 +63,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.24'
+          go-version: '1.23'
          cache: true
      - name: Install staticcheck
@ -94,23 +89,3 @@ jobs:
      - name: Run gopls
        run: make gopls-run
  fumpt:
    name: Run gofumpt
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Set up Go
        uses: actions/setup-go@v3
        with:
          go-version: '1.24'
          cache: true
      - name: Install gofumpt
        run: make fumpt-install
      - name: Run gofumpt
        run: |
          make fumpt
          git diff --exit-code --quiet
--- a/.forgejo/workflows/vulncheck.yml
+++ b/.forgejo/workflows/vulncheck.yml
@ -1,10 +1,5 @@
 name: Vulncheck
-
+on: [pull_request]
 on:
  pull_request:
  push:
    branches:
      - master
 jobs:
  vulncheck:
@ -18,8 +13,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
-          go-version: '1.24'
+          go-version: '1.23'
          check-latest: true
      - name: Install govulncheck
        run: go install golang.org/x/vuln/cmd/govulncheck@latest
--- a/.forgejo/ISSUE_TEMPLATE/bug_report.md
+++ b/.forgejo/ISSUE_TEMPLATE/bug_report.md
--- a/.forgejo/ISSUE_TEMPLATE/config.yml
+++ b/.forgejo/ISSUE_TEMPLATE/config.yml
--- a/.forgejo/ISSUE_TEMPLATE/feature_request.md
+++ b/.forgejo/ISSUE_TEMPLATE/feature_request.md
--- a/.forgejo/logo.svg
+++ b/.forgejo/logo.svg
--- a/.golangci.yml
+++ b/.golangci.yml
@ -1,107 +1,87 @@
-version: "2"
+# This file contains all available configuration options
 # with their default values.
 # options for analysis running
 run:
  # timeout for analysis, e.g. 30s, 5m, default is 1m
  timeout: 20m
  # include test files or not, default is true
  tests: false
 # output configuration options
 output:
  # colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
  formats:
-    tab:
+    - format: tab
-      path: stdout
+
-      colors: false
+# all available settings of specific linters
 linters-settings:
  exhaustive:
    # indicates that switch statements are to be considered exhaustive if a
    # 'default' case is present, even if all enum members aren't listed in the
    # switch
    default-signifies-exhaustive: true
  govet:
    # report about shadowed variables
    check-shadowing: false
  staticcheck:
    checks: ["all", "-SA1019"] # TODO Enable SA1019 after deprecated warning are fixed.
  funlen:
    lines: 80 # default 60
    statements: 60 # default 40
  gocognit:
    min-complexity: 40 # default 30
  importas:
    no-unaliased: true
    no-extra-aliases: false
    alias:
      pkg: git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object
      alias: objectSDK
  custom:
    truecloudlab-linters:
      path: bin/linters/external_linters.so
      original-url: git.frostfs.info/TrueCloudLab/linters.git
      settings:
        noliteral:
          target-methods : ["reportFlushError", "reportError"]
          disable-packages: ["codes", "err", "res","exec"]
          constants-package: "git.frostfs.info/TrueCloudLab/frostfs-node/internal/logs"
 linters:
  default: none
  enable:
-    - bidichk
+    # mandatory linters
-    - containedctx
+    - govet
    - contextcheck
    - copyloopvar
    - durationcheck
    - errcheck
    - exhaustive
    - funlen
    - gocognit
    - gocritic
    - godot
    - importas
    - ineffassign
    - intrange
    - misspell
    - perfsprint
    - predeclared
    - protogetter
    - reassign
    - revive
    # some default golangci-lint linters
    - errcheck
    - gosimple
    - godot
    - ineffassign
    - staticcheck
-    - testifylint
+    - typecheck
    - truecloudlab-linters
    - unconvert
    - unparam
    - unused
-    - usetesting
+
-    - whitespace
+    # extra linters
-  settings:
+    - bidichk
-    exhaustive:
+    - durationcheck
-      default-signifies-exhaustive: true
+    - exhaustive
-    funlen:
+    - exportloopref
      lines: 80
      statements: 60
    gocognit:
      min-complexity: 40
    gocritic:
      disabled-checks:
        - ifElseChain
    importas:
      alias:
        - pkg: git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object
          alias: objectSDK
      no-unaliased: true
      no-extra-aliases: false
    staticcheck:
      checks:
        - all
        - -QF1002
    unused:
      field-writes-are-uses: false
      exported-fields-are-used: false
      local-variables-are-used: false
    custom:
      truecloudlab-linters:
        path: bin/linters/external_linters.so
        original-url: git.frostfs.info/TrueCloudLab/linters.git
        settings:
          noliteral:
            constants-package: git.frostfs.info/TrueCloudLab/frostfs-node/internal/logs
            disable-packages:
              - codes
              - err
              - res
              - exec
            target-methods:
              - reportFlushError
              - reportError
  exclusions:
    generated: lax
    presets:
      - comments
      - common-false-positives
      - legacy
      - std-error-handling
    paths:
      - third_party$
      - builtin$
      - examples$
 formatters:
  enable:
    - gci
    - gofmt
    - goimports
-  settings:
+    - misspell
-    gci:
+    - predeclared
-      sections:
+    - reassign
-        - standard
+    - whitespace
-        - default
+    - containedctx
-      custom-order: true
+    - funlen
-  exclusions:
+    - gocognit
-    generated: lax
+    - contextcheck
-    paths:
+    - importas
-      - third_party$
+    - truecloudlab-linters
-      - builtin$
+    - perfsprint
-      - examples$
+    - testifylint
    - protogetter
  disable-all: true
  fast: false
--- a/.woodpecker/pre-commit.yml
+++ b/.woodpecker/pre-commit.yml
@ -0,0 +1,11 @@
 pipeline:
  # Kludge for non-root containers under WoodPecker
  fix-ownership:
    image: alpine:latest
    commands: chown -R 1234:1234 .
  pre-commit:
    image: git.frostfs.info/truecloudlab/frostfs-ci:v0.36
    commands:
      - export HOME="$(getent passwd $(id -u) | cut '-d:' -f6)"
      - pre-commit run --hook-stage manual
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -9,30 +9,6 @@ Changelog for FrostFS Node
 ### Removed
 ### Updated
 ## [v0.44.0] - 2024-25-11 - Rongbuk
 ### Added
 - Allow to prioritize nodes during GET traversal via attributes (#1439)
 - Add metrics for the frostfsid cache (#1464)
 - Customize constant attributes attached to every tracing span (#1488)
 - Manage additional keys in the `frostfsid` contract (#1505)
 - Describe `--rule` flag in detail for `frostfs-cli ape-manager` subcommands (#1519)
 ### Changed
 - Support richer interaction with the console in `frostfs-cli container policy-playground` (#1396)
 - Print address in base58 format in `frostfs-adm morph policy set-admin` (#1515)
 ### Fixed
 - Fix EC object search (#1408)
 - Fix EC object put when one of the nodes is unavailable (#1427)
 ### Removed
 - Drop most of the eACL-related code (#1425)
 - Remove `--basic-acl` flag from `frostfs-cli container create` (#1483)
 ### Upgrading from v0.43.0
 The metabase schema has changed completely, resync is required.
 ## [v0.42.0]
 ### Added
--- a/3
+++ b/3
@ -1,3 +0,0 @@
 .*          @TrueCloudLab/storage-core-committers @TrueCloudLab/storage-core-developers
 .forgejo/.* @potyarkin
 Makefile    @potyarkin
--- a/120
+++ b/120
@ -1,23 +1,23 @@
 #!/usr/bin/make -f
 SHELL = bash
 .SHELLFLAGS = -euo pipefail -c
 REPO ?= $(shell go list -m)
 VERSION ?= $(shell git describe --tags --dirty --match "v*" --always --abbrev=8 2>/dev/null || cat VERSION 2>/dev/null || echo "develop")
-HUB_IMAGE ?= git.frostfs.info/truecloudlab/frostfs
+HUB_IMAGE ?= truecloudlab/frostfs
 HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"
-GO_VERSION ?= 1.23
+GO_VERSION ?= 1.22
-LINT_VERSION ?= 2.0.2
+LINT_VERSION ?= 1.60.1
-TRUECLOUDLAB_LINT_VERSION ?= 0.0.10
+TRUECLOUDLAB_LINT_VERSION ?= 0.0.7
 PROTOC_VERSION ?= 25.0
-PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-sdk-go)
+PROTOC_GEN_GO_VERSION ?= $(shell go list -f '{{.Version}}' -m google.golang.org/protobuf)
 PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-api-go/v2)
 PROTOC_OS_VERSION=osx-x86_64
 ifeq ($(shell uname), Linux)
 	PROTOC_OS_VERSION=linux-x86_64
 endif
-STATICCHECK_VERSION ?= 2025.1.1
+STATICCHECK_VERSION ?= 2024.1.1
 ARCH = amd64
 BIN = bin
@ -28,22 +28,25 @@ DIRS = $(BIN) $(RELEASE)
 CMDS = $(notdir $(basename $(wildcard cmd/frostfs-*)))
 BINS = $(addprefix $(BIN)/, $(CMDS))
 # .deb package versioning
 OS_RELEASE = $(shell lsb_release -cs)
 PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
 			sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
 			sed "s/-/~/")-${OS_RELEASE}
 OUTPUT_LINT_DIR ?= $(abspath $(BIN))/linters
 LINT_DIR = $(OUTPUT_LINT_DIR)/golangci-lint-$(LINT_VERSION)-v$(TRUECLOUDLAB_LINT_VERSION)
 TMP_DIR := .cache
 PROTOBUF_DIR ?= $(abspath $(BIN))/protobuf
 PROTOC_DIR ?= $(PROTOBUF_DIR)/protoc-v$(PROTOC_VERSION)
 PROTOC_GEN_GO_DIR ?= $(PROTOBUF_DIR)/protoc-gen-go-$(PROTOC_GEN_GO_VERSION)
 PROTOGEN_FROSTFS_DIR ?= $(PROTOBUF_DIR)/protogen-$(PROTOGEN_FROSTFS_VERSION)
 STATICCHECK_DIR ?= $(abspath $(BIN))/staticcheck
 STATICCHECK_VERSION_DIR ?= $(STATICCHECK_DIR)/$(STATICCHECK_VERSION)
 SOURCES = $(shell find . -type f -name "*.go" -print)
-GOFUMPT_VERSION ?= v0.7.0
+GOPLS_VERSION ?= v0.15.1
 GOFUMPT_DIR ?= $(abspath $(BIN))/gofumpt
 GOFUMPT_VERSION_DIR ?= $(GOFUMPT_DIR)/$(GOFUMPT_VERSION)
 GOPLS_VERSION ?= v0.17.1
 GOPLS_DIR ?= $(abspath $(BIN))/gopls
 GOPLS_VERSION_DIR ?= $(GOPLS_DIR)/$(GOPLS_VERSION)
 GOPLS_TEMP_FILE := $(shell mktemp)
@ -53,7 +56,7 @@ LOCODE_DB_PATH=$(abspath ./.cache/locode_db)
 LOCODE_DB_VERSION=v0.4.0
 .PHONY: help all images dep clean fmts fumpt imports test lint docker/lint
-		prepare-release pre-commit unpre-commit
+		prepare-release debpackage pre-commit unpre-commit
 # To build a specific binary, use it's name prefix with bin/ as a target
 # For example `make bin/frostfs-node` will build only storage node binary
@ -100,15 +103,17 @@ export-metrics: dep
 # Regenerate proto files:
 protoc:
-	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
+	@if [ ! -d "$(PROTOC_DIR)" ] || [ ! -d "$(PROTOC_GEN_GO_DIR)" ] || [ ! -d "$(PROTOGEN_FROSTFS_DIR)" ]; then \
 		make protoc-install; \
 	fi
 	@for f in `find . -type f -name '*.proto' -not -path './bin/*'`; do \
 		echo "⇒ Processing $$f "; \
 		$(PROTOC_DIR)/bin/protoc \
 			--proto_path=.:$(PROTOC_DIR)/include:/usr/local/include \
 			--plugin=protoc-gen-go=$(PROTOC_GEN_GO_DIR)/protoc-gen-go \
 			--plugin=protoc-gen-go-frostfs=$(PROTOGEN_FROSTFS_DIR)/protogen \
 			--go-frostfs_out=. --go-frostfs_opt=paths=source_relative \
 			--go_out=. --go_opt=paths=source_relative \
 			--go-grpc_opt=require_unimplemented_servers=false \
 			--go-grpc_out=. --go-grpc_opt=paths=source_relative $$f; \
 	done
@ -116,13 +121,15 @@ protoc:
 # Install protoc
 protoc-install:
 	@rm -rf $(PROTOBUF_DIR)
-	@mkdir -p $(PROTOBUF_DIR)
+	@mkdir $(PROTOBUF_DIR)
 	@echo "⇒ Installing protoc... "
 	@wget -q -O $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip 'https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/protoc-$(PROTOC_VERSION)-$(PROTOC_OS_VERSION).zip'
 	@unzip -q -o $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip -d $(PROTOC_DIR)
 	@rm $(PROTOBUF_DIR)/protoc-$(PROTOC_VERSION).zip
 	@echo "⇒ Installing protoc-gen-go..."
 	@GOBIN=$(PROTOC_GEN_GO_DIR) go install -v google.golang.org/protobuf/...@$(PROTOC_GEN_GO_VERSION)
 	@echo "⇒ Instaling protogen FrostFS plugin..."
-	@GOBIN=$(PROTOGEN_FROSTFS_DIR) go install -mod=mod -v git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/util/protogen@$(PROTOGEN_FROSTFS_VERSION)
+	@GOBIN=$(PROTOGEN_FROSTFS_DIR) go install -mod=mod -v git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/util/protogen@$(PROTOGEN_FROSTFS_VERSION)
 # Build FrostFS component's docker image
 image-%:
@ -140,15 +147,6 @@ images: image-storage image-ir image-cli image-adm
 # Build dirty local Docker images
 dirty-images: image-dirty-storage image-dirty-ir image-dirty-cli image-dirty-adm
 # Push FrostFS components' docker image to the registry
 push-image-%:
 	@echo "⇒ Publish FrostFS $* docker image "
 	@docker push $(HUB_IMAGE)-$*:$(HUB_TAG)
 # Push all Docker images to the registry
 .PHONY: push-images
 push-images: push-image-storage push-image-ir push-image-cli push-image-adm
 # Run `make %` in Golang container
 docker/%:
 	docker run --rm -t \
@ -167,19 +165,10 @@ imports:
 	@echo "⇒ Processing goimports check"
 	@goimports -w cmd/ pkg/ misc/
 # Install gofumpt
 fumpt-install:
 	@rm -rf $(GOFUMPT_DIR)
 	@mkdir -p $(GOFUMPT_DIR)
 	@GOBIN=$(GOFUMPT_VERSION_DIR) go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION)
 # Run gofumpt
 fumpt:
 	@if [ ! -d "$(GOFUMPT_VERSION_DIR)" ]; then \
 		make fumpt-install; \
 	fi
 	@echo "⇒ Processing gofumpt check"
-	$(GOFUMPT_VERSION_DIR)/gofumpt -l -w cmd/ pkg/ misc/
+	@gofumpt -l -w cmd/ pkg/ misc/
 # Run Unit Test with go test
 test: GOFLAGS ?= "-count=1"
@ -187,44 +176,21 @@ test:
 	@echo "⇒ Running go test"
 	@GOFLAGS="$(GOFLAGS)" go test ./...
 # Install Gerrit commit-msg hook
 review-install: GIT_HOOK_DIR := $(shell git rev-parse --git-dir)/hooks
 review-install:
 	@git config remote.review.url \
 		|| git remote add review ssh://review.frostfs.info:2222/TrueCloudLab/frostfs-node
 	@mkdir -p $(GIT_HOOK_DIR)/
 	@curl -Lo $(GIT_HOOK_DIR)/commit-msg https://review.frostfs.info/tools/hooks/commit-msg
 	@chmod +x $(GIT_HOOK_DIR)/commit-msg
 	@echo -e '#!/bin/sh\n"$$(git rev-parse --git-path hooks)"/commit-msg "$$1"' >$(GIT_HOOK_DIR)/prepare-commit-msg
 	@chmod +x $(GIT_HOOK_DIR)/prepare-commit-msg
 # Create a PR in Gerrit
 review: BRANCH ?= master
 review:
 	@git push review HEAD:refs/for/$(BRANCH) \
 		--push-option r=e.stratonikov@yadro.com \
 		--push-option r=d.stepanov@yadro.com \
 		--push-option r=an.nikiforov@yadro.com \
 		--push-option r=a.arifullin@yadro.com \
 		--push-option r=ekaterina.lebedeva@yadro.com \
 		--push-option r=a.savchuk@yadro.com \
 		--push-option r=a.chuprov@yadro.com
 # Run pre-commit
 pre-commit-run:
 	@pre-commit run -a --hook-stage manual
 # Install linters
-lint-install: $(BIN)
+lint-install:
 	@rm -rf $(OUTPUT_LINT_DIR)
-	@mkdir -p $(OUTPUT_LINT_DIR)
+	@mkdir $(OUTPUT_LINT_DIR)
 	@mkdir -p $(TMP_DIR)
 	@rm -rf $(TMP_DIR)/linters
 	@git -c advice.detachedHead=false clone --branch v$(TRUECLOUDLAB_LINT_VERSION) https://git.frostfs.info/TrueCloudLab/linters.git $(TMP_DIR)/linters
 	@@make -C $(TMP_DIR)/linters lib CGO_ENABLED=1 OUT_DIR=$(OUTPUT_LINT_DIR)
 	@rm -rf $(TMP_DIR)/linters
 	@rmdir $(TMP_DIR) 2>/dev/null || true
-	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install -trimpath github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v$(LINT_VERSION)
+	@CGO_ENABLED=1 GOBIN=$(LINT_DIR) go install -trimpath github.com/golangci/golangci-lint/cmd/golangci-lint@v$(LINT_VERSION)
 # Run linters
 lint:
@ -236,7 +202,7 @@ lint:
 # Install staticcheck
 staticcheck-install:
 	@rm -rf $(STATICCHECK_DIR)
-	@mkdir -p $(STATICCHECK_DIR)
+	@mkdir $(STATICCHECK_DIR)
 	@GOBIN=$(STATICCHECK_VERSION_DIR) go install honnef.co/go/tools/cmd/staticcheck@$(STATICCHECK_VERSION)
 # Run staticcheck
@ -244,12 +210,12 @@ staticcheck-run:
 	@if [ ! -d "$(STATICCHECK_VERSION_DIR)" ]; then \
 		make staticcheck-install; \
 	fi
-	@$(STATICCHECK_VERSION_DIR)/staticcheck ./...
+	@$(STATICCHECK_VERSION_DIR)/staticcheck -checks inherit,-SA1019 ./...
 # Install gopls
 gopls-install:
 	@rm -rf $(GOPLS_DIR)
-	@mkdir -p $(GOPLS_DIR)
+	@mkdir $(GOPLS_DIR)
 	@GOBIN=$(GOPLS_VERSION_DIR) go install golang.org/x/tools/gopls@$(GOPLS_VERSION)
 # Run gopls
@ -290,6 +256,19 @@ clean:
 	rm -rf $(BIN)
 	rm -rf $(RELEASE)
 # Package for Debian
 debpackage:
 	dch -b --package frostfs-node \
 			--controlmaint \
 			--newversion $(PKG_VERSION) \
 			--distribution $(OS_RELEASE) \
 			"Please see CHANGELOG.md for code changes for $(VERSION)"
 	dpkg-buildpackage --no-sign -b
 # Cleanup deb package build directories
 debclean:
 	dh clean
 # Download locode database
 locode-download:
 	mkdir -p $(TMP_DIR)
@ -303,12 +282,10 @@ env-up: all
 		echo "Frostfs contracts not found"; exit 1; \
 	fi
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph init --contracts ${FROSTFS_CONTRACTS_PATH}
-	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --gas 10.0 \
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet01.json --gas 10.0
-		--storage-wallet ./dev/storage/wallet01.json \
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet02.json --gas 10.0
-		--storage-wallet ./dev/storage/wallet02.json \
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet03.json --gas 10.0
-		--storage-wallet ./dev/storage/wallet03.json \
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet04.json --gas 10.0
 		--storage-wallet ./dev/storage/wallet04.json
 	@if [ ! -f "$(LOCODE_DB_PATH)" ]; then \
 		make locode-download; \
 	fi
@ -317,6 +294,7 @@ env-up: all
 # Shutdown dev environment
 env-down:
-	docker compose -f dev/docker-compose.yml down -v
+	docker compose -f dev/docker-compose.yml down
 	docker volume rm -f frostfs-node_neo-go
 	rm -rf ./$(TMP_DIR)/state
 	rm -rf ./$(TMP_DIR)/storage
--- a/README.md
+++ b/README.md
@ -1,5 +1,5 @@
 <p align="center">
-  <img src="./.forgejo/logo.svg" width="500px" alt="FrostFS">
+  <img src="./.github/logo.svg" width="500px" alt="FrostFS">
 </p>
 <p align="center">
@ -7,8 +7,9 @@
 </p>
 ---
-[![Report](https://goreportcard.com/badge/git.frostfs.info/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/git.frostfs.info/TrueCloudLab/frostfs-node)
+[![Report](https://goreportcard.com/badge/github.com/TrueCloudLab/frostfs-node)](https://goreportcard.com/report/github.com/TrueCloudLab/frostfs-node)
-![Release (latest)](https://git.frostfs.info/TrueCloudLab/frostfs-node/badges/release.svg)
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/TrueCloudLab/frostfs-node?sort=semver)
 ![License](https://img.shields.io/github/license/TrueCloudLab/frostfs-node.svg?style=popout)
 # Overview
@ -32,8 +33,8 @@ manipulate large amounts of data without paying a prohibitive price.
 FrostFS has a native [gRPC API](https://git.frostfs.info/TrueCloudLab/frostfs-api) and has
 protocol gateways for popular protocols such as [AWS
-S3](https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw),
+S3](https://github.com/TrueCloudLab/frostfs-s3-gw),
-[HTTP](https://git.frostfs.info/TrueCloudLab/frostfs-http-gw),
+[HTTP](https://github.com/TrueCloudLab/frostfs-http-gw),
 [FUSE](https://wikipedia.org/wiki/Filesystem_in_Userspace) and
 [sFTP](https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol) allowing
 developers to integrate applications without rewriting their code.
@ -44,7 +45,7 @@ Now, we only support GNU/Linux on amd64 CPUs with AVX/AVX2 instructions. More
 platforms will be officially supported after release `1.0`.
 The latest version of frostfs-node works with frostfs-contract
-[v0.19.2](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases/tag/v0.19.2).
+[v0.16.0](https://github.com/TrueCloudLab/frostfs-contract/releases/tag/v0.16.0).
 # Building
@ -70,7 +71,7 @@ make docker/bin/frostfs-<name> # build a specific binary
 ## Docker images
-To make docker images suitable for use in [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env/) use:
+To make docker images suitable for use in [frostfs-dev-env](https://github.com/TrueCloudLab/frostfs-dev-env/) use:
 ```
 make images
 ```
@ -98,7 +99,7 @@ See `frostfs-contract`'s README.md for build instructions.
 4. To create container and put object into it run (container and object IDs will be different):
 ```
-./bin/frostfs-cli container create -r 127.0.0.1:8080 --wallet ./dev/wallet.json --policy "REP 1 IN X CBF 1 SELECT 1 FROM * AS X" --await
+./bin/frostfs-cli container create -r 127.0.0.1:8080 --wallet ./dev/wallet.json --policy "REP 1 IN X CBF 1 SELECT 1 FROM * AS X" --basic-acl public-read-write --await
 Enter password >  <- press ENTER, the is no password for wallet
 CID: CfPhEuHQ2PRvM4gfBQDC4dWZY3NccovyfcnEdiq2ixju
@ -124,7 +125,7 @@ the feature/topic you are going to implement.
 # Credits
-FrostFS is maintained by [True Cloud Lab](https://git.frostfs.info/TrueCloudLab/) with the help and
+FrostFS is maintained by [True Cloud Lab](https://github.com/TrueCloudLab/) with the help and
 contributions from community members.
 Please see [CREDITS](CREDITS.md) for details.
--- a/2
+++ b/2
@ -1 +1 @@
-v0.44.0
+v0.42.0
--- a/cmd/frostfs-adm/docs/deploy.md
+++ b/cmd/frostfs-adm/docs/deploy.md
@ -9,8 +9,8 @@ related configuration details.
 To follow this guide you need:
 - latest released version of [neo-go](https://github.com/nspcc-dev/neo-go/releases) (v0.97.2 at the moment),
- latest released version of [frostfs-adm](https://git.frostfs.info/TrueCloudLab/frostfs-node/releases) utility (v0.42.9 at the moment),
+- latest released version of [frostfs-adm](https://github.com/TrueCloudLab/frostfs-node/releases) utility (v0.25.1 at the moment),
- latest released version of compiled [frostfs-contract](https://git.frostfs.info/TrueCloudLab/frostfs-contract/releases) (v0.19.2 at the moment).
+- latest released version of compiled [frostfs-contract](https://github.com/TrueCloudLab/frostfs-contract/releases) (v0.11.0 at the moment).
 ## Step 1: Prepare network configuration
--- a/cmd/frostfs-adm/internal/commonflags/flags.go
+++ b/cmd/frostfs-adm/internal/commonflags/flags.go
@ -16,18 +16,10 @@ const (
 	EndpointFlagDesc  = "N3 RPC node endpoint"
 	EndpointFlagShort = "r"
 	WalletPath          = "wallet"
 	WalletPathShorthand = "w"
 	WalletPathUsage     = "Path to the wallet"
 	AlphabetWalletsFlag     = "alphabet-wallets"
 	AlphabetWalletsFlagDesc = "Path to alphabet wallets dir"
 	AdminWalletPath  = "wallet-admin"
 	AdminWalletUsage = "Path to the admin wallet"
 	LocalDumpFlag                   = "local-dump"
 	ProtoConfigPath                 = "protocol"
 	ContractsInitFlag               = "contracts"
 	ContractsInitFlagDesc           = "Path to archive with compiled FrostFS contracts (the default is to fetch the latest release from the official repository)"
 	ContractsURLFlag                = "contracts-url"
--- a/cmd/frostfs-adm/internal/modules/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/config/config.go
@ -128,7 +128,7 @@ func generateConfigExample(appDir string, credSize int) (string, error) {
 	tmpl.AlphabetDir = filepath.Join(appDir, "alphabet-wallets")
 	var i innerring.GlagoliticLetter
-	for i = range innerring.GlagoliticLetter(credSize) {
+	for i = 0; i < innerring.GlagoliticLetter(credSize); i++ {
 		tmpl.Glagolitics = append(tmpl.Glagolitics, i.String())
 	}
--- a/cmd/frostfs-adm/internal/modules/maintenance/zombie/morph.go
+++ b/cmd/frostfs-adm/internal/modules/maintenance/zombie/morph.go
@ -32,7 +32,7 @@ func createMorphClient(cmd *cobra.Command, appCfg *config.Config) *client.Client
 func createContainerClient(cmd *cobra.Command, morph *client.Client) *cntClient.Client {
 	hs, err := morph.NNSContractAddress(client.NNSContainerContractName)
 	commonCmd.ExitOnErr(cmd, "resolve container contract hash: %w", err)
-	cc, err := cntClient.NewFromMorph(morph, hs, 0)
+	cc, err := cntClient.NewFromMorph(morph, hs, 0, cntClient.TryNotary())
 	commonCmd.ExitOnErr(cmd, "create morph container client: %w", err)
 	return cc
 }
@ -40,7 +40,7 @@ func createContainerClient(cmd *cobra.Command, morph *client.Client) *cntClient.
 func createNetmapClient(cmd *cobra.Command, morph *client.Client) *netmapClient.Client {
 	hs, err := morph.NNSContractAddress(client.NNSNetmapContractName)
 	commonCmd.ExitOnErr(cmd, "resolve netmap contract hash: %w", err)
-	cli, err := netmapClient.NewFromMorph(morph, hs, 0)
+	cli, err := netmapClient.NewFromMorph(morph, hs, 0, netmapClient.TryNotary())
 	commonCmd.ExitOnErr(cmd, "create morph netmap client: %w", err)
 	return cli
 }
--- a/cmd/frostfs-adm/internal/modules/maintenance/zombie/quarantine.go
+++ b/cmd/frostfs-adm/internal/modules/maintenance/zombie/quarantine.go
@ -60,7 +60,7 @@ func commonPath(paths []string) string {
 	}
 	var sb strings.Builder
-	for i := range minLen {
+	for i := 0; i < minLen; i++ {
 		for _, path := range paths[1:] {
 			if paths[0][i] != path[i] {
 				return sb.String()
--- a/cmd/frostfs-adm/internal/modules/maintenance/zombie/restore.go
+++ b/cmd/frostfs-adm/internal/modules/maintenance/zombie/restore.go
@ -1,14 +1,10 @@
 package zombie
 import (
 	"crypto/sha256"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	containerCore "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/engine"
 	cntClient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/spf13/cobra"
@ -20,8 +16,6 @@ func restore(cmd *cobra.Command, _ []string) {
 	appCfg := config.New(configFile, configDir, config.EnvPrefix)
 	storageEngine := newEngine(cmd, appCfg)
 	q := createQuarantine(cmd, storageEngine.DumpInfo())
 	morphClient := createMorphClient(cmd, appCfg)
 	cnrCli := createContainerClient(cmd, morphClient)
 	var containerID cid.ID
 	cidStr, _ := cmd.Flags().GetString(cidFlag)
@ -38,32 +32,23 @@ func restore(cmd *cobra.Command, _ []string) {
 		var addr oid.Address
 		addr.SetContainer(containerID)
 		addr.SetObject(*objectID)
-		restoreObject(cmd, storageEngine, q, addr, cnrCli)
+		restoreObject(cmd, storageEngine, q, addr)
 	} else {
 		commonCmd.ExitOnErr(cmd, "iterate over quarantine: %w", q.Iterate(cmd.Context(), func(addr oid.Address) error {
 			if addr.Container() != containerID {
 				return nil
 			}
-			restoreObject(cmd, storageEngine, q, addr, cnrCli)
+			restoreObject(cmd, storageEngine, q, addr)
 			return nil
 		}))
 	}
 }
-func restoreObject(cmd *cobra.Command, storageEngine *engine.StorageEngine, q *quarantine, addr oid.Address, cnrCli *cntClient.Client) {
+func restoreObject(cmd *cobra.Command, storageEngine *engine.StorageEngine, q *quarantine, addr oid.Address) {
 	obj, err := q.Get(cmd.Context(), addr)
 	commonCmd.ExitOnErr(cmd, "get object from quarantine: %w", err)
-	rawCID := make([]byte, sha256.Size)
+	var putPrm engine.PutPrm
-
+	putPrm.WithObject(obj)
 	cid := addr.Container()
 	cid.Encode(rawCID)
 	cnr, err := cnrCli.Get(cmd.Context(), rawCID)
 	commonCmd.ExitOnErr(cmd, "get container: %w", err)
 	putPrm := engine.PutPrm{
 		Object:             obj,
 		IsIndexedContainer: containerCore.IsIndexedContainer(cnr.Value),
 	}
 	commonCmd.ExitOnErr(cmd, "put object to storage engine: %w", storageEngine.Put(cmd.Context(), putPrm))
 	commonCmd.ExitOnErr(cmd, "remove object from quarantine: %w", q.Delete(cmd.Context(), addr))
 }
--- a/cmd/frostfs-adm/internal/modules/maintenance/zombie/scan.go
+++ b/cmd/frostfs-adm/internal/modules/maintenance/zombie/scan.go
@ -45,10 +45,10 @@ func scan(cmd *cobra.Command, _ []string) {
 	q := createQuarantine(cmd, storageEngine.DumpInfo())
 	pk := getPrivateKey(cmd, appCfg)
-	epoch, err := nmCli.Epoch(cmd.Context())
+	epoch, err := nmCli.Epoch()
 	commonCmd.ExitOnErr(cmd, "read epoch from morph: %w", err)
-	nm, err := nmCli.GetNetMapByEpoch(cmd.Context(), epoch)
+	nm, err := nmCli.GetNetMapByEpoch(epoch)
 	commonCmd.ExitOnErr(cmd, "read netmap from morph: %w", err)
 	cmd.Printf("Epoch: %d\n", nm.Epoch())
@ -109,7 +109,7 @@ func checkAddr(ctx context.Context, cnrCli *cntClient.Client, nmCli *netmap.Clie
 	cid := obj.Address.Container()
 	cid.Encode(rawCID)
-	cnr, err := cnrCli.Get(ctx, rawCID)
+	cnr, err := cnrCli.Get(rawCID)
 	if err != nil {
 		var errContainerNotFound *apistatus.ContainerNotFound
 		if errors.As(err, &errContainerNotFound) {
@ -118,7 +118,7 @@ func checkAddr(ctx context.Context, cnrCli *cntClient.Client, nmCli *netmap.Clie
 		}
 		return statusUndefined, fmt.Errorf("read container %s from morph: %w", cid, err)
 	}
-	nm, err := nmCli.NetMap(ctx)
+	nm, err := nmCli.NetMap()
 	if err != nil {
 		return statusUndefined, fmt.Errorf("read netmap from morph: %w", err)
 	}
@ -255,7 +255,8 @@ func moveToQuarantine(ctx context.Context, storageEngine *engine.StorageEngine,
 	delPrm.WithForceRemoval()
 	delPrm.WithAddress(addr)
-	if err = storageEngine.Delete(ctx, delPrm); err != nil {
+	_, err = storageEngine.Delete(ctx, delPrm)
 	if err != nil {
 		return fmt.Errorf("delete object %s from storage engine: %w", addr, err)
 	}
 	return nil
--- a/cmd/frostfs-adm/internal/modules/maintenance/zombie/storage_engine.go
+++ b/cmd/frostfs-adm/internal/modules/maintenance/zombie/storage_engine.go
@ -10,7 +10,6 @@ import (
 	blobovniczaconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard/blobstor/blobovnicza"
 	fstreeconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard/blobstor/fstree"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/qos"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/blobstor"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/blobstor/blobovniczatree"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/blobstor/fstree"
@ -44,8 +43,10 @@ func newEngine(cmd *cobra.Command, c *config.Config) *engine.StorageEngine {
 func storageEngineOptions(c *config.Config) []engine.Option {
 	return []engine.Option{
 		engine.WithErrorThreshold(engineconfig.ShardErrorThreshold(c)),
-		engine.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+		engine.WithShardPoolSize(engineconfig.ShardPoolSize(c)),
 		engine.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 		engine.WithLowMemoryConsumption(engineconfig.EngineLowMemoryConsumption(c)),
 		engine.WithRebuildWorkersCount(engineconfig.EngineRebuildWorkersCount(c)),
 	}
 }
@ -62,7 +63,7 @@ func shardOptions(cmd *cobra.Command, c *config.Config) [][]shard.Option {
 func getShardOpts(cmd *cobra.Command, c *config.Config, sh *shardconfig.Config) []shard.Option {
 	wc, wcEnabled := getWriteCacheOpts(sh)
 	return []shard.Option{
-		shard.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+		shard.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 		shard.WithRefillMetabase(sh.RefillMetabase()),
 		shard.WithRefillMetabaseWorkersCount(sh.RefillMetabaseWorkersCount()),
 		shard.WithMode(sh.Mode()),
@ -80,7 +81,6 @@ func getShardOpts(cmd *cobra.Command, c *config.Config, sh *shardconfig.Config)
 			commonCmd.ExitOnErr(cmd, "init GC pool: %w", err)
 			return pool
 		}),
 		shard.WithLimiter(qos.NewNoopLimiter()),
 	}
 }
@ -89,14 +89,15 @@ func getWriteCacheOpts(sh *shardconfig.Config) ([]writecache.Option, bool) {
 		var result []writecache.Option
 		result = append(result,
 			writecache.WithPath(wc.Path()),
-			writecache.WithFlushSizeLimit(wc.MaxFlushingObjectsSize()),
+			writecache.WithMaxBatchSize(wc.BoltDB().MaxBatchSize()),
 			writecache.WithMaxBatchDelay(wc.BoltDB().MaxBatchDelay()),
 			writecache.WithPageSize(wc.BoltDB().PageSize()),
 			writecache.WithMaxObjectSize(wc.MaxObjectSize()),
 			writecache.WithSmallObjectSize(wc.SmallObjectSize()),
 			writecache.WithFlushWorkersCount(wc.WorkerCount()),
 			writecache.WithMaxCacheSize(wc.SizeLimit()),
 			writecache.WithMaxCacheCount(wc.CountLimit()),
 			writecache.WithNoSync(wc.NoSync()),
-			writecache.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+			writecache.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 			writecache.WithQoSLimiter(qos.NewNoopLimiter()),
 		)
 		return result, true
 	}
@ -127,16 +128,19 @@ func getMetabaseOpts(sh *shardconfig.Config) []meta.Option {
 		meta.WithBoltDBOptions(&bbolt.Options{
 			Timeout: 100 * time.Millisecond,
 		}),
-		meta.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+		meta.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 		meta.WithEpochState(&epochState{}),
 	}
 }
 func getBlobstorOpts(ctx context.Context, sh *shardconfig.Config) []blobstor.Option {
 	result := []blobstor.Option{
-		blobstor.WithCompression(sh.Compression()),
+		blobstor.WithCompressObjects(sh.Compress()),
 		blobstor.WithUncompressableContentTypes(sh.UncompressableContentTypes()),
 		blobstor.WithCompressibilityEstimate(sh.EstimateCompressibility()),
 		blobstor.WithCompressibilityEstimateThreshold(sh.EstimateCompressibilityThreshold()),
 		blobstor.WithStorages(getSubStorages(ctx, sh)),
-		blobstor.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+		blobstor.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 	}
 	return result
@ -159,8 +163,7 @@ func getSubStorages(ctx context.Context, sh *shardconfig.Config) []blobstor.SubS
 				blobovniczatree.WithOpenedCacheExpInterval(sub.OpenedCacheExpInterval()),
 				blobovniczatree.WithInitWorkerCount(sub.InitWorkerCount()),
 				blobovniczatree.WithWaitBeforeDropDB(sub.RebuildDropTimeout()),
-				blobovniczatree.WithBlobovniczaLogger(logger.NewLoggerWrapper(zap.NewNop())),
+				blobovniczatree.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 				blobovniczatree.WithBlobovniczaTreeLogger(logger.NewLoggerWrapper(zap.NewNop())),
 				blobovniczatree.WithObjectSizeLimit(sh.SmallSizeLimit()),
 			}
@ -177,7 +180,7 @@ func getSubStorages(ctx context.Context, sh *shardconfig.Config) []blobstor.SubS
 				fstree.WithPerm(storage.Perm()),
 				fstree.WithDepth(sub.Depth()),
 				fstree.WithNoSync(sub.NoSync()),
-				fstree.WithLogger(logger.NewLoggerWrapper(zap.NewNop())),
+				fstree.WithLogger(&logger.Logger{Logger: zap.NewNop()}),
 			}
 			ss = append(ss, blobstor.SubStorage{
--- a/cmd/frostfs-adm/internal/modules/metabase/root.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/root.go
@ -1,15 +0,0 @@
 package metabase
 import "github.com/spf13/cobra"
 // RootCmd is a root command of config section.
 var RootCmd = &cobra.Command{
 	Use:   "metabase",
 	Short: "Section for metabase commands",
 }
 func init() {
 	RootCmd.AddCommand(UpgradeCmd)
 	initUpgradeCommand()
 }
--- a/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
@ -1,156 +0,0 @@
 package metabase
 import (
 	"context"
 	"errors"
 	"fmt"
 	"sync"
 	"time"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
 	engineconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine"
 	shardconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/engine/shard"
 	morphconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/morph"
 	nodeconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/node"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/container"
 	meta "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/metabase"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
 	morphcontainer "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client/container"
 	"github.com/spf13/cobra"
 	"golang.org/x/sync/errgroup"
 )
 const (
 	noCompactFlag = "no-compact"
 )
 var (
 	errNoPathsFound          = errors.New("no metabase paths found")
 	errNoMorphEndpointsFound = errors.New("no morph endpoints found")
 	errUpgradeFailed         = errors.New("upgrade failed")
 )
 var UpgradeCmd = &cobra.Command{
 	Use:   "upgrade",
 	Short: "Upgrade metabase to latest version",
 	RunE:  upgrade,
 }
 func upgrade(cmd *cobra.Command, _ []string) error {
 	configFile, err := cmd.Flags().GetString(commonflags.ConfigFlag)
 	if err != nil {
 		return err
 	}
 	configDir, err := cmd.Flags().GetString(commonflags.ConfigDirFlag)
 	if err != nil {
 		return err
 	}
 	appCfg := config.New(configFile, configDir, config.EnvPrefix)
 	paths, err := getMetabasePaths(appCfg)
 	if err != nil {
 		return err
 	}
 	if len(paths) == 0 {
 		return errNoPathsFound
 	}
 	cmd.Println("found", len(paths), "metabases:")
 	for i, path := range paths {
 		cmd.Println(i+1, ":", path)
 	}
 	mc, err := createMorphClient(cmd.Context(), appCfg)
 	if err != nil {
 		return err
 	}
 	defer mc.Close()
 	civ, err := createContainerInfoProvider(mc)
 	if err != nil {
 		return err
 	}
 	noCompact, _ := cmd.Flags().GetBool(noCompactFlag)
 	result := make(map[string]bool)
 	var resultGuard sync.Mutex
 	eg, ctx := errgroup.WithContext(cmd.Context())
 	for _, path := range paths {
 		eg.Go(func() error {
 			var success bool
 			cmd.Println("upgrading metabase", path, "...")
 			if err := meta.Upgrade(ctx, path, !noCompact, civ, func(a ...any) {
 				cmd.Println(append([]any{time.Now().Format(time.RFC3339), ":", path, ":"}, a...)...)
 			}); err != nil {
 				cmd.Println("error: failed to upgrade metabase", path, ":", err)
 			} else {
 				success = true
 				cmd.Println("metabase", path, "upgraded successfully")
 			}
 			resultGuard.Lock()
 			result[path] = success
 			resultGuard.Unlock()
 			return nil
 		})
 	}
 	if err := eg.Wait(); err != nil {
 		return err
 	}
 	allSuccess := true
 	for mb, ok := range result {
 		if ok {
 			cmd.Println(mb, ": success")
 		} else {
 			cmd.Println(mb, ": failed")
 			allSuccess = false
 		}
 	}
 	if allSuccess {
 		return nil
 	}
 	return errUpgradeFailed
 }
 func getMetabasePaths(appCfg *config.Config) ([]string, error) {
 	var paths []string
 	if err := engineconfig.IterateShards(appCfg, false, func(sc *shardconfig.Config) error {
 		paths = append(paths, sc.Metabase().Path())
 		return nil
 	}); err != nil {
 		return nil, fmt.Errorf("get metabase paths: %w", err)
 	}
 	return paths, nil
 }
 func createMorphClient(ctx context.Context, appCfg *config.Config) (*client.Client, error) {
 	addresses := morphconfig.RPCEndpoint(appCfg)
 	if len(addresses) == 0 {
 		return nil, errNoMorphEndpointsFound
 	}
 	key := nodeconfig.Key(appCfg)
 	cli, err := client.New(ctx,
 		key,
 		client.WithDialTimeout(morphconfig.DialTimeout(appCfg)),
 		client.WithEndpoints(addresses...),
 		client.WithSwitchInterval(morphconfig.SwitchInterval(appCfg)),
 	)
 	if err != nil {
 		return nil, fmt.Errorf("create morph client:%w", err)
 	}
 	return cli, nil
 }
 func createContainerInfoProvider(cli *client.Client) (container.InfoProvider, error) {
 	sh, err := cli.NNSContractAddress(client.NNSContainerContractName)
 	if err != nil {
 		return nil, fmt.Errorf("resolve container contract hash: %w", err)
 	}
 	cc, err := morphcontainer.NewFromMorph(cli, sh, 0)
 	if err != nil {
 		return nil, fmt.Errorf("create morph container client: %w", err)
 	}
 	return container.NewInfoProvider(func() (container.Source, error) {
 		return morphcontainer.AsContainerSource(cc), nil
 	}), nil
 }
 func initUpgradeCommand() {
 	flags := UpgradeCmd.Flags()
 	flags.Bool(noCompactFlag, false, "Do not compact upgraded metabase file")
 }
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
@ -5,19 +5,35 @@ import (
 	"encoding/json"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 const (
-	jsonFlag      = "json"
+	namespaceTarget   = "namespace"
-	jsonFlagDesc  = "Output rule chains in JSON format"
+	containerTarget   = "container"
-	addrAdminFlag = "addr"
+	userTarget        = "user"
-	addrAdminDesc = "The address of the admins wallet"
+	groupTarget       = "group"
 	jsonFlag          = "json"
 	jsonFlagDesc      = "Output rule chains in JSON format"
 	chainIDFlag       = "chain-id"
 	chainIDDesc       = "Rule chain ID"
 	ruleFlag          = "rule"
 	ruleFlagDesc      = "Rule chain in text format"
 	pathFlag          = "path"
 	pathFlagDesc      = "path to encoded chain in JSON or binary format"
 	targetNameFlag    = "target-name"
 	targetNameDesc    = "Resource name in APE resource name format"
 	targetTypeFlag    = "target-type"
 	targetTypeDesc    = "Resource type(container/namespace)"
 	addrAdminFlag     = "addr"
 	addrAdminDesc     = "The address of the admins wallet"
 	chainNameFlag     = "chain-name"
 	chainNameFlagDesc = "Chain name(ingress|s3)"
 )
 var (
@ -85,17 +101,17 @@ func initAddRuleChainCmd() {
 	addRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	addRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	addRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
+	addRuleChainCmd.Flags().String(targetTypeFlag, "", targetTypeDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = addRuleChainCmd.MarkFlagRequired(targetTypeFlag)
-	addRuleChainCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetTypeFlagDesc)
+	addRuleChainCmd.Flags().String(targetNameFlag, "", targetNameDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.TargetNameFlag)
+	_ = addRuleChainCmd.MarkFlagRequired(targetNameFlag)
-	addRuleChainCmd.Flags().String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
+	addRuleChainCmd.Flags().String(chainIDFlag, "", chainIDDesc)
-	_ = addRuleChainCmd.MarkFlagRequired(apeCmd.ChainIDFlag)
+	_ = addRuleChainCmd.MarkFlagRequired(chainIDFlag)
-	addRuleChainCmd.Flags().StringArray(apeCmd.RuleFlag, []string{}, apeCmd.RuleFlagDesc)
+	addRuleChainCmd.Flags().StringArray(ruleFlag, []string{}, ruleFlagDesc)
-	addRuleChainCmd.Flags().String(apeCmd.PathFlag, "", apeCmd.PathFlagDesc)
+	addRuleChainCmd.Flags().String(pathFlag, "", pathFlagDesc)
-	addRuleChainCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
+	addRuleChainCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
-	addRuleChainCmd.MarkFlagsMutuallyExclusive(apeCmd.RuleFlag, apeCmd.PathFlag)
+	addRuleChainCmd.MarkFlagsMutuallyExclusive(ruleFlag, pathFlag)
 }
 func initRemoveRuleChainCmd() {
@ -104,25 +120,26 @@ func initRemoveRuleChainCmd() {
 	removeRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	removeRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	removeRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
+	removeRuleChainCmd.Flags().String(targetTypeFlag, "", targetTypeDesc)
-	_ = removeRuleChainCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = removeRuleChainCmd.MarkFlagRequired(targetTypeFlag)
-	removeRuleChainCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	removeRuleChainCmd.Flags().String(targetNameFlag, "", targetNameDesc)
-	_ = removeRuleChainCmd.MarkFlagRequired(apeCmd.TargetNameFlag)
+	_ = removeRuleChainCmd.MarkFlagRequired(targetNameFlag)
-	removeRuleChainCmd.Flags().String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
+	removeRuleChainCmd.Flags().String(chainIDFlag, "", chainIDDesc)
-	removeRuleChainCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
+	removeRuleChainCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
 	removeRuleChainCmd.Flags().Bool(commonflags.AllFlag, false, "Remove all chains for target")
-	removeRuleChainCmd.MarkFlagsMutuallyExclusive(commonflags.AllFlag, apeCmd.ChainIDFlag)
+	removeRuleChainCmd.MarkFlagsMutuallyExclusive(commonflags.AllFlag, chainIDFlag)
 }
 func initListRuleChainsCmd() {
 	Cmd.AddCommand(listRuleChainsCmd)
 	listRuleChainsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	listRuleChainsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
+	listRuleChainsCmd.Flags().StringP(targetTypeFlag, "t", "", targetTypeDesc)
-	_ = listRuleChainsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = listRuleChainsCmd.MarkFlagRequired(targetTypeFlag)
-	listRuleChainsCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	listRuleChainsCmd.Flags().String(targetNameFlag, "", targetNameDesc)
 	_ = listRuleChainsCmd.MarkFlagRequired(targetNameFlag)
 	listRuleChainsCmd.Flags().Bool(jsonFlag, false, jsonFlagDesc)
-	listRuleChainsCmd.Flags().String(apeCmd.ChainNameFlag, apeCmd.Ingress, apeCmd.ChainNameFlagDesc)
+	listRuleChainsCmd.Flags().String(chainNameFlag, ingress, chainNameFlagDesc)
 }
 func initSetAdminCmd() {
@ -144,15 +161,15 @@ func initListTargetsCmd() {
 	Cmd.AddCommand(listTargetsCmd)
 	listTargetsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	listTargetsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
+	listTargetsCmd.Flags().StringP(targetTypeFlag, "t", "", targetTypeDesc)
-	_ = listTargetsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = listTargetsCmd.MarkFlagRequired(targetTypeFlag)
 }
 func addRuleChain(cmd *cobra.Command, _ []string) {
-	chain := apeCmd.ParseChain(cmd)
+	chain := parseChain(cmd)
 	target := parseTarget(cmd)
 	pci, ac := newPolicyContractInterface(cmd)
-	h, vub, err := pci.AddMorphRuleChain(apeCmd.ParseChainName(cmd), target, chain)
+	h, vub, err := pci.AddMorphRuleChain(parseChainName(cmd), target, chain)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = ac.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "add rule chain error: %w", err)
@ -164,14 +181,14 @@ func removeRuleChain(cmd *cobra.Command, _ []string) {
 	pci, ac := newPolicyContractInterface(cmd)
 	removeAll, _ := cmd.Flags().GetBool(commonflags.AllFlag)
 	if removeAll {
-		h, vub, err := pci.RemoveMorphRuleChainsByTarget(apeCmd.ParseChainName(cmd), target)
+		h, vub, err := pci.RemoveMorphRuleChainsByTarget(parseChainName(cmd), target)
 		cmd.Println("Waiting for transaction to persist...")
 		_, err = ac.Wait(h, vub, err)
 		commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
 		cmd.Println("All chains for target removed successfully")
 	} else {
-		chainID := apeCmd.ParseChainID(cmd)
+		chainID := parseChainID(cmd)
-		h, vub, err := pci.RemoveMorphRuleChain(apeCmd.ParseChainName(cmd), target, chainID)
+		h, vub, err := pci.RemoveMorphRuleChain(parseChainName(cmd), target, chainID)
 		cmd.Println("Waiting for transaction to persist...")
 		_, err = ac.Wait(h, vub, err)
 		commonCmd.ExitOnErr(cmd, "remove rule chain error: %w", err)
@ -182,7 +199,7 @@ func removeRuleChain(cmd *cobra.Command, _ []string) {
 func listRuleChains(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
 	pci, _ := newPolicyContractReaderInterface(cmd)
-	chains, err := pci.ListMorphRuleChains(apeCmd.ParseChainName(cmd), target)
+	chains, err := pci.ListMorphRuleChains(parseChainName(cmd), target)
 	commonCmd.ExitOnErr(cmd, "list rule chains error: %w", err)
 	if len(chains) == 0 {
 		return
@ -193,14 +210,14 @@ func listRuleChains(cmd *cobra.Command, _ []string) {
 		prettyJSONFormat(cmd, chains)
 	} else {
 		for _, c := range chains {
-			apeCmd.PrintHumanReadableAPEChain(cmd, c)
+			parseutil.PrintHumanReadableAPEChain(cmd, c)
 		}
 	}
 }
 func setAdmin(cmd *cobra.Command, _ []string) {
 	s, _ := cmd.Flags().GetString(addrAdminFlag)
-	addr, err := address.StringToUint160(s)
+	addr, err := util.Uint160DecodeStringLE(s)
 	commonCmd.ExitOnErr(cmd, "can't decode admin addr: %w", err)
 	pci, ac := newPolicyContractInterface(cmd)
 	h, vub, err := pci.SetAdmin(addr)
@ -214,11 +231,12 @@ func getAdmin(cmd *cobra.Command, _ []string) {
 	pci, _ := newPolicyContractReaderInterface(cmd)
 	addr, err := pci.GetAdmin()
 	commonCmd.ExitOnErr(cmd, "unable to get admin: %w", err)
-	cmd.Println(address.Uint160ToString(addr))
+	cmd.Println(addr.StringLE())
 }
 func listTargets(cmd *cobra.Command, _ []string) {
-	typ := apeCmd.ParseTargetType(cmd)
+	typ, err := parseTargetType(cmd)
 	commonCmd.ExitOnErr(cmd, "parse target type error: %w", err)
 	pci, inv := newPolicyContractReaderInterface(cmd)
 	sid, it, err := pci.ListTargetsIterator(typ)
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
@ -2,14 +2,13 @@ package ape
 import (
 	"errors"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
+	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	policyengine "git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
 	morph "git.frostfs.info/TrueCloudLab/policy-engine/pkg/morph/policy"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
@ -19,29 +18,90 @@ import (
 	"github.com/spf13/viper"
 )
-var errUnknownTargetType = errors.New("unknown target type")
+const (
 	ingress = "ingress"
 	s3      = "s3"
 )
 var mChainName = map[string]apechain.Name{
 	ingress: apechain.Ingress,
 	s3:      apechain.S3,
 }
 var (
 	errUnknownTargetType    = errors.New("unknown target type")
 	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
 	errRuleIsNotParsed      = errors.New("rule is not passed")
 	errUnsupportedChainName = errors.New("unsupported chain name")
 )
 func parseTarget(cmd *cobra.Command) policyengine.Target {
-	typ := apeCmd.ParseTargetType(cmd)
+	name, _ := cmd.Flags().GetString(targetNameFlag)
-	name, _ := cmd.Flags().GetString(apeCmd.TargetNameFlag)
+	typ, err := parseTargetType(cmd)
-	switch typ {
+
-	case policyengine.Namespace:
+	// interpret "root" namespace as empty
-		if name == "root" {
+	if typ == policyengine.Namespace && name == "root" {
-			name = ""
+		name = ""
 		}
 		return policyengine.NamespaceTarget(name)
 	case policyengine.Container:
 		var cnr cid.ID
 		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
 		return policyengine.ContainerTarget(name)
 	case policyengine.User:
 		return policyengine.UserTarget(name)
 	case policyengine.Group:
 		return policyengine.GroupTarget(name)
 	default:
 		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
 	}
-	panic("unreachable")
+
 	commonCmd.ExitOnErr(cmd, "read target type error: %w", err)
 	return policyengine.Target{
 		Name: name,
 		Type: typ,
 	}
 }
 func parseTargetType(cmd *cobra.Command) (policyengine.TargetType, error) {
 	typ, _ := cmd.Flags().GetString(targetTypeFlag)
 	switch typ {
 	case namespaceTarget:
 		return policyengine.Namespace, nil
 	case containerTarget:
 		return policyengine.Container, nil
 	case userTarget:
 		return policyengine.User, nil
 	case groupTarget:
 		return policyengine.Group, nil
 	}
 	return -1, errUnknownTargetType
 }
 func parseChainID(cmd *cobra.Command) apechain.ID {
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
 			errChainIDCannotBeEmpty)
 	}
 	return apechain.ID(chainID)
 }
 func parseChain(cmd *cobra.Command) *apechain.Chain {
 	chain := new(apechain.Chain)
 	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", parseutil.ParseAPEChain(chain, rules))
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
 	}
 	chain.ID = parseChainID(cmd)
 	cmd.Println("Parsed chain:")
 	parseutil.PrintHumanReadableAPEChain(cmd, chain)
 	return chain
 }
 func parseChainName(cmd *cobra.Command) apechain.Name {
 	chainName, _ := cmd.Flags().GetString(chainNameFlag)
 	apeChainName, ok := mChainName[strings.ToLower(chainName)]
 	if !ok {
 		commonCmd.ExitOnErr(cmd, "", errUnsupportedChainName)
 	}
 	return apeChainName
 }
 // invokerAdapter adapats invoker.Invoker to ContractStorageInvoker interface.
@ -55,15 +115,16 @@ func (n *invokerAdapter) GetRPCInvoker() invoker.RPCInvoke {
 }
 func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorageReader, *invoker.Invoker) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
 	inv := invoker.New(c, nil)
 	var ch util.Uint160
 	r := management.NewReader(inv)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-	ch, err := helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
+	ch, err = helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
 	commonCmd.ExitOnErr(cmd, "unable to resolve policy contract hash: %w", err)
 	invokerAdapter := &invokerAdapter{
@ -75,11 +136,10 @@ func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorag
 }
 func newPolicyContractInterface(cmd *cobra.Command) (*morph.ContractStorage, *helper.LocalActor) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
-	walletDir := config.ResolveHomePath(viper.GetString(commonflags.AlphabetWalletsFlag))
+	ac, err := helper.NewLocalActor(cmd, c)
 	ac, err := helper.NewLocalActor(c, &helper.AlphabetWallets{Path: walletDir, Label: constants.ConsensusAccountName})
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)
 	var ch util.Uint160
--- a/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
+++ b/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
@ -9,7 +9,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	"github.com/nspcc-dev/neo-go/pkg/core/native/noderoles"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
@ -52,7 +51,7 @@ func dumpBalances(cmd *cobra.Command, _ []string) error {
 		nmHash          util.Uint160
 	)
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
@ -162,7 +161,9 @@ func printAlphabetContractBalances(cmd *cobra.Command, c helper.Client, inv *inv
 			helper.GetAlphabetNNSDomain(i),
 			int64(nns.TXT))
 	}
-	assert.NoError(w.Err)
+	if w.Err != nil {
 		panic(w.Err)
 	}
 	alphaRes, err := c.InvokeScript(w.Bytes(), nil)
 	if err != nil {
@ -225,7 +226,9 @@ func fetchBalances(c *invoker.Invoker, gasHash util.Uint160, accounts []accBalan
 	for i := range accounts {
 		emit.AppCall(w.BinWriter, gasHash, "balanceOf", callflag.ReadStates, accounts[i].scriptHash)
 	}
-	assert.NoError(w.Err)
+	if w.Err != nil {
 		panic(w.Err)
 	}
 	res, err := c.Run(w.Bytes())
 	if err != nil || res.State != vmstate.Halt.String() || len(res.Stack) != len(accounts) {
--- a/cmd/frostfs-adm/internal/modules/morph/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/config.go
@ -26,7 +26,7 @@ import (
 const forceConfigSet = "force"
 func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -63,16 +63,16 @@ func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
 			netmap.MaxObjectSizeConfig, netmap.WithdrawFeeConfig,
 			netmap.MaxECDataCountConfig, netmap.MaxECParityCountConfig:
 			nbuf := make([]byte, 8)
-			copy(nbuf, v)
+			copy(nbuf[:], v)
 			n := binary.LittleEndian.Uint64(nbuf)
-			_, _ = tw.Write(fmt.Appendf(nil, "%s:\t%d (int)\n", k, n))
+			_, _ = tw.Write([]byte(fmt.Sprintf("%s:\t%d (int)\n", k, n)))
 		case netmap.HomomorphicHashingDisabledKey, netmap.MaintenanceModeAllowedConfig:
 			if len(v) == 0 || len(v) > 1 {
 				return helper.InvalidConfigValueErr(k)
 			}
-			_, _ = tw.Write(fmt.Appendf(nil, "%s:\t%t (bool)\n", k, v[0] == 1))
+			_, _ = tw.Write([]byte(fmt.Sprintf("%s:\t%t (bool)\n", k, v[0] == 1)))
 		default:
-			_, _ = tw.Write(fmt.Appendf(nil, "%s:\t%s (hex)\n", k, hex.EncodeToString(v)))
+			_, _ = tw.Write([]byte(fmt.Sprintf("%s:\t%s (hex)\n", k, hex.EncodeToString(v))))
 		}
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/constants/const.go
+++ b/cmd/frostfs-adm/internal/modules/morph/constants/const.go
@ -4,6 +4,7 @@ import "time"
 const (
 	ConsensusAccountName = "consensus"
 	ProtoConfigPath      = "protocol"
 	// MaxAlphabetNodes is the maximum number of candidates allowed, which is currently limited by the size
 	// of the invocation script.
--- a/cmd/frostfs-adm/internal/modules/morph/container/container.go
+++ b/cmd/frostfs-adm/internal/modules/morph/container/container.go
@ -10,7 +10,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/hash"
 	"github.com/nspcc-dev/neo-go/pkg/io"
@ -77,7 +76,7 @@ func dumpContainers(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("invalid filename: %w", err)
 	}
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -140,12 +139,13 @@ func dumpContainers(cmd *cobra.Command, _ []string) error {
 func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invoker, id []byte) (*Container, error) {
 	bw.Reset()
 	emit.AppCall(bw.BinWriter, ch, "get", callflag.All, id)
 	emit.AppCall(bw.BinWriter, ch, "eACL", callflag.All, id)
 	res, err := inv.Run(bw.Bytes())
 	if err != nil {
 		return nil, fmt.Errorf("can't get container info: %w", err)
 	}
-	if len(res.Stack) != 1 {
+	if len(res.Stack) != 2 {
-		return nil, fmt.Errorf("%w: expected 1 items on stack", errInvalidContainerResponse)
+		return nil, fmt.Errorf("%w: expected 2 items on stack", errInvalidContainerResponse)
 	}
 	cnt := new(Container)
@ -154,11 +154,19 @@ func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invo
 		return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
 	}
 	ea := new(EACL)
 	err = ea.FromStackItem(res.Stack[1])
 	if err != nil {
 		return nil, fmt.Errorf("%w: %v", errInvalidContainerResponse, err)
 	}
 	if len(ea.Value) != 0 {
 		cnt.EACL = ea
 	}
 	return cnt, nil
 }
 func listContainers(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -236,7 +244,9 @@ func restoreOrPutContainers(containers []Container, isOK func([]byte) bool, cmd
 		putContainer(bw, ch, cnt)
-		assert.NoError(bw.Err)
+		if bw.Err != nil {
 			panic(bw.Err)
 		}
 		if err := wCtx.SendConsensusTx(bw.Bytes()); err != nil {
 			return err
@ -248,6 +258,10 @@ func restoreOrPutContainers(containers []Container, isOK func([]byte) bool, cmd
 func putContainer(bw *io.BufBinWriter, ch util.Uint160, cnt Container) {
 	emit.AppCall(bw.BinWriter, ch, "put", callflag.All,
 		cnt.Value, cnt.Signature, cnt.PublicKey, cnt.Token)
 	if ea := cnt.EACL; ea != nil {
 		emit.AppCall(bw.BinWriter, ch, "setEACL", callflag.All,
 			ea.Value, ea.Signature, ea.PublicKey, ea.Token)
 	}
 }
 func isContainerRestored(cmd *cobra.Command, wCtx *helper.InitializeContext, containerHash util.Uint160, bw *io.BufBinWriter, hashValue util.Uint256) (bool, error) {
@ -308,6 +322,15 @@ type Container struct {
 	Signature []byte `json:"signature"`
 	PublicKey []byte `json:"public_key"`
 	Token     []byte `json:"token"`
 	EACL      *EACL  `json:"eacl"`
 }
 // EACL represents extended ACL struct in contract storage.
 type EACL struct {
 	Value     []byte `json:"value"`
 	Signature []byte `json:"signature"`
 	PublicKey []byte `json:"public_key"`
 	Token     []byte `json:"token"`
 }
 // ToStackItem implements stackitem.Convertible.
@ -354,6 +377,50 @@ func (c *Container) FromStackItem(item stackitem.Item) error {
 	return nil
 }
 // ToStackItem implements stackitem.Convertible.
 func (c *EACL) ToStackItem() (stackitem.Item, error) {
 	return stackitem.NewStruct([]stackitem.Item{
 		stackitem.NewByteArray(c.Value),
 		stackitem.NewByteArray(c.Signature),
 		stackitem.NewByteArray(c.PublicKey),
 		stackitem.NewByteArray(c.Token),
 	}), nil
 }
 // FromStackItem implements stackitem.Convertible.
 func (c *EACL) FromStackItem(item stackitem.Item) error {
 	arr, ok := item.Value().([]stackitem.Item)
 	if !ok || len(arr) != 4 {
 		return errors.New("invalid stack item type")
 	}
 	value, err := arr[0].TryBytes()
 	if err != nil {
 		return errors.New("invalid eACL value")
 	}
 	sig, err := arr[1].TryBytes()
 	if err != nil {
 		return errors.New("invalid eACL signature")
 	}
 	pub, err := arr[2].TryBytes()
 	if err != nil {
 		return errors.New("invalid eACL public key")
 	}
 	tok, err := arr[3].TryBytes()
 	if err != nil {
 		return errors.New("invalid eACL token")
 	}
 	c.Value = value
 	c.Signature = sig
 	c.PublicKey = pub
 	c.Token = tok
 	return nil
 }
 // getCIDFilterFunc returns filtering function for container IDs.
 // Raw byte slices are used because it works with structures returned
 // from contract.
--- a/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
@ -10,7 +10,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	"github.com/nspcc-dev/neo-go/cli/cmdargs"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
@ -121,7 +120,9 @@ func deployContractCmd(cmd *cobra.Command, args []string) error {
 		}
 	}
-	assert.NoError(writer.Err, "can't create deployment script")
+	if writer.Err != nil {
 		panic(fmt.Errorf("BUG: can't create deployment script: %w", writer.Err))
 	}
 	if err := c.SendCommitteeTx(writer.Bytes(), false); err != nil {
 		return err
@ -172,8 +173,9 @@ func registerNNS(nnsCs *state.Contract, c *helper.InitializeContext, zone string
 			domain, int64(nns.TXT), address.Uint160ToString(cs.Hash))
 	}
-	assert.NoError(bw.Err, "can't create deployment script")
+	if bw.Err != nil {
-	if bw.Len() != start {
+		panic(fmt.Errorf("BUG: can't create deployment script: %w", writer.Err))
 	} else if bw.Len() != start {
 		writer.WriteBytes(bw.Bytes())
 		emit.Opcodes(writer.BinWriter, opcode.LDSFLD0, opcode.PUSH1, opcode.PACK)
 		emit.AppCallNoArgs(writer.BinWriter, nnsCs.Hash, "setPrice", callflag.All)
--- a/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
@ -11,7 +11,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	morphClient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
@ -37,7 +36,7 @@ type contractDumpInfo struct {
 }
 func dumpContractHashes(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -69,7 +68,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 	if irSize != 0 {
 		bw.Reset()
-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			emit.AppCall(bw.BinWriter, cs.Hash, "resolve", callflag.ReadOnly,
 				helper.GetAlphabetNNSDomain(i),
 				int64(nns.TXT))
@ -80,7 +79,7 @@ func dumpContractHashes(cmd *cobra.Command, _ []string) error {
 			return fmt.Errorf("can't fetch info from NNS: %w", err)
 		}
-		for i := range irSize {
+		for i := 0; i < irSize; i++ {
 			info := contractDumpInfo{name: fmt.Sprintf("alphabet %d", i)}
 			if h, err := helper.ParseNNSResolveResult(alphaRes.Stack[i]); err == nil {
 				info.hash = h
@ -220,8 +219,8 @@ func printContractInfo(cmd *cobra.Command, infos []contractDumpInfo) {
 		if info.version == "" {
 			info.version = "unknown"
 		}
-		_, _ = tw.Write(fmt.Appendf(nil, "%s\t(%s):\t%s\n",
+		_, _ = tw.Write([]byte(fmt.Sprintf("%s\t(%s):\t%s\n",
-			info.name, info.version, info.hash.StringLE()))
+			info.name, info.version, info.hash.StringLE())))
 	}
 	_ = tw.Flush()
@ -237,17 +236,21 @@ func fillContractVersion(cmd *cobra.Command, c helper.Client, infos []contractDu
 		} else {
 			sub.Reset()
 			emit.AppCall(sub.BinWriter, infos[i].hash, "version", callflag.NoneFlag)
-			assert.NoError(sub.Err, "can't create version script")
+			if sub.Err != nil {
 				panic(fmt.Errorf("BUG: can't create version script: %w", bw.Err))
 			}
 			script := sub.Bytes()
 			emit.Instruction(bw.BinWriter, opcode.TRY, []byte{byte(3 + len(script) + 2), 0})
-			bw.WriteBytes(script)
+			bw.BinWriter.WriteBytes(script)
 			emit.Instruction(bw.BinWriter, opcode.ENDTRY, []byte{2 + 1})
 			emit.Opcodes(bw.BinWriter, opcode.PUSH0)
 		}
 	}
 	emit.Opcodes(bw.BinWriter, opcode.NOP) // for the last ENDTRY target
-	assert.NoError(bw.Err, "can't create version script")
+	if bw.Err != nil {
 		panic(fmt.Errorf("BUG: can't create version script: %w", bw.Err))
 	}
 	res, err := c.InvokeScript(bw.Bytes(), nil)
 	if err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
@ -1,83 +0,0 @@
 package frostfsid
 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 var (
 	frostfsidAddSubjectKeyCmd = &cobra.Command{
 		Use:   "add-subject-key",
 		Short: "Add a public key to the subject in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidAddSubjectKey,
 	}
 	frostfsidRemoveSubjectKeyCmd = &cobra.Command{
 		Use:   "remove-subject-key",
 		Short: "Remove a public key from the subject in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidRemoveSubjectKey,
 	}
 )
 func initFrostfsIDAddSubjectKeyCmd() {
 	Cmd.AddCommand(frostfsidAddSubjectKeyCmd)
 	ff := frostfsidAddSubjectKeyCmd.Flags()
 	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	ff.String(subjectAddressFlag, "", "Subject address")
 	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectAddressFlag)
 	ff.String(subjectKeyFlag, "", "Public key to add")
 	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectKeyFlag)
 }
 func initFrostfsIDRemoveSubjectKeyCmd() {
 	Cmd.AddCommand(frostfsidRemoveSubjectKeyCmd)
 	ff := frostfsidRemoveSubjectKeyCmd.Flags()
 	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	ff.String(subjectAddressFlag, "", "Subject address")
 	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectAddressFlag)
 	ff.String(subjectKeyFlag, "", "Public key to remove")
 	_ = frostfsidAddSubjectKeyCmd.MarkFlagRequired(subjectKeyFlag)
 }
 func frostfsidAddSubjectKey(cmd *cobra.Command, _ []string) {
 	addr := getFrostfsIDSubjectAddress(cmd)
 	pub := getFrostfsIDSubjectKey(cmd)
 	ffsid, err := newFrostfsIDClient(cmd)
 	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
 	ffsid.addCall(ffsid.roCli.AddSubjectKeyCall(addr, pub))
 	err = ffsid.sendWait()
 	commonCmd.ExitOnErr(cmd, "add subject key: %w", err)
 }
 func frostfsidRemoveSubjectKey(cmd *cobra.Command, _ []string) {
 	addr := getFrostfsIDSubjectAddress(cmd)
 	pub := getFrostfsIDSubjectKey(cmd)
 	ffsid, err := newFrostfsIDClient(cmd)
 	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
 	ffsid.addCall(ffsid.roCli.RemoveSubjectKeyCall(addr, pub))
 	err = ffsid.sendWait()
 	commonCmd.ExitOnErr(cmd, "remove subject key: %w", err)
 }
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
@ -34,16 +34,11 @@ const (
 	subjectNameFlag    = "subject-name"
 	subjectKeyFlag     = "subject-key"
 	subjectAddressFlag = "subject-address"
-	extendedFlag       = "extended"
+	includeNamesFlag   = "include-names"
 	groupNameFlag      = "group-name"
 	groupIDFlag        = "group-id"
 	rootNamespacePlaceholder = "<root>"
 	keyFlag       = "key"
 	keyDescFlag   = "Key for storing a value in the subject's KV storage"
 	valueFlag     = "value"
 	valueDescFlag = "Value to be stored in the subject's KV storage"
 )
 var (
@ -66,6 +61,7 @@ var (
 		Use:   "list-namespaces",
 		Short: "List all namespaces in frostfsid",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListNamespaces,
@ -95,6 +91,7 @@ var (
 		Use:   "list-subjects",
 		Short: "List subjects in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListSubjects,
@ -124,6 +121,7 @@ var (
 		Use:   "list-groups",
 		Short: "List groups in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListGroups,
@ -153,27 +151,11 @@ var (
 		Use:   "list-group-subjects",
 		Short: "List subjects in group",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidListGroupSubjects,
 	}
 	frostfsidSetKVCmd = &cobra.Command{
 		Use:   "set-kv",
 		Short: "Store a key-value pair in the subject's KV storage",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidSetKV,
 	}
 	frostfsidDeleteKVCmd = &cobra.Command{
 		Use:   "delete-kv",
 		Short: "Delete a value from the subject's KV storage",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 		},
 		Run: frostfsidDeleteKV,
 	}
 )
 func initFrostfsIDCreateNamespaceCmd() {
@ -187,6 +169,7 @@ func initFrostfsIDCreateNamespaceCmd() {
 func initFrostfsIDListNamespacesCmd() {
 	Cmd.AddCommand(frostfsidListNamespacesCmd)
 	frostfsidListNamespacesCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListNamespacesCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func initFrostfsIDCreateSubjectCmd() {
@ -209,7 +192,8 @@ func initFrostfsIDListSubjectsCmd() {
 	Cmd.AddCommand(frostfsidListSubjectsCmd)
 	frostfsidListSubjectsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace to list subjects")
-	frostfsidListSubjectsCmd.Flags().Bool(extendedFlag, false, "Whether include subject info (require additional requests)")
+	frostfsidListSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
 	frostfsidListSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func initFrostfsIDCreateGroupCmd() {
@ -233,6 +217,7 @@ func initFrostfsIDListGroupsCmd() {
 	Cmd.AddCommand(frostfsidListGroupsCmd)
 	frostfsidListGroupsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListGroupsCmd.Flags().String(namespaceFlag, "", "Namespace to list groups")
 	frostfsidListGroupsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func initFrostfsIDAddSubjectToGroupCmd() {
@ -256,22 +241,8 @@ func initFrostfsIDListGroupSubjectsCmd() {
 	frostfsidListGroupSubjectsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidListGroupSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace name")
 	frostfsidListGroupSubjectsCmd.Flags().Int64(groupIDFlag, 0, "Group id")
-	frostfsidListGroupSubjectsCmd.Flags().Bool(extendedFlag, false, "Whether include subject info (require additional requests)")
+	frostfsidListGroupSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
-}
+	frostfsidListGroupSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 func initFrostfsIDSetKVCmd() {
 	Cmd.AddCommand(frostfsidSetKVCmd)
 	frostfsidSetKVCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidSetKVCmd.Flags().String(subjectAddressFlag, "", "Subject address")
 	frostfsidSetKVCmd.Flags().String(keyFlag, "", keyDescFlag)
 	frostfsidSetKVCmd.Flags().String(valueFlag, "", valueDescFlag)
 }
 func initFrostfsIDDeleteKVCmd() {
 	Cmd.AddCommand(frostfsidDeleteKVCmd)
 	frostfsidDeleteKVCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	frostfsidDeleteKVCmd.Flags().String(subjectAddressFlag, "", "Subject address")
 	frostfsidDeleteKVCmd.Flags().String(keyFlag, "", keyDescFlag)
 }
 func frostfsidCreateNamespace(cmd *cobra.Command, _ []string) {
@ -291,7 +262,7 @@ func frostfsidListNamespaces(cmd *cobra.Command, _ []string) {
 	reader := frostfsidrpclient.NewReader(inv, hash)
 	sessionID, it, err := reader.ListNamespaces()
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
 	namespaces, err := frostfsidclient.ParseNamespaces(items)
@ -336,32 +307,34 @@ func frostfsidDeleteSubject(cmd *cobra.Command, _ []string) {
 }
 func frostfsidListSubjects(cmd *cobra.Command, _ []string) {
-	extended, _ := cmd.Flags().GetBool(extendedFlag)
+	includeNames, _ := cmd.Flags().GetBool(includeNamesFlag)
 	ns := getFrostfsIDNamespace(cmd)
 	inv, _, hash := initInvoker(cmd)
 	reader := frostfsidrpclient.NewReader(inv, hash)
 	sessionID, it, err := reader.ListNamespaceSubjects(ns)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	subAddresses, err := frostfsidclient.UnwrapArrayOfUint160(readIterator(inv, &it, sessionID))
+	subAddresses, err := frostfsidclient.UnwrapArrayOfUint160(readIterator(inv, &it, iteratorBatchSize, sessionID))
 	commonCmd.ExitOnErr(cmd, "can't unwrap: %w", err)
 	sort.Slice(subAddresses, func(i, j int) bool { return subAddresses[i].Less(subAddresses[j]) })
 	for _, addr := range subAddresses {
-		if !extended {
+		if !includeNames {
 			cmd.Println(address.Uint160ToString(addr))
 			continue
 		}
-		items, err := reader.GetSubject(addr)
+		sessionID, it, err := reader.ListSubjects()
 		commonCmd.ExitOnErr(cmd, "can't get subject: %w", err)
 		items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 		commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
 		subj, err := frostfsidclient.ParseSubject(items)
 		commonCmd.ExitOnErr(cmd, "can't parse subject: %w", err)
-		printSubjectInfo(cmd, addr, subj)
+		cmd.Printf("%s (%s)\n", address.Uint160ToString(addr), subj.Name)
 		cmd.Println()
 	}
 }
@ -401,7 +374,7 @@ func frostfsidListGroups(cmd *cobra.Command, _ []string) {
 	sessionID, it, err := reader.ListGroups(ns)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)
 	groups, err := frostfsidclient.ParseGroups(items)
 	commonCmd.ExitOnErr(cmd, "can't parse groups: %w", err)
@ -439,49 +412,10 @@ func frostfsidRemoveSubjectFromGroup(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "remove subject from group error: %w", err)
 }
 func frostfsidSetKV(cmd *cobra.Command, _ []string) {
 	subjectAddress := getFrostfsIDSubjectAddress(cmd)
 	key, _ := cmd.Flags().GetString(keyFlag)
 	value, _ := cmd.Flags().GetString(valueFlag)
 	if key == "" {
 		commonCmd.ExitOnErr(cmd, "", errors.New("key can't be empty"))
 	}
 	ffsid, err := newFrostfsIDClient(cmd)
 	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
 	method, args := ffsid.roCli.SetSubjectKVCall(subjectAddress, key, value)
 	ffsid.addCall(method, args)
 	err = ffsid.sendWait()
 	commonCmd.ExitOnErr(cmd, "set KV: %w", err)
 }
 func frostfsidDeleteKV(cmd *cobra.Command, _ []string) {
 	subjectAddress := getFrostfsIDSubjectAddress(cmd)
 	key, _ := cmd.Flags().GetString(keyFlag)
 	if key == "" {
 		commonCmd.ExitOnErr(cmd, "", errors.New("key can't be empty"))
 	}
 	ffsid, err := newFrostfsIDClient(cmd)
 	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
 	method, args := ffsid.roCli.DeleteSubjectKVCall(subjectAddress, key)
 	ffsid.addCall(method, args)
 	err = ffsid.sendWait()
 	commonCmd.ExitOnErr(cmd, "delete KV: %w", err)
 }
 func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	ns := getFrostfsIDNamespace(cmd)
 	groupID := getFrostfsIDGroupID(cmd)
-	extended, _ := cmd.Flags().GetBool(extendedFlag)
+	includeNames, _ := cmd.Flags().GetBool(includeNamesFlag)
 	inv, cs, hash := initInvoker(cmd)
 	_, err := helper.NNSResolveHash(inv, cs.Hash, helper.DomainOf(constants.FrostfsIDContract))
 	commonCmd.ExitOnErr(cmd, "can't get netmap contract hash: %w", err)
@ -490,7 +424,7 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	sessionID, it, err := reader.ListGroupSubjects(ns, big.NewInt(groupID))
 	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)
-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)
 	subjects, err := frostfsidclient.UnwrapArrayOfUint160(items, err)
@ -499,7 +433,7 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	sort.Slice(subjects, func(i, j int) bool { return subjects[i].Less(subjects[j]) })
 	for _, subjAddr := range subjects {
-		if !extended {
+		if !includeNames {
 			cmd.Println(address.Uint160ToString(subjAddr))
 			continue
 		}
@ -508,8 +442,7 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 		commonCmd.ExitOnErr(cmd, "can't get subject: %w", err)
 		subj, err := frostfsidclient.ParseSubject(items)
 		commonCmd.ExitOnErr(cmd, "can't parse subject: %w", err)
-		printSubjectInfo(cmd, subjAddr, subj)
+		cmd.Printf("%s (%s)\n", address.Uint160ToString(subjAddr), subj.Name)
 		cmd.Println()
 	}
 }
@ -564,28 +497,32 @@ func (f *frostfsidClient) sendWaitRes() (*state.AppExecResult, error) {
 	}
 	f.bw.Reset()
 	if len(f.wCtx.SentTxs) == 0 {
 		return nil, errors.New("no transactions to wait")
 	}
 	f.wCtx.Command.Println("Waiting for transactions to persist...")
 	return f.roCli.Wait(f.wCtx.SentTxs[0].Hash, f.wCtx.SentTxs[0].Vub, nil)
 }
-func readIterator(inv *invoker.Invoker, iter *result.Iterator, sessionID uuid.UUID) ([]stackitem.Item, error) {
+func readIterator(inv *invoker.Invoker, iter *result.Iterator, batchSize int, sessionID uuid.UUID) ([]stackitem.Item, error) {
 	var shouldStop bool
 	res := make([]stackitem.Item, 0)
 	for !shouldStop {
-		items, err := inv.TraverseIterator(sessionID, iter, iteratorBatchSize)
+		items, err := inv.TraverseIterator(sessionID, iter, batchSize)
 		if err != nil {
 			return nil, err
 		}
 		res = append(res, items...)
-		shouldStop = len(items) < iteratorBatchSize
+		shouldStop = len(items) < batchSize
 	}
 	return res, nil
 }
 func initInvoker(cmd *cobra.Command) (*invoker.Invoker, *state.Contract, util.Uint160) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)
 	inv := invoker.New(c, nil)
@ -599,30 +536,3 @@ func initInvoker(cmd *cobra.Command) (*invoker.Invoker, *state.Contract, util.Ui
 	return inv, cs, nmHash
 }
 func printSubjectInfo(cmd *cobra.Command, addr util.Uint160, subj *frostfsidclient.Subject) {
 	cmd.Printf("Address: %s\n", address.Uint160ToString(addr))
 	pk := "<nil>"
 	if subj.PrimaryKey != nil {
 		pk = subj.PrimaryKey.String()
 	}
 	cmd.Printf("Primary key: %s\n", pk)
 	cmd.Printf("Name: %s\n", subj.Name)
 	cmd.Printf("Namespace: %s\n", subj.Namespace)
 	if len(subj.AdditionalKeys) > 0 {
 		cmd.Printf("Additional keys:\n")
 		for _, key := range subj.AdditionalKeys {
 			k := "<nil>"
 			if key != nil {
 				k = key.String()
 			}
 			cmd.Printf("- %s\n", k)
 		}
 	}
 	if len(subj.KV) > 0 {
 		cmd.Printf("KV:\n")
 		for k, v := range subj.KV {
 			cmd.Printf("- %s: %s\n", k, v)
 		}
 	}
 }
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
@ -1,12 +1,59 @@
 package frostfsid
 import (
 	"encoding/hex"
 	"testing"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/ape"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 )
 func TestFrostfsIDConfig(t *testing.T) {
 	pks := make([]*keys.PrivateKey, 4)
 	for i := range pks {
 		pk, err := keys.NewPrivateKey()
 		require.NoError(t, err)
 		pks[i] = pk
 	}
 	fmts := []string{
 		pks[0].GetScriptHash().StringLE(),
 		address.Uint160ToString(pks[1].GetScriptHash()),
 		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
 		hex.EncodeToString(pks[3].PublicKey().Bytes()),
 	}
 	for i := range fmts {
 		v := viper.New()
 		v.Set("frostfsid.admin", fmts[i])
 		actual, found, err := helper.GetFrostfsIDAdmin(v)
 		require.NoError(t, err)
 		require.True(t, found)
 		require.Equal(t, pks[i].GetScriptHash(), actual)
 	}
 	t.Run("bad key", func(t *testing.T) {
 		v := viper.New()
 		v.Set("frostfsid.admin", "abc")
 		_, found, err := helper.GetFrostfsIDAdmin(v)
 		require.Error(t, err)
 		require.True(t, found)
 	})
 	t.Run("missing key", func(t *testing.T) {
 		v := viper.New()
 		_, found, err := helper.GetFrostfsIDAdmin(v)
 		require.NoError(t, err)
 		require.False(t, found)
 	})
 }
 func TestNamespaceRegexp(t *testing.T) {
 	for _, tc := range []struct {
 		name      string
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
@ -12,8 +12,4 @@ func init() {
 	initFrostfsIDAddSubjectToGroupCmd()
 	initFrostfsIDRemoveSubjectFromGroupCmd()
 	initFrostfsIDListGroupSubjectsCmd()
 	initFrostfsIDSetKVCmd()
 	initFrostfsIDDeleteKVCmd()
 	initFrostfsIDAddSubjectKeyCmd()
 	initFrostfsIDRemoveSubjectKeyCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
@ -12,6 +12,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/gas"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract"
@ -72,6 +73,7 @@ func initializeWallets(v *viper.Viper, walletDir string, size int) ([]string, er
 			return nil, fmt.Errorf("can't fetch password: %w", err)
 		}
 		i := i
 		errG.Go(func() error {
 			p := filepath.Join(walletDir, innerring.GlagoliticLetter(i).String()+".json")
 			f, err := os.OpenFile(p, os.O_CREATE, 0o644)
@ -105,6 +107,7 @@ func initializeWallets(v *viper.Viper, walletDir string, size int) ([]string, er
 	// Create consensus account with 2*N/3+1 multi-signature.
 	bftCount := smartcontract.GetDefaultHonestNodeCount(size)
 	for i := range wallets {
 		i := i
 		ps := pubs.Copy()
 		errG.Go(func() error {
 			if err := addMultisigAccount(wallets[i], majCount, constants.CommitteeAccountName, passwords[i], ps); err != nil {
@ -140,29 +143,60 @@ func addMultisigAccount(w *wallet.Wallet, m int, name, password string, pubs key
 }
 func generateStorageCreds(cmd *cobra.Command, _ []string) error {
-	walletPath, _ := cmd.Flags().GetString(commonflags.StorageWalletFlag)
+	return refillGas(cmd, storageGasConfigFlag, true)
 	w, err := wallet.NewWallet(walletPath)
 	if err != nil {
 		return fmt.Errorf("create wallet: %w", err)
 	}
 	label, _ := cmd.Flags().GetString(storageWalletLabelFlag)
 	password, err := config.GetStoragePassword(viper.GetViper(), label)
 	if err != nil {
 		return fmt.Errorf("can't fetch password: %w", err)
 	}
 	if label == "" {
 		label = constants.SingleAccountName
 	}
 	if err := w.CreateAccount(label, password); err != nil {
 		return fmt.Errorf("can't create account: %w", err)
 	}
 	return refillGas(cmd, storageGasConfigFlag, w.Accounts[0].ScriptHash())
 }
-func refillGas(cmd *cobra.Command, gasFlag string, gasReceivers ...util.Uint160) (err error) {
+func refillGas(cmd *cobra.Command, gasFlag string, createWallet bool) (err error) {
 	// storage wallet path is not part of the config
 	storageWalletPath, _ := cmd.Flags().GetString(commonflags.StorageWalletFlag)
 	// wallet address is not part of the config
 	walletAddress, _ := cmd.Flags().GetString(walletAddressFlag)
 	var gasReceiver util.Uint160
 	if len(walletAddress) != 0 {
 		gasReceiver, err = address.StringToUint160(walletAddress)
 		if err != nil {
 			return fmt.Errorf("invalid wallet address %s: %w", walletAddress, err)
 		}
 	} else {
 		if storageWalletPath == "" {
 			return fmt.Errorf("missing wallet path (use '--%s <out.json>')", commonflags.StorageWalletFlag)
 		}
 		var w *wallet.Wallet
 		if createWallet {
 			w, err = wallet.NewWallet(storageWalletPath)
 		} else {
 			w, err = wallet.NewWalletFromFile(storageWalletPath)
 		}
 		if err != nil {
 			return fmt.Errorf("can't create wallet: %w", err)
 		}
 		if createWallet {
 			var password string
 			label, _ := cmd.Flags().GetString(storageWalletLabelFlag)
 			password, err := config.GetStoragePassword(viper.GetViper(), label)
 			if err != nil {
 				return fmt.Errorf("can't fetch password: %w", err)
 			}
 			if label == "" {
 				label = constants.SingleAccountName
 			}
 			if err := w.CreateAccount(label, password); err != nil {
 				return fmt.Errorf("can't create account: %w", err)
 			}
 		}
 		gasReceiver = w.Accounts[0].Contract.ScriptHash()
 	}
 	gasStr := viper.GetString(gasFlag)
 	gasAmount, err := helper.ParseGASAmount(gasStr)
@ -176,11 +210,9 @@ func refillGas(cmd *cobra.Command, gasFlag string, gasReceivers ...util.Uint160)
 	}
 	bw := io.NewBufBinWriter()
-	for _, gasReceiver := range gasReceivers {
+	emit.AppCall(bw.BinWriter, gas.Hash, "transfer", callflag.All,
-		emit.AppCall(bw.BinWriter, gas.Hash, "transfer", callflag.All,
+		wCtx.CommitteeAcc.Contract.ScriptHash(), gasReceiver, int64(gasAmount), nil)
-			wCtx.CommitteeAcc.Contract.ScriptHash(), gasReceiver, int64(gasAmount), nil)
+	emit.Opcodes(bw.BinWriter, opcode.ASSERT)
 		emit.Opcodes(bw.BinWriter, opcode.ASSERT)
 	}
 	if bw.Err != nil {
 		return fmt.Errorf("BUG: invalid transfer arguments: %w", bw.Err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate_test.go
@ -63,7 +63,7 @@ func TestGenerateAlphabet(t *testing.T) {
 	buf.Reset()
 	v.Set(commonflags.AlphabetWalletsFlag, walletDir)
 	require.NoError(t, GenerateAlphabetCmd.Flags().Set(commonflags.AlphabetSizeFlag, strconv.FormatUint(size, 10)))
-	for i := range uint64(size) {
+	for i := uint64(0); i < size; i++ {
 		buf.WriteString(strconv.FormatUint(i, 10) + "\r")
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/generate/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/root.go
@ -1,12 +1,7 @@
 package generate
 import (
 	"fmt"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -38,27 +33,7 @@ var (
 			_ = viper.BindPFlag(commonflags.RefillGasAmountFlag, cmd.Flags().Lookup(commonflags.RefillGasAmountFlag))
 		},
 		RunE: func(cmd *cobra.Command, _ []string) error {
-			storageWalletPaths, _ := cmd.Flags().GetStringArray(commonflags.StorageWalletFlag)
+			return refillGas(cmd, commonflags.RefillGasAmountFlag, false)
 			walletAddresses, _ := cmd.Flags().GetStringArray(walletAddressFlag)
 			var gasReceivers []util.Uint160
 			for _, walletAddress := range walletAddresses {
 				addr, err := address.StringToUint160(walletAddress)
 				if err != nil {
 					return fmt.Errorf("invalid wallet address %s: %w", walletAddress, err)
 				}
 				gasReceivers = append(gasReceivers, addr)
 			}
 			for _, storageWalletPath := range storageWalletPaths {
 				w, err := wallet.NewWalletFromFile(storageWalletPath)
 				if err != nil {
 					return fmt.Errorf("can't create wallet: %w", err)
 				}
 				gasReceivers = append(gasReceivers, w.Accounts[0].Contract.ScriptHash())
 			}
 			return refillGas(cmd, commonflags.RefillGasAmountFlag, gasReceivers...)
 		},
 	}
 	GenerateAlphabetCmd = &cobra.Command{
@ -75,10 +50,10 @@ var (
 func initRefillGasCmd() {
 	RefillGasCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	RefillGasCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	RefillGasCmd.Flags().StringArray(commonflags.StorageWalletFlag, nil, "Path to storage node wallet")
+	RefillGasCmd.Flags().String(commonflags.StorageWalletFlag, "", "Path to storage node wallet")
-	RefillGasCmd.Flags().StringArray(walletAddressFlag, nil, "Address of wallet")
+	RefillGasCmd.Flags().String(walletAddressFlag, "", "Address of wallet")
 	RefillGasCmd.Flags().String(commonflags.RefillGasAmountFlag, "", "Additional amount of GAS to transfer")
-	RefillGasCmd.MarkFlagsOneRequired(walletAddressFlag, commonflags.StorageWalletFlag)
+	RefillGasCmd.MarkFlagsMutuallyExclusive(walletAddressFlag, commonflags.StorageWalletFlag)
 }
 func initGenerateStorageCmd() {
--- a/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
@ -3,6 +3,10 @@ package helper
 import (
 	"fmt"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
@ -13,6 +17,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -24,88 +29,44 @@ type LocalActor struct {
 	rpcInvoker invoker.RPCInvoke
 }
 type AlphabetWallets struct {
 	Label string
 	Path  string
 }
 func (a *AlphabetWallets) GetAccount(v *viper.Viper) ([]*wallet.Account, error) {
 	w, err := GetAlphabetWallets(v, a.Path)
 	if err != nil {
 		return nil, err
 	}
 	var accounts []*wallet.Account
 	for _, wall := range w {
 		acc, err := GetWalletAccount(wall, a.Label)
 		if err != nil {
 			return nil, err
 		}
 		accounts = append(accounts, acc)
 	}
 	return accounts, nil
 }
 type RegularWallets struct{ Path string }
 func (r *RegularWallets) GetAccount() ([]*wallet.Account, error) {
 	w, err := getRegularWallet(r.Path)
 	if err != nil {
 		return nil, err
 	}
 	return []*wallet.Account{w.GetAccount(w.GetChangeAddress())}, nil
 }
 // NewLocalActor create LocalActor with accounts form provided wallets.
 // In case of empty wallets provided created actor with dummy account only for read operation.
-//
+func NewLocalActor(cmd *cobra.Command, c actor.RPCActor) (*LocalActor, error) {
-// If wallets are provided, the contract client will use accounts with accName name from these wallets.
+	walletDir := config.ResolveHomePath(viper.GetString(commonflags.AlphabetWalletsFlag))
 // To determine which account name should be used in a contract client, refer to how the contract
 // verifies the transaction signature.
 func NewLocalActor(c actor.RPCActor, alphabet *AlphabetWallets, regularWallets ...*RegularWallets) (*LocalActor, error) {
 	var act *actor.Actor
 	var accounts []*wallet.Account
-	var signers []actor.SignerAccount
+	if walletDir == "" {
-
+		account, err := wallet.NewAccount()
-	if alphabet != nil {
+		commonCmd.ExitOnErr(cmd, "unable to create dummy account: %w", err)
-		account, err := alphabet.GetAccount(viper.GetViper())
+		act, err = actor.New(c, []actor.SignerAccount{{
 			Signer: transaction.Signer{
 				Account: account.Contract.ScriptHash(),
 				Scopes:  transaction.Global,
 			},
 			Account: account,
 		}})
 		if err != nil {
 			return nil, err
 		}
 	} else {
 		wallets, err := GetAlphabetWallets(viper.GetViper(), walletDir)
 		commonCmd.ExitOnErr(cmd, "unable to get alphabet wallets: %w", err)
-		accounts = append(accounts, account...)
+		for _, w := range wallets {
-		signers = append(signers, actor.SignerAccount{
+			acc, err := GetWalletAccount(w, constants.CommitteeAccountName)
 			commonCmd.ExitOnErr(cmd, "can't find committee account: %w", err)
 			accounts = append(accounts, acc)
 		}
 		act, err = actor.New(c, []actor.SignerAccount{{
 			Signer: transaction.Signer{
-				Account: account[0].Contract.ScriptHash(),
+				Account: accounts[0].Contract.ScriptHash(),
 				Scopes:  transaction.Global,
 			},
-			Account: account[0],
+			Account: accounts[0],
-		})
+		}})
 	}
 	for _, w := range regularWallets {
 		if w == nil {
 			continue
 		}
 		account, err := w.GetAccount()
 		if err != nil {
 			return nil, err
 		}
 		accounts = append(accounts, account...)
 		signers = append(signers, actor.SignerAccount{
 			Signer: transaction.Signer{
 				Account: account[0].Contract.ScriptHash(),
 				Scopes:  transaction.Global,
 			},
 			Account: account[0],
 		})
 	}
 	act, err := actor.New(c, signers)
 	if err != nil {
 		return nil, err
 	}
 	return &LocalActor{
 		neoActor:   act,
--- a/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
@ -82,7 +82,7 @@ func GetContractDeployData(c *InitializeContext, ctrName string, keysParam []any
 			h, found, err = getFrostfsIDAdminFromContract(c.ReadOnlyInvoker)
 		}
 		if method != constants.UpdateMethodName || err == nil && !found {
-			h, found, err = getFrostfsIDAdmin(viper.GetViper())
+			h, found, err = GetFrostfsIDAdmin(viper.GetViper())
 		}
 		if err != nil {
 			return nil, err
@ -166,6 +166,5 @@ func DeployNNS(c *InitializeContext, method string) error {
 		return fmt.Errorf("can't send deploy transaction: %w", err)
 	}
 	c.Command.Println("NNS hash:", invokeHash.StringLE())
 	return c.AwaitTx()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
@ -11,7 +11,7 @@ import (
 const frostfsIDAdminConfigKey = "frostfsid.admin"
-func getFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
+func GetFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
 	admin := v.GetString(frostfsIDAdminConfigKey)
 	if admin == "" {
 		return util.Uint160{}, false, nil
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
@ -1,53 +0,0 @@
 package helper
 import (
 	"encoding/hex"
 	"testing"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 )
 func TestFrostfsIDConfig(t *testing.T) {
 	pks := make([]*keys.PrivateKey, 4)
 	for i := range pks {
 		pk, err := keys.NewPrivateKey()
 		require.NoError(t, err)
 		pks[i] = pk
 	}
 	fmts := []string{
 		pks[0].GetScriptHash().StringLE(),
 		address.Uint160ToString(pks[1].GetScriptHash()),
 		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
 		hex.EncodeToString(pks[3].PublicKey().Bytes()),
 	}
 	for i := range fmts {
 		v := viper.New()
 		v.Set("frostfsid.admin", fmts[i])
 		actual, found, err := getFrostfsIDAdmin(v)
 		require.NoError(t, err)
 		require.True(t, found)
 		require.Equal(t, pks[i].GetScriptHash(), actual)
 	}
 	t.Run("bad key", func(t *testing.T) {
 		v := viper.New()
 		v.Set("frostfsid.admin", "abc")
 		_, found, err := getFrostfsIDAdmin(v)
 		require.Error(t, err)
 		require.True(t, found)
 	})
 	t.Run("missing key", func(t *testing.T) {
 		v := viper.New()
 		_, found, err := getFrostfsIDAdmin(v)
 		require.NoError(t, err)
 		require.False(t, found)
 	})
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/initialize.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/initialize.go
@ -6,7 +6,6 @@ import (
 	"time"
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	nns2 "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
@ -14,7 +13,9 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/core/native/nativenames"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	nns2 "github.com/nspcc-dev/neo-go/pkg/rpcclient/nns"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
 	"github.com/nspcc-dev/neo-go/pkg/util"
@ -186,9 +187,19 @@ func NNSResolveKey(inv *invoker.Invoker, nnsHash util.Uint160, domain string) (*
 }
 func NNSIsAvailable(c Client, nnsHash util.Uint160, name string) (bool, error) {
-	inv := invoker.New(c, nil)
+	switch c.(type) {
-	reader := nns2.NewReader(inv, nnsHash)
+	case *rpcclient.Client:
-	return reader.IsAvailable(name)
+		inv := invoker.New(c, nil)
 		reader := nns2.NewReader(inv, nnsHash)
 		return reader.IsAvailable(name)
 	default:
 		b, err := unwrap.Bool(InvokeFunction(c, nnsHash, "isAvailable", []any{name}, nil))
 		if err != nil {
 			return false, fmt.Errorf("`isAvailable`: invalid response: %w", err)
 		}
 		return b, nil
 	}
 }
 func CheckNotaryEnabled(c Client) error {
--- a/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
@ -13,7 +13,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
@ -22,7 +21,6 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/context"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/manifest"
@ -30,6 +28,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/vm/emit"
 	"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
 	"github.com/nspcc-dev/neo-go/pkg/vm/vmstate"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@ -135,12 +134,12 @@ func NewInitializeContext(cmd *cobra.Command, v *viper.Viper) (*InitializeContex
 		return nil, err
 	}
-	accounts, err := getSingleAccounts(wallets)
+	accounts, err := createWalletAccounts(wallets)
 	if err != nil {
 		return nil, err
 	}
-	cliCtx, err := defaultClientContext(c, committeeAcc)
+	cliCtx, err := DefaultClientContext(c, committeeAcc)
 	if err != nil {
 		return nil, fmt.Errorf("client context: %w", err)
 	}
@ -192,7 +191,7 @@ func createClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet)
 		}
 		c, err = NewLocalClient(cmd, v, wallets, ldf.Value.String())
 	} else {
-		c, err = NewRemoteClient(v)
+		c, err = GetN3Client(v)
 	}
 	if err != nil {
 		return nil, fmt.Errorf("can't create N3 client: %w", err)
@ -212,7 +211,7 @@ func getContractsPath(cmd *cobra.Command, needContracts bool) (string, error) {
 	return ctrPath, nil
 }
-func getSingleAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
+func createWalletAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
 	accounts := make([]*wallet.Account, len(wallets))
 	for i, w := range wallets {
 		acc, err := GetWalletAccount(w, constants.SingleAccountName)
@ -376,7 +375,9 @@ func (c *InitializeContext) sendMultiTx(script []byte, tryGroup bool, withConsen
 		}
 		act, err = actor.New(c.Client, signers)
 	} else {
-		assert.False(withConsensus, "BUG: should never happen")
+		if withConsensus {
 			panic("BUG: should never happen")
 		}
 		act, err = c.CommitteeAct, nil
 	}
 	if err != nil {
@ -410,9 +411,11 @@ func (c *InitializeContext) MultiSignAndSend(tx *transaction.Transaction, accTyp
 func (c *InitializeContext) MultiSign(tx *transaction.Transaction, accType string) error {
 	version, err := c.Client.GetVersion()
-	// error appears only if client
+	if err != nil {
-	// has not been initialized
+		// error appears only if client
-	assert.NoError(err)
+		// has not been initialized
 		panic(err)
 	}
 	network := version.Protocol.Network
 	// Use parameter context to avoid dealing with signature order.
@ -444,12 +447,12 @@ func (c *InitializeContext) MultiSign(tx *transaction.Transaction, accType strin
 	for i := range tx.Signers {
 		if tx.Signers[i].Account == h {
 			assert.True(i <= len(tx.Scripts), "BUG: invalid signing order")
 			if i < len(tx.Scripts) {
 				tx.Scripts[i] = *w
-			}
+			} else if i == len(tx.Scripts) {
 			if i == len(tx.Scripts) {
 				tx.Scripts = append(tx.Scripts, *w)
 			} else {
 				panic("BUG: invalid signing order")
 			}
 			return nil
 		}
@ -507,7 +510,9 @@ func (c *InitializeContext) NNSRegisterDomainScript(nnsHash, expectedHash util.U
 			int64(constants.DefaultExpirationTime), constants.NNSTtlDefVal)
 		emit.Opcodes(bw.BinWriter, opcode.ASSERT)
-		assert.NoError(bw.Err)
+		if bw.Err != nil {
 			panic(bw.Err)
 		}
 		return bw.Bytes(), false, nil
 	}
@ -519,8 +524,12 @@ func (c *InitializeContext) NNSRegisterDomainScript(nnsHash, expectedHash util.U
 }
 func (c *InitializeContext) NNSRootRegistered(nnsHash util.Uint160, zone string) (bool, error) {
-	avail, err := unwrap.Bool(c.CommitteeAct.Call(nnsHash, "isAvailable", zone))
+	res, err := c.CommitteeAct.Call(nnsHash, "isAvailable", "name."+zone)
-	return !avail, err
+	if err != nil {
 		return false, err
 	}
 	return res.State == vmstate.Halt.String(), nil
 }
 func (c *InitializeContext) IsUpdated(ctrHash util.Uint160, cs *ContractState) bool {
--- a/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
@ -8,9 +8,7 @@ import (
 	"sort"
 	"time"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/config"
 	"github.com/nspcc-dev/neo-go/pkg/core"
@ -49,7 +47,7 @@ type LocalClient struct {
 }
 func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet, dumpPath string) (*LocalClient, error) {
-	cfg, err := config.LoadFile(v.GetString(commonflags.ProtoConfigPath))
+	cfg, err := config.LoadFile(v.GetString(constants.ProtoConfigPath))
 	if err != nil {
 		return nil, err
 	}
@ -59,59 +57,17 @@ func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet
 		return nil, err
 	}
-	go bc.Run()
+	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ProtocolConfiguration.ValidatorsCount))
 	accounts, err := getBlockSigningAccounts(cfg.ProtocolConfiguration, wallets)
 	if err != nil {
 		return nil, err
 	}
 	if cmd.Name() != "init" {
 		if err := restoreDump(bc, dumpPath); err != nil {
 			return nil, fmt.Errorf("restore dump: %w", err)
 		}
 	}
 	return &LocalClient{
 		bc:       bc,
 		dumpPath: dumpPath,
 		accounts: accounts,
 	}, nil
 }
 func restoreDump(bc *core.Blockchain, dumpPath string) error {
 	f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
 	if err != nil {
 		return fmt.Errorf("can't open local dump: %w", err)
 	}
 	defer f.Close()
 	r := io.NewBinReaderFromIO(f)
 	var skip uint32
 	if bc.BlockHeight() != 0 {
 		skip = bc.BlockHeight() + 1
 	}
 	count := r.ReadU32LE() - skip
 	if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
 		return err
 	}
 	return nil
 }
 func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet.Wallet) ([]*wallet.Account, error) {
 	accounts := make([]*wallet.Account, len(wallets))
 	for i := range accounts {
-		acc, err := GetWalletAccount(wallets[i], constants.ConsensusAccountName)
+		accounts[i], err = GetWalletAccount(wallets[i], constants.ConsensusAccountName)
 		if err != nil {
 			return nil, err
 		}
 		accounts[i] = acc
 	}
 	indexMap := make(map[string]int)
-	for i, pub := range cfg.StandbyCommittee {
+	for i, pub := range cfg.ProtocolConfiguration.StandbyCommittee {
 		indexMap[pub] = i
 	}
@ -120,12 +76,37 @@ func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet
 		pj := accounts[j].PrivateKey().PublicKey().Bytes()
 		return indexMap[string(pi)] < indexMap[string(pj)]
 	})
-	sort.Slice(accounts[:cfg.ValidatorsCount], func(i, j int) bool {
+	sort.Slice(accounts[:cfg.ProtocolConfiguration.ValidatorsCount], func(i, j int) bool {
 		return accounts[i].PublicKey().Cmp(accounts[j].PublicKey()) == -1
 	})
-	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ValidatorsCount))
+	go bc.Run()
-	return accounts[:m], nil
+
 	if cmd.Name() != "init" {
 		f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
 		if err != nil {
 			return nil, fmt.Errorf("can't open local dump: %w", err)
 		}
 		defer f.Close()
 		r := io.NewBinReaderFromIO(f)
 		var skip uint32
 		if bc.BlockHeight() != 0 {
 			skip = bc.BlockHeight() + 1
 		}
 		count := r.ReadU32LE() - skip
 		if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
 			return nil, fmt.Errorf("can't restore local dump: %w", err)
 		}
 	}
 	return &LocalClient{
 		bc:       bc,
 		dumpPath: dumpPath,
 		accounts: accounts[:m],
 	}, nil
 }
 func (l *LocalClient) GetBlockCount() (uint32, error) {
@ -146,6 +127,11 @@ func (l *LocalClient) GetApplicationLog(h util.Uint256, t *trigger.Type) (*resul
 	return &a, nil
 }
 func (l *LocalClient) GetCommittee() (keys.PublicKeys, error) {
 	// not used by `morph init` command
 	panic("unexpected call")
 }
 // InvokeFunction is implemented via `InvokeScript`.
 func (l *LocalClient) InvokeFunction(h util.Uint160, method string, sPrm []smartcontract.Parameter, ss []transaction.Signer) (*result.Invoke, error) {
 	var err error
@ -238,7 +224,7 @@ func (l *LocalClient) CalculateNetworkFee(tx *transaction.Transaction) (int64, e
 					paramz = []manifest.Parameter{{Type: smartcontract.SignatureType}}
 				} else if nSigs, _, ok := vm.ParseMultiSigContract(w.VerificationScript); ok {
 					paramz = make([]manifest.Parameter, nSigs)
-					for j := range nSigs {
+					for j := 0; j < nSigs; j++ {
 						paramz[j] = manifest.Parameter{Type: smartcontract.SignatureType}
 					}
 				}
@ -309,7 +295,13 @@ func (l *LocalClient) InvokeScript(script []byte, signers []transaction.Signer)
 }
 func (l *LocalClient) SendRawTransaction(tx *transaction.Transaction) (util.Uint256, error) {
-	tx = tx.Copy()
+	// We need to test that transaction was formed correctly to catch as many errors as we can.
 	bs := tx.Bytes()
 	_, err := transaction.NewTransactionFromBytes(bs)
 	if err != nil {
 		return tx.Hash(), fmt.Errorf("invalid transaction: %w", err)
 	}
 	l.transactions = append(l.transactions, tx)
 	return tx.Hash(), nil
 }
@ -317,7 +309,9 @@ func (l *LocalClient) SendRawTransaction(tx *transaction.Transaction) (util.Uint
 func (l *LocalClient) putTransactions() error {
 	// 1. Prepare new block.
 	lastBlock, err := l.bc.GetBlock(l.bc.CurrentBlockHash())
-	assert.NoError(err)
+	if err != nil {
 		panic(err)
 	}
 	defer func() { l.transactions = l.transactions[:0] }()
 	b := &block.Block{
@ -358,7 +352,9 @@ func InvokeFunction(c Client, h util.Uint160, method string, parameters []any, s
 	w := io.NewBufBinWriter()
 	emit.Array(w.BinWriter, parameters...)
 	emit.AppCallNoArgs(w.BinWriter, h, method, callflag.All)
-	assert.True(w.Err == nil, fmt.Sprintf("BUG: invalid parameters for '%s': %v", method, w.Err))
+	if w.Err != nil {
 		panic(fmt.Sprintf("BUG: invalid parameters for '%s': %v", method, w.Err))
 	}
 	return c.InvokeScript(w.Bytes(), signers)
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
@ -10,6 +10,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/neorpc/result"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
@ -24,10 +25,15 @@ import (
 // Client represents N3 client interface capable of test-invoking scripts
 // and sending signed transactions to chain.
 type Client interface {
-	actor.RPCActor
+	invoker.RPCInvoke
 	GetBlockCount() (uint32, error)
 	GetNativeContracts() ([]state.Contract, error)
 	GetApplicationLog(util.Uint256, *trigger.Type) (*result.ApplicationLog, error)
 	GetVersion() (*result.Version, error)
 	SendRawTransaction(*transaction.Transaction) (util.Uint256, error)
 	GetCommittee() (keys.PublicKeys, error)
 	CalculateNetworkFee(tx *transaction.Transaction) (int64, error)
 }
 type HashVUBPair struct {
@ -42,7 +48,7 @@ type ClientContext struct {
 	SentTxs         []HashVUBPair
 }
-func NewRemoteClient(v *viper.Viper) (Client, error) {
+func GetN3Client(v *viper.Viper) (Client, error) {
 	// number of opened connections
 	// by neo-go client per one host
 	const (
@ -82,14 +88,8 @@ func NewRemoteClient(v *viper.Viper) (Client, error) {
 	return c, nil
 }
-func defaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
+func DefaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
-	commAct, err := actor.New(c, []actor.SignerAccount{{
+	commAct, err := NewActor(c, committeeAcc)
 		Signer: transaction.Signer{
 			Account: committeeAcc.Contract.ScriptHash(),
 			Scopes:  transaction.Global,
 		},
 		Account: committeeAcc,
 	}})
 	if err != nil {
 		return nil, err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/netmap.go
@ -3,7 +3,6 @@ package helper
 import (
 	"errors"
 	"fmt"
 	"slices"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
@ -73,17 +72,13 @@ func InvalidConfigValueErr(key string) error {
 	return fmt.Errorf("invalid %s config value from netmap contract", key)
 }
-func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160, countEpoch int64) error {
+func EmitNewEpochCall(bw *io.BufBinWriter, wCtx *InitializeContext, nmHash util.Uint160) error {
 	if countEpoch <= 0 {
 		return errors.New("number of epochs cannot be less than 1")
 	}
 	curr, err := unwrap.Int64(wCtx.ReadOnlyInvoker.Call(nmHash, "epoch"))
 	if err != nil {
 		return errors.New("can't fetch current epoch from the netmap contract")
 	}
-	newEpoch := curr + countEpoch
+	newEpoch := curr + 1
 	wCtx.Command.Printf("Current epoch: %d, increase to %d.\n", curr, newEpoch)
 	// In NeoFS this is done via Notary contract. Here, however, we can form the
@ -119,8 +114,11 @@ func MergeNetmapConfig(roInvoker *invoker.Invoker, md map[string]any) error {
 		return err
 	}
 	for k, v := range m {
-		if slices.Contains(NetmapConfigKeys, k) {
+		for _, key := range NetmapConfigKeys {
-			md[k] = v
+			if k == key {
 				md[k] = v
 				break
 			}
 		}
 	}
 	return nil
--- a/cmd/frostfs-adm/internal/modules/morph/helper/util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/util.go
@ -14,36 +14,16 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"github.com/nspcc-dev/neo-go/cli/input"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/viper"
 )
 func getRegularWallet(walletPath string) (*wallet.Wallet, error) {
 	w, err := wallet.NewWalletFromFile(walletPath)
 	if err != nil {
 		return nil, err
 	}
 	password, err := input.ReadPassword("Enter password for wallet:")
 	if err != nil {
 		return nil, fmt.Errorf("can't fetch password: %w", err)
 	}
 	for i := range w.Accounts {
 		if err = w.Accounts[i].Decrypt(password, keys.NEP2ScryptParams()); err != nil {
 			err = fmt.Errorf("can't unlock wallet: %w", err)
 			break
 		}
 	}
 	return w, err
 }
 func GetAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, error) {
 	wallets, err := openAlphabetWallets(v, walletDir)
 	if err != nil {
@ -64,7 +44,7 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 	var wallets []*wallet.Wallet
 	var letter string
-	for i := range constants.MaxAlphabetNodes {
+	for i := 0; i < constants.MaxAlphabetNodes; i++ {
 		letter = innerring.GlagoliticLetter(i).String()
 		p := filepath.Join(walletDir, letter+".json")
 		var w *wallet.Wallet
@ -73,7 +53,7 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 			if errors.Is(err, os.ErrNotExist) {
 				err = nil
 			} else {
-				err = fmt.Errorf("can't open alphabet wallet: %w", err)
+				err = fmt.Errorf("can't open wallet: %w", err)
 			}
 			break
 		}
@ -107,6 +87,16 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 	return wallets, nil
 }
 func NewActor(c actor.RPCActor, committeeAcc *wallet.Account) (*actor.Actor, error) {
 	return actor.New(c, []actor.SignerAccount{{
 		Signer: transaction.Signer{
 			Account: committeeAcc.Contract.ScriptHash(),
 			Scopes:  transaction.Global,
 		},
 		Account: committeeAcc,
 	}})
 }
 func ReadContract(ctrPath, ctrName string) (*ContractState, error) {
 	rawNef, err := os.ReadFile(filepath.Join(ctrPath, ctrName+"_contract.nef"))
 	if err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_nns.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_nns.go
@ -7,7 +7,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	morphClient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
@ -112,7 +111,9 @@ func wrapRegisterScriptWithPrice(w *io.BufBinWriter, nnsHash util.Uint160, s []b
 	emit.Opcodes(w.BinWriter, opcode.LDSFLD0, opcode.PUSH1, opcode.PACK)
 	emit.AppCallNoArgs(w.BinWriter, nnsHash, "setPrice", callflag.All)
-	assert.NoError(w.Err, "can't wrap register script")
+	if w.Err != nil {
 		panic(fmt.Errorf("BUG: can't wrap register script: %w", w.Err))
 	}
 }
 func nnsRegisterDomain(c *helper.InitializeContext, nnsHash, expectedHash util.Uint160, domain string) error {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_register.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_register.go
@ -1,18 +1,21 @@
 package initialize
 import (
 	"errors"
 	"fmt"
 	"math/big"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/assert"
 	"github.com/nspcc-dev/neo-go/pkg/core/native"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/neo"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/nep17"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/callflag"
 	"github.com/nspcc-dev/neo-go/pkg/util"
@ -27,8 +30,7 @@ const (
 )
 func registerCandidateRange(c *helper.InitializeContext, start, end int) error {
-	reader := neo.NewReader(c.ReadOnlyInvoker)
+	regPrice, err := getCandidateRegisterPrice(c)
 	regPrice, err := reader.GetRegisterPrice()
 	if err != nil {
 		return fmt.Errorf("can't fetch registration price: %w", err)
 	}
@ -40,7 +42,9 @@ func registerCandidateRange(c *helper.InitializeContext, start, end int) error {
 		emit.Opcodes(w.BinWriter, opcode.ASSERT)
 	}
 	emit.AppCall(w.BinWriter, neo.Hash, "setRegisterPrice", callflag.States, regPrice)
-	assert.NoError(w.Err)
+	if w.Err != nil {
 		panic(fmt.Sprintf("BUG: %v", w.Err))
 	}
 	signers := []actor.SignerAccount{{
 		Signer:  c.GetSigner(false, c.CommitteeAcc),
@ -112,7 +116,7 @@ func registerCandidates(c *helper.InitializeContext) error {
 func transferNEOToAlphabetContracts(c *helper.InitializeContext) error {
 	neoHash := neo.Hash
-	ok, err := transferNEOFinished(c)
+	ok, err := transferNEOFinished(c, neoHash)
 	if ok || err != nil {
 		return err
 	}
@ -135,8 +139,33 @@ func transferNEOToAlphabetContracts(c *helper.InitializeContext) error {
 	return c.AwaitTx()
 }
-func transferNEOFinished(c *helper.InitializeContext) (bool, error) {
+func transferNEOFinished(c *helper.InitializeContext, neoHash util.Uint160) (bool, error) {
-	r := neo.NewReader(c.ReadOnlyInvoker)
+	r := nep17.NewReader(c.ReadOnlyInvoker, neoHash)
 	bal, err := r.BalanceOf(c.CommitteeAcc.Contract.ScriptHash())
 	return bal.Cmp(big.NewInt(native.NEOTotalSupply)) == -1, err
 }
 var errGetPriceInvalid = errors.New("`getRegisterPrice`: invalid response")
 func getCandidateRegisterPrice(c *helper.InitializeContext) (int64, error) {
 	switch c.Client.(type) {
 	case *rpcclient.Client:
 		inv := invoker.New(c.Client, nil)
 		reader := neo.NewReader(inv)
 		return reader.GetRegisterPrice()
 	default:
 		neoHash := neo.Hash
 		res, err := helper.InvokeFunction(c.Client, neoHash, "getRegisterPrice", nil, nil)
 		if err != nil {
 			return 0, err
 		}
 		if len(res.Stack) == 0 {
 			return 0, errGetPriceInvalid
 		}
 		bi, err := res.Stack[0].TryInteger()
 		if err != nil || !bi.IsInt64() {
 			return 0, errGetPriceInvalid
 		}
 		return bi.Int64(), nil
 	}
 }
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_roles.go
@ -1,8 +1,6 @@
 package initialize
 import (
 	"fmt"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"github.com/nspcc-dev/neo-go/pkg/core/native/noderoles"
 	"github.com/nspcc-dev/neo-go/pkg/io"
@ -31,14 +29,10 @@ func setNotaryAndAlphabetNodes(c *helper.InitializeContext) error {
 		callflag.States|callflag.AllowNotify, int64(noderoles.NeoFSAlphabet), pubs)
 	if err := c.SendCommitteeTx(w.Bytes(), false); err != nil {
-		return fmt.Errorf("send committee transaction: %w", err)
+		return err
 	}
-	err := c.AwaitTx()
+	return c.AwaitTx()
 	if err != nil {
 		err = fmt.Errorf("await committee transaction: %w", err)
 	}
 	return err
 }
 func setRolesFinished(c *helper.InitializeContext) (bool, error) {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_test.go
@ -62,7 +62,7 @@ func testInitialize(t *testing.T, committeeSize int) {
 	v := viper.GetViper()
 	require.NoError(t, generateTestData(testdataDir, committeeSize))
-	v.Set(commonflags.ProtoConfigPath, filepath.Join(testdataDir, protoFileName))
+	v.Set(constants.ProtoConfigPath, filepath.Join(testdataDir, protoFileName))
 	// Set to the path or remove the next statement to download from the network.
 	require.NoError(t, Cmd.Flags().Set(commonflags.ContractsInitFlag, contractsPath))
@ -113,7 +113,7 @@ func generateTestData(dir string, size int) error {
 	}
 	var pubs []string
-	for i := range size {
+	for i := 0; i < size; i++ {
 		p := filepath.Join(dir, innerring.GlagoliticLetter(i).String()+".json")
 		w, err := wallet.NewWalletFromFile(p)
 		if err != nil {
@ -148,7 +148,7 @@ func generateTestData(dir string, size int) error {
 }
 func setTestCredentials(v *viper.Viper, size int) {
-	for i := range size {
+	for i := 0; i < size; i++ {
 		v.Set("credentials."+innerring.GlagoliticLetter(i).String(), strconv.FormatUint(uint64(i), 10))
 	}
 	v.Set("credentials.contract", constants.TestContractPassword)
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/initialize_transfer.go
@ -3,7 +3,6 @@ package initialize
 import (
 	"fmt"
 	"math/big"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
@ -22,16 +21,17 @@ import (
 )
 const (
 	gasInitialTotalSupply = 30000000 * native.GASFactor
 	// initialAlphabetGASAmount represents the amount of GAS given to each alphabet node.
 	initialAlphabetGASAmount = 10_000 * native.GASFactor
 	// initialProxyGASAmount represents the amount of GAS given to a proxy contract.
 	initialProxyGASAmount = 50_000 * native.GASFactor
 	// alphabetGasRatio is a coefficient that defines the threshold below which
 	// the balance of the alphabet node is considered not replenished. The value
 	// of this coefficient is determined empirically.
 	alphabetGasRatio = 5
 )
 func initialCommitteeGASAmount(c *helper.InitializeContext, initialGasDistribution int64) int64 {
 	return (initialGasDistribution - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2
 }
 func transferFunds(c *helper.InitializeContext) error {
 	ok, err := transferFundsFinished(c)
 	if ok || err != nil {
@ -41,11 +41,6 @@ func transferFunds(c *helper.InitializeContext) error {
 		return err
 	}
 	version, err := c.Client.GetVersion()
 	if err != nil {
 		return err
 	}
 	var transfers []transferTarget
 	for _, acc := range c.Accounts {
 		to := acc.Contract.ScriptHash()
@ -63,7 +58,7 @@ func transferFunds(c *helper.InitializeContext) error {
 		transferTarget{
 			Token:   gas.Hash,
 			Address: c.CommitteeAcc.Contract.ScriptHash(),
-			Amount:  initialCommitteeGASAmount(c, int64(version.Protocol.InitialGasDistribution)),
+			Amount:  (gasInitialTotalSupply - initialAlphabetGASAmount*int64(len(c.Wallets))) / 2,
 		},
 		transferTarget{
 			Token:   neo.Hash,
@ -84,26 +79,12 @@ func transferFunds(c *helper.InitializeContext) error {
 	return c.AwaitTx()
 }
 // transferFundsFinished checks balances of accounts we transfer GAS to.
 // The stage is considered finished if the balance is greater than the half of what we need to transfer.
 func transferFundsFinished(c *helper.InitializeContext) (bool, error) {
 	acc := c.Accounts[0]
 	r := nep17.NewReader(c.ReadOnlyInvoker, gas.Hash)
-	res, err := r.BalanceOf(c.ConsensusAcc.ScriptHash())
+	res, err := r.BalanceOf(acc.Contract.ScriptHash())
-	if err != nil {
+	return res.Cmp(big.NewInt(alphabetGasRatio*native.GASFactor)) == 1, err
 		return false, err
 	}
 	version, err := c.Client.GetVersion()
 	if err != nil || res.Cmp(big.NewInt(int64(version.Protocol.InitialGasDistribution))) != -1 {
 		return false, err
 	}
 	res, err = r.BalanceOf(c.CommitteeAcc.ScriptHash())
 	if err != nil {
 		return false, err
 	}
 	return res != nil && res.Cmp(big.NewInt(initialCommitteeGASAmount(c, int64(version.Protocol.InitialGasDistribution)))) == 1, err
 }
 func transferGASToProxy(c *helper.InitializeContext) error {
@ -163,17 +144,5 @@ func createNEP17MultiTransferTx(c helper.Client, acc *wallet.Account, recipients
 	if err != nil {
 		return nil, fmt.Errorf("can't create actor: %w", err)
 	}
-	tx, err := act.MakeRun(w.Bytes())
+	return act.MakeRun(w.Bytes())
 	if err != nil {
 		sum := make(map[util.Uint160]int64)
 		for _, recipient := range recipients {
 			sum[recipient.Token] += recipient.Amount
 		}
 		detail := make([]string, 0, len(sum))
 		for _, value := range sum {
 			detail = append(detail, fmt.Sprintf("amount=%v", value))
 		}
 		err = fmt.Errorf("transfer failed: from=%s(%s) %s: %w", acc.Label, acc.Address, strings.Join(detail, " "), err)
 	}
 	return tx, err
 }
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
@ -2,6 +2,7 @@ package initialize
 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -31,7 +32,7 @@ var Cmd = &cobra.Command{
 		_ = viper.BindPFlag(commonflags.ContainerFeeInitFlag, cmd.Flags().Lookup(containerFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.ContainerAliasFeeInitFlag, cmd.Flags().Lookup(containerAliasFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.WithdrawFeeInitFlag, cmd.Flags().Lookup(withdrawFeeCLIFlag))
-		_ = viper.BindPFlag(commonflags.ProtoConfigPath, cmd.Flags().Lookup(commonflags.ProtoConfigPath))
+		_ = viper.BindPFlag(constants.ProtoConfigPath, cmd.Flags().Lookup(constants.ProtoConfigPath))
 	},
 	RunE: initializeSideChainCmd,
 }
@ -47,7 +48,7 @@ func initInitCmd() {
 	// Defaults are taken from neo-preodolenie.
 	Cmd.Flags().Uint64(containerFeeCLIFlag, 1000, "Container registration fee")
 	Cmd.Flags().Uint64(containerAliasFeeCLIFlag, 500, "Container alias fee")
-	Cmd.Flags().String(commonflags.ProtoConfigPath, "", "Path to the consensus node configuration")
+	Cmd.Flags().String(constants.ProtoConfigPath, "", "Path to the consensus node configuration")
 	Cmd.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 	Cmd.MarkFlagsMutuallyExclusive(commonflags.ContractsInitFlag, commonflags.ContractsURLFlag)
 }
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/epoch.go
@ -12,8 +12,6 @@ import (
 	"github.com/spf13/viper"
 )
 const deltaFlag = "delta"
 func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
@ -32,8 +30,7 @@ func ForceNewEpochCmd(cmd *cobra.Command, _ []string) error {
 	}
 	bw := io.NewBufBinWriter()
-	delta, _ := cmd.Flags().GetInt64(deltaFlag)
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, delta); err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
@ -13,7 +13,7 @@ import (
 )
 func listNetmapCandidatesNodes(cmd *cobra.Command, _ []string) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)
 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
@ -12,6 +12,7 @@ var (
 		Short: "List netmap candidates nodes",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: listNetmapCandidatesNodes,
 	}
@ -34,7 +35,6 @@ func initForceNewEpochCmd() {
 	ForceNewEpoch.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	ForceNewEpoch.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	ForceNewEpoch.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 	ForceNewEpoch.Flags().Int64(deltaFlag, 1, "Number of epochs to increase the current epoch")
 }
 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/nns/domains.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/domains.go
@ -1,93 +0,0 @@
 package nns
 import (
 	"math/big"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
 func initRegisterCmd() {
 	Cmd.AddCommand(registerCmd)
 	registerCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	registerCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	registerCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	registerCmd.Flags().String(nnsEmailFlag, constants.FrostfsOpsEmail, "Domain owner email")
 	registerCmd.Flags().Int64(nnsRefreshFlag, constants.NNSRefreshDefVal, "SOA record REFRESH parameter")
 	registerCmd.Flags().Int64(nnsRetryFlag, constants.NNSRetryDefVal, "SOA record RETRY parameter")
 	registerCmd.Flags().Int64(nnsExpireFlag, int64(constants.DefaultExpirationTime), "SOA record EXPIRE parameter")
 	registerCmd.Flags().Int64(nnsTTLFlag, constants.NNSTtlDefVal, "SOA record TTL parameter")
 	registerCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	_ = cobra.MarkFlagRequired(registerCmd.Flags(), nnsNameFlag)
 }
 func registerDomain(cmd *cobra.Command, _ []string) {
 	c, actor := nnsWriter(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
 	refresh, _ := cmd.Flags().GetInt64(nnsRefreshFlag)
 	retry, _ := cmd.Flags().GetInt64(nnsRetryFlag)
 	expire, _ := cmd.Flags().GetInt64(nnsExpireFlag)
 	ttl, _ := cmd.Flags().GetInt64(nnsTTLFlag)
 	h, vub, err := c.Register(name, actor.Sender(), email, big.NewInt(refresh),
 		big.NewInt(retry), big.NewInt(expire), big.NewInt(ttl))
 	commonCmd.ExitOnErr(cmd, "unable to register domain: %w", err)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "register domain error: %w", err)
 	cmd.Println("Domain registered successfully")
 }
 func initDeleteCmd() {
 	Cmd.AddCommand(deleteCmd)
 	deleteCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	deleteCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	deleteCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	deleteCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	_ = cobra.MarkFlagRequired(deleteCmd.Flags(), nnsNameFlag)
 }
 func deleteDomain(cmd *cobra.Command, _ []string) {
 	c, actor := nnsWriter(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.DeleteDomain(name)
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "delete domain error: %w", err)
 	cmd.Println("Domain deleted successfully")
 }
 func initSetAdminCmd() {
 	Cmd.AddCommand(setAdminCmd)
 	setAdminCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	setAdminCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	setAdminCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	setAdminCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	setAdminCmd.Flags().String(commonflags.AdminWalletPath, "", commonflags.AdminWalletUsage)
 	_ = setAdminCmd.MarkFlagRequired(commonflags.AdminWalletPath)
 	_ = cobra.MarkFlagRequired(setAdminCmd.Flags(), nnsNameFlag)
 }
 func setAdmin(cmd *cobra.Command, _ []string) {
 	c, actor := nnsWriter(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	w, err := wallet.NewWalletFromFile(viper.GetString(commonflags.AdminWalletPath))
 	commonCmd.ExitOnErr(cmd, "can't get admin wallet: %w", err)
 	h, vub, err := c.SetAdmin(name, w.GetAccount(w.GetChangeAddress()).ScriptHash())
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "Set admin error: %w", err)
 	cmd.Println("Set admin successfully")
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
@ -1,67 +1,25 @@
 package nns
 import (
 	"errors"
 	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
-func nnsWriter(cmd *cobra.Command) (*client.Contract, *helper.LocalActor) {
+func getRPCClient(cmd *cobra.Command) (*client.Contract, *helper.LocalActor, util.Uint160) {
 	v := viper.GetViper()
-	c, err := helper.NewRemoteClient(v)
+	c, err := helper.GetN3Client(v)
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
-	alphabetWalletPath := config.ResolveHomePath(v.GetString(commonflags.AlphabetWalletsFlag))
+	ac, err := helper.NewLocalActor(cmd, c)
 	walletPath := config.ResolveHomePath(v.GetString(commonflags.WalletPath))
 	adminWalletPath := config.ResolveHomePath(v.GetString(commonflags.AdminWalletPath))
 	var (
 		alphabet       *helper.AlphabetWallets
 		regularWallets []*helper.RegularWallets
 	)
 	if alphabetWalletPath != "" {
 		alphabet = &helper.AlphabetWallets{Path: alphabetWalletPath, Label: constants.ConsensusAccountName}
 	}
 	if walletPath != "" {
 		regularWallets = append(regularWallets, &helper.RegularWallets{Path: walletPath})
 	}
 	if adminWalletPath != "" {
 		regularWallets = append(regularWallets, &helper.RegularWallets{Path: adminWalletPath})
 	}
 	if alphabet == nil && regularWallets == nil {
 		commonCmd.ExitOnErr(cmd, "", errors.New("no wallets provided"))
 	}
 	ac, err := helper.NewLocalActor(c, alphabet, regularWallets...)
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)
 	r := management.NewReader(ac.Invoker)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-	return client.New(ac, nnsCs.Hash), ac
+	return client.New(ac, nnsCs.Hash), ac, nnsCs.Hash
 }
 func nnsReader(cmd *cobra.Command) (*client.ContractReader, *invoker.Invoker) {
 	c, err := helper.NewRemoteClient(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
 	inv := invoker.New(c, nil)
 	r := management.NewReader(inv)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
 	return client.NewReader(inv, nnsCs.Hash), inv
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/record.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/record.go
@ -8,6 +8,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/spf13/cobra"
 )
@ -19,7 +20,6 @@ func initAddRecordCmd() {
 	addRecordCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	addRecordCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
 	addRecordCmd.Flags().String(nnsRecordDataFlag, "", nnsRecordDataFlagDesc)
 	addRecordCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	_ = cobra.MarkFlagRequired(addRecordCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(addRecordCmd.Flags(), nnsRecordTypeFlag)
@ -29,6 +29,7 @@ func initAddRecordCmd() {
 func initGetRecordsCmd() {
 	Cmd.AddCommand(getRecordsCmd)
 	getRecordsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	getRecordsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	getRecordsCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	getRecordsCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
@ -41,28 +42,13 @@ func initDelRecordsCmd() {
 	delRecordsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	delRecordsCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	delRecordsCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
 	delRecordsCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	_ = cobra.MarkFlagRequired(delRecordsCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(delRecordsCmd.Flags(), nnsRecordTypeFlag)
 }
 func initDelRecordCmd() {
 	Cmd.AddCommand(delRecordCmd)
 	delRecordCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	delRecordCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	delRecordCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	delRecordCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
 	delRecordCmd.Flags().String(nnsRecordDataFlag, "", nnsRecordDataFlagDesc)
 	delRecordCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
 	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsRecordTypeFlag)
 	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsRecordDataFlag)
 }
 func addRecord(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
@ -78,16 +64,16 @@ func addRecord(cmd *cobra.Command, _ []string) {
 }
 func getRecords(cmd *cobra.Command, _ []string) {
-	c, inv := nnsReader(cmd)
+	c, act, hash := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	if recordType == "" {
-		sid, r, err := c.GetAllRecords(name)
+		sid, r, err := unwrap.SessionIterator(act.Invoker.Call(hash, "getAllRecords", name))
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		defer func() {
-			_ = inv.TerminateSession(sid)
+			_ = act.Invoker.TerminateSession(sid)
 		}()
-		items, err := inv.TraverseIterator(sid, &r, 0)
+		items, err := act.Invoker.TraverseIterator(sid, &r, 0)
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		for len(items) != 0 {
 			for j := range items {
@ -98,7 +84,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 					recordTypeToString(nns.RecordType(rs[1].Value().(*big.Int).Int64())),
 					string(bs))
 			}
-			items, err = inv.TraverseIterator(sid, &r, 0)
+			items, err = act.Invoker.TraverseIterator(sid, &r, 0)
 			commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		}
 	} else {
@ -115,7 +101,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 }
 func delRecords(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	typ, err := getRecordType(recordType)
@ -129,22 +115,6 @@ func delRecords(cmd *cobra.Command, _ []string) {
 	cmd.Println("Records removed successfully")
 }
 func delRecord(cmd *cobra.Command, _ []string) {
 	c, actor := nnsWriter(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	typ, err := getRecordType(recordType)
 	commonCmd.ExitOnErr(cmd, "unable to parse record type: %w", err)
 	h, vub, err := c.DeleteRecord(name, typ, data)
 	commonCmd.ExitOnErr(cmd, "unable to delete record: %w", err)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "delete records error: %w", err)
 	cmd.Println("Record removed successfully")
 }
 func getRecordType(recordType string) (*big.Int, error) {
 	switch strings.ToUpper(recordType) {
 	case "A":
--- a/cmd/frostfs-adm/internal/modules/morph/nns/register.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/register.go
@ -0,0 +1,44 @@
 package nns
 import (
 	"math/big"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/spf13/cobra"
 )
 func initRegisterCmd() {
 	Cmd.AddCommand(registerCmd)
 	registerCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
 	registerCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	registerCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	registerCmd.Flags().String(nnsEmailFlag, constants.FrostfsOpsEmail, "Domain owner email")
 	registerCmd.Flags().Int64(nnsRefreshFlag, constants.NNSRefreshDefVal, "SOA record REFRESH parameter")
 	registerCmd.Flags().Int64(nnsRetryFlag, constants.NNSRetryDefVal, "SOA record RETRY parameter")
 	registerCmd.Flags().Int64(nnsExpireFlag, int64(constants.DefaultExpirationTime), "SOA record EXPIRE parameter")
 	registerCmd.Flags().Int64(nnsTTLFlag, constants.NNSTtlDefVal, "SOA record TTL parameter")
 	_ = cobra.MarkFlagRequired(registerCmd.Flags(), nnsNameFlag)
 }
 func registerDomain(cmd *cobra.Command, _ []string) {
 	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
 	refresh, _ := cmd.Flags().GetInt64(nnsRefreshFlag)
 	retry, _ := cmd.Flags().GetInt64(nnsRetryFlag)
 	expire, _ := cmd.Flags().GetInt64(nnsExpireFlag)
 	ttl, _ := cmd.Flags().GetInt64(nnsTTLFlag)
 	h, vub, err := c.Register(name, actor.Sender(), email, big.NewInt(refresh),
 		big.NewInt(retry), big.NewInt(expire), big.NewInt(ttl))
 	commonCmd.ExitOnErr(cmd, "unable to register domain: %w", err)
 	cmd.Println("Waiting for transaction to persist...")
 	_, err = actor.Wait(h, vub, err)
 	commonCmd.ExitOnErr(cmd, "register domain error: %w", err)
 	cmd.Println("Domain registered successfully")
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
@ -14,7 +14,7 @@ func initRenewCmd() {
 }
 func renewDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.Renew(name)
 	commonCmd.ExitOnErr(cmd, "unable to renew domain: %w", err)
--- a/cmd/frostfs-adm/internal/modules/morph/nns/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/root.go
@ -39,20 +39,9 @@ var (
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: registerDomain,
 	}
 	deleteCmd = &cobra.Command{
 		Use:   "delete",
 		Short: "Delete a domain by name",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: deleteDomain,
 	}
 	renewCmd = &cobra.Command{
 		Use:   "renew",
 		Short: "Increases domain expiration date",
@ -77,7 +66,6 @@ var (
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: addRecord,
 	}
@ -95,42 +83,17 @@ var (
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: delRecords,
 	}
 	delRecordCmd = &cobra.Command{
 		Use:   "delete-record",
 		Short: "Removes domain record with the specified type and data",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: delRecord,
 	}
 	setAdminCmd = &cobra.Command{
 		Use:   "set-admin",
 		Short: "Sets admin for domain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 			_ = viper.BindPFlag(commonflags.AdminWalletPath, cmd.Flags().Lookup(commonflags.AdminWalletPath))
 		},
 		Run: setAdmin,
 	}
 )
 func init() {
 	initTokensCmd()
 	initRegisterCmd()
 	initDeleteCmd()
 	initRenewCmd()
 	initUpdateCmd()
 	initAddRecordCmd()
 	initGetRecordsCmd()
 	initDelRecordsCmd()
 	initDelRecordCmd()
 	initSetAdminCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
@ -1,65 +1,24 @@
 package nns
 import (
 	"math/big"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/spf13/cobra"
 )
 const (
 	verboseDesc = "Include additional information about CNAME record."
 )
 func initTokensCmd() {
 	Cmd.AddCommand(tokensCmd)
 	tokensCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	tokensCmd.Flags().BoolP(commonflags.Verbose, commonflags.VerboseShorthand, false, verboseDesc)
+	tokensCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func listTokens(cmd *cobra.Command, _ []string) {
-	c, _ := nnsReader(cmd)
+	c, _, _ := getRPCClient(cmd)
 	it, err := c.Tokens()
 	commonCmd.ExitOnErr(cmd, "unable to get tokens: %w", err)
 	for toks, err := it.Next(10); err == nil && len(toks) > 0; toks, err = it.Next(10) {
 		for _, token := range toks {
-			output := string(token)
+			cmd.Println(string(token))
 			if verbose, _ := cmd.Flags().GetBool(commonflags.Verbose); verbose {
 				cname, err := getCnameRecord(c, token)
 				commonCmd.ExitOnErr(cmd, "", err)
 				if cname != "" {
 					output += " (CNAME: " + cname + ")"
 				}
 			}
 			cmd.Println(output)
 		}
 	}
 }
 func getCnameRecord(c *client.ContractReader, token []byte) (string, error) {
 	items, err := c.GetRecords(string(token), big.NewInt(int64(nns.CNAME)))
 	// GetRecords returns the error "not an array" if the domain does not contain records.
 	if err != nil && strings.Contains(err.Error(), "not an array") {
 		return "", nil
 	}
 	if err != nil {
 		return "", err
 	}
 	if len(items) == 0 {
 		return "", nil
 	}
 	record, err := items[0].TryBytes()
 	if err != nil {
 		return "", err
 	}
 	return string(record), nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/update.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/update.go
@ -30,7 +30,7 @@ func initUpdateCmd() {
 }
 func updateSOA(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
--- a/cmd/frostfs-adm/internal/modules/morph/node/remove.go
+++ b/cmd/frostfs-adm/internal/modules/morph/node/remove.go
@ -53,7 +53,7 @@ func RemoveNodesCmd(cmd *cobra.Command, args []string) error {
 			int64(netmapcontract.NodeStateOffline), nodeKeys[i].Bytes())
 	}
-	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash, 1); err != nil {
+	if err := helper.EmitNewEpochCall(bw, wCtx, nmHash); err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"math/big"
 	"strconv"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
@ -40,8 +41,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 	}
 	accHash := w.GetChangeAddress()
-	addr, _ := cmd.Flags().GetString(walletAccountFlag)
+	if addr, err := cmd.Flags().GetString(walletAccountFlag); err == nil {
 	if addr != "" {
 		accHash, err = address.StringToUint160(addr)
 		if err != nil {
 			return fmt.Errorf("invalid address: %s", addr)
@ -53,7 +53,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("can't find account for %s", accHash)
 	}
-	prompt := fmt.Sprintf("Enter password for %s > ", address.Uint160ToString(accHash))
+	prompt := fmt.Sprintf("Enter password for %s >", address.Uint160ToString(accHash))
 	pass, err := input.ReadPassword(prompt)
 	if err != nil {
 		return fmt.Errorf("can't get password: %v", err)
@ -73,16 +73,23 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 		return err
 	}
-	till, _ := cmd.Flags().GetInt64(notaryDepositTillFlag)
+	till := int64(defaultNotaryDepositLifetime)
-	if till <= 0 {
+	tillStr, err := cmd.Flags().GetString(notaryDepositTillFlag)
-		return errInvalidNotaryDepositLifetime
+	if err != nil {
 		return err
 	}
 	if tillStr != "" {
 		till, err = strconv.ParseInt(tillStr, 10, 64)
 		if err != nil || till <= 0 {
 			return errInvalidNotaryDepositLifetime
 		}
 	}
 	return transferGas(cmd, acc, accHash, gasAmount, till)
 }
 func transferGas(cmd *cobra.Command, acc *wallet.Account, accHash util.Uint160, gasAmount fixedn.Fixed8, till int64) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/notary/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/root.go
@ -20,7 +20,7 @@ func initDepositoryNotaryCmd() {
 	DepositCmd.Flags().String(commonflags.StorageWalletFlag, "", "Path to storage node wallet")
 	DepositCmd.Flags().String(walletAccountFlag, "", "Wallet account address")
 	DepositCmd.Flags().String(commonflags.RefillGasAmountFlag, "", "Amount of GAS to deposit")
-	DepositCmd.Flags().Int64(notaryDepositTillFlag, defaultNotaryDepositLifetime, "Notary deposit duration in blocks")
+	DepositCmd.Flags().String(notaryDepositTillFlag, "", "Notary deposit duration in blocks")
 }
 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
@ -62,7 +62,7 @@ func SetPolicyCmd(cmd *cobra.Command, args []string) error {
 }
 func dumpPolicyCmd(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client:", err)
 	inv := invoker.New(c, nil)
@ -80,9 +80,9 @@ func dumpPolicyCmd(cmd *cobra.Command, _ []string) error {
 	buf := bytes.NewBuffer(nil)
 	tw := tabwriter.NewWriter(buf, 0, 2, 2, ' ', 0)
-	_, _ = tw.Write(fmt.Appendf(nil, "Execution Fee Factor:\t%d (int)\n", execFee))
+	_, _ = tw.Write([]byte(fmt.Sprintf("Execution Fee Factor:\t%d (int)\n", execFee)))
-	_, _ = tw.Write(fmt.Appendf(nil, "Fee Per Byte:\t%d (int)\n", feePerByte))
+	_, _ = tw.Write([]byte(fmt.Sprintf("Fee Per Byte:\t%d (int)\n", feePerByte)))
-	_, _ = tw.Write(fmt.Appendf(nil, "Storage Price:\t%d (int)\n", storagePrice))
+	_, _ = tw.Write([]byte(fmt.Sprintf("Storage Price:\t%d (int)\n", storagePrice)))
 	_ = tw.Flush()
 	cmd.Print(buf.String())
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
@ -20,32 +20,23 @@ const (
 	accountAddressFlag = "account"
 )
 func parseAddresses(cmd *cobra.Command) []util.Uint160 {
 	var addrs []util.Uint160
 	accs, _ := cmd.Flags().GetStringArray(accountAddressFlag)
 	for _, acc := range accs {
 		addr, err := address.StringToUint160(acc)
 		commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
 		addrs = append(addrs, addr)
 	}
 	return addrs
 }
 func addProxyAccount(cmd *cobra.Command, _ []string) {
-	addrs := parseAddresses(cmd)
+	acc, _ := cmd.Flags().GetString(accountAddressFlag)
-	err := processAccount(cmd, addrs, "addAccount")
+	addr, err := address.StringToUint160(acc)
 	commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
 	err = processAccount(cmd, addr, "addAccount")
 	commonCmd.ExitOnErr(cmd, "processing error: %w", err)
 }
 func removeProxyAccount(cmd *cobra.Command, _ []string) {
-	addrs := parseAddresses(cmd)
+	acc, _ := cmd.Flags().GetString(accountAddressFlag)
-	err := processAccount(cmd, addrs, "removeAccount")
+	addr, err := address.StringToUint160(acc)
 	commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
 	err = processAccount(cmd, addr, "removeAccount")
 	commonCmd.ExitOnErr(cmd, "processing error: %w", err)
 }
-func processAccount(cmd *cobra.Command, addrs []util.Uint160, method string) error {
+func processAccount(cmd *cobra.Command, addr util.Uint160, method string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't initialize context: %w", err)
@ -63,9 +54,7 @@ func processAccount(cmd *cobra.Command, addrs []util.Uint160, method string) err
 	}
 	bw := io.NewBufBinWriter()
-	for _, addr := range addrs {
+	emit.AppCall(bw.BinWriter, proxyHash, method, callflag.All, addr)
 		emit.AppCall(bw.BinWriter, proxyHash, method, callflag.All, addr)
 	}
 	if err := wCtx.SendConsensusTx(bw.Bytes()); err != nil {
 		return err
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
@ -29,16 +29,12 @@ var (
 func initProxyAddAccount() {
 	AddAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	AddAccountCmd.Flags().StringArray(accountAddressFlag, nil, "Wallet address string")
+	AddAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	_ = AddAccountCmd.MarkFlagRequired(accountAddressFlag)
 	AddAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func initProxyRemoveAccount() {
 	RemoveAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	RemoveAccountCmd.Flags().StringArray(accountAddressFlag, nil, "Wallet address string")
+	RemoveAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	_ = AddAccountCmd.MarkFlagRequired(accountAddressFlag)
 	RemoveAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }
 func init() {
--- a/cmd/frostfs-adm/internal/modules/root.go
+++ b/cmd/frostfs-adm/internal/modules/root.go
@ -6,8 +6,8 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/maintenance"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/metabase"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/storagecfg"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/misc"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/autocomplete"
 	utilConfig "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/config"
@ -41,7 +41,7 @@ func init() {
 	rootCmd.AddCommand(config.RootCmd)
 	rootCmd.AddCommand(morph.RootCmd)
-	rootCmd.AddCommand(metabase.RootCmd)
+	rootCmd.AddCommand(storagecfg.RootCmd)
 	rootCmd.AddCommand(maintenance.RootCmd)
 	rootCmd.AddCommand(autocomplete.Command("frostfs-adm"))
--- a/cmd/frostfs-adm/internal/modules/storagecfg/config.go
+++ b/cmd/frostfs-adm/internal/modules/storagecfg/config.go
@ -0,0 +1,137 @@
 package storagecfg
 const configTemplate = `logger:
  level: info  # logger level: one of "debug", "info" (default), "warn", "error", "dpanic", "panic", "fatal"
 node:
  wallet:
    path: {{ .Wallet.Path }}  # path to a NEO wallet; ignored if key is presented
    address: {{ .Wallet.Account }}  # address of a NEO account in the wallet; ignored if key is presented
    password: {{ .Wallet.Password }}  # password for a NEO account in the wallet; ignored if key is presented
  addresses:  # list of addresses announced by Storage node in the Network map
    - {{ .AnnouncedAddress }}
  attribute_0: UN-LOCODE:{{ .Attribute.Locode }}
  relay: {{ .Relay }}  # start Storage node in relay mode without bootstrapping into the Network map
 grpc:
  num: 1  # total number of listener endpoints
  0:
    endpoint: {{ .Endpoint }}  # endpoint for gRPC server
    tls:{{if .TLSCert}}
      enabled: true  # enable TLS for a gRPC connection (min version is TLS 1.2)
      certificate: {{ .TLSCert }}  # path to TLS certificate
      key: {{ .TLSKey }}  # path to TLS key
    {{- else }}
      enabled: false # disable TLS for a gRPC connection
    {{- end}}
 control:
  authorized_keys:  # list of hex-encoded public keys that have rights to use the Control Service
    {{- range .AuthorizedKeys }}
    - {{.}}{{end}}
  grpc:
    endpoint: {{.ControlEndpoint}}  # endpoint that is listened by the Control Service
 morph:
  dial_timeout: 20s  # timeout for side chain NEO RPC client connection
  cache_ttl: 15s  # use TTL cache for side chain GET operations
  rpc_endpoint:  # side chain N3 RPC endpoints
    {{- range .MorphRPC }}
    - address: wss://{{.}}/ws{{end}}
 {{if not .Relay }}
 storage:
  shard_pool_size: 15  # size of per-shard worker pools used for PUT operations
  shard:
    default: # section with the default shard parameters
      metabase:
        perm: 0644  # permissions for metabase files(directories: +x for current user and group)
      blobstor:
        perm: 0644  # permissions for blobstor files(directories: +x for current user and group)
        depth: 2  # max depth of object tree storage in FS
        small_object_size: 102400  # 100KiB, size threshold for "small" objects which are stored in key-value DB, not in FS, bytes
        compress: true  # turn on/off Zstandard compression (level 3) of stored objects
        compression_exclude_content_types:
          - audio/*
          - video/*
        blobovnicza:
          size: 1073741824  # approximate size limit of single blobovnicza instance, total size will be: size*width^(depth+1), bytes
          depth: 1  # max depth of object tree storage in key-value DB
          width: 4   # max width of object tree storage in key-value DB
          opened_cache_capacity: 50  # maximum number of opened database files
          opened_cache_ttl: 5m  # ttl for opened database file
          opened_cache_exp_interval: 15s  # cache cleanup interval for expired blobovnicza's
      gc:
        remover_batch_size: 200  # number of objects to be removed by the garbage collector
        remover_sleep_interval: 5m  # frequency of the garbage collector invocation
    0:
      mode: "read-write"  # mode of the shard, must be one of the: "read-write" (default), "read-only"
      metabase:
        path: {{ .MetabasePath }}  # path to the metabase
      blobstor:
        path: {{ .BlobstorPath }}  # path to the blobstor
 {{end}}`
 const (
 	neofsMainnetAddress   = "2cafa46838e8b564468ebd868dcafdd99dce6221"
 	balanceMainnetAddress = "dc1ec98d9d0c5f9dfade16144defe08cffc5ca55"
 	neofsTestnetAddress   = "b65d8243ac63983206d17e5221af0653a7266fa1"
 	balanceTestnetAddress = "e0420c216003747626670d1424569c17c79015bf"
 )
 var n3config = map[string]struct {
 	MorphRPC        []string
 	RPC             []string
 	NeoFSContract   string
 	BalanceContract string
 }{
 	"testnet": {
 		MorphRPC: []string{
 			"rpc01.morph.testnet.fs.neo.org:51331",
 			"rpc02.morph.testnet.fs.neo.org:51331",
 			"rpc03.morph.testnet.fs.neo.org:51331",
 			"rpc04.morph.testnet.fs.neo.org:51331",
 			"rpc05.morph.testnet.fs.neo.org:51331",
 			"rpc06.morph.testnet.fs.neo.org:51331",
 			"rpc07.morph.testnet.fs.neo.org:51331",
 		},
 		RPC: []string{
 			"rpc01.testnet.n3.nspcc.ru:21331",
 			"rpc02.testnet.n3.nspcc.ru:21331",
 			"rpc03.testnet.n3.nspcc.ru:21331",
 			"rpc04.testnet.n3.nspcc.ru:21331",
 			"rpc05.testnet.n3.nspcc.ru:21331",
 			"rpc06.testnet.n3.nspcc.ru:21331",
 			"rpc07.testnet.n3.nspcc.ru:21331",
 		},
 		NeoFSContract:   neofsTestnetAddress,
 		BalanceContract: balanceTestnetAddress,
 	},
 	"mainnet": {
 		MorphRPC: []string{
 			"rpc1.morph.fs.neo.org:40341",
 			"rpc2.morph.fs.neo.org:40341",
 			"rpc3.morph.fs.neo.org:40341",
 			"rpc4.morph.fs.neo.org:40341",
 			"rpc5.morph.fs.neo.org:40341",
 			"rpc6.morph.fs.neo.org:40341",
 			"rpc7.morph.fs.neo.org:40341",
 		},
 		RPC: []string{
 			"rpc1.n3.nspcc.ru:10331",
 			"rpc2.n3.nspcc.ru:10331",
 			"rpc3.n3.nspcc.ru:10331",
 			"rpc4.n3.nspcc.ru:10331",
 			"rpc5.n3.nspcc.ru:10331",
 			"rpc6.n3.nspcc.ru:10331",
 			"rpc7.n3.nspcc.ru:10331",
 		},
 		NeoFSContract:   neofsMainnetAddress,
 		BalanceContract: balanceMainnetAddress,
 	},
 }
--- a/cmd/frostfs-adm/internal/modules/storagecfg/root.go
+++ b/cmd/frostfs-adm/internal/modules/storagecfg/root.go
@ -0,0 +1,433 @@
 package storagecfg
 import (
 	"bytes"
 	"context"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"math/rand"
 	"net"
 	"net/url"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"text/template"
 	"time"
 	netutil "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
 	"github.com/chzyer/readline"
 	"github.com/nspcc-dev/neo-go/cli/flags"
 	"github.com/nspcc-dev/neo-go/cli/input"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/gas"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/nep17"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 )
 const (
 	walletFlag  = "wallet"
 	accountFlag = "account"
 )
 const (
 	defaultControlEndpoint = "localhost:8090"
 	defaultDataEndpoint    = "localhost"
 )
 // RootCmd is a root command of config section.
 var RootCmd = &cobra.Command{
 	Use:   "storage-config [-w wallet] [-a acccount] [<path-to-config>]",
 	Short: "Section for storage node configuration commands",
 	Run:   storageConfig,
 }
 func init() {
 	fs := RootCmd.Flags()
 	fs.StringP(walletFlag, "w", "", "Path to wallet")
 	fs.StringP(accountFlag, "a", "", "Wallet account")
 }
 type config struct {
 	AnnouncedAddress string
 	AuthorizedKeys   []string
 	ControlEndpoint  string
 	Endpoint         string
 	TLSCert          string
 	TLSKey           string
 	MorphRPC         []string
 	Attribute        struct {
 		Locode string
 	}
 	Wallet struct {
 		Path     string
 		Account  string
 		Password string
 	}
 	Relay        bool
 	BlobstorPath string
 	MetabasePath string
 }
 func storageConfig(cmd *cobra.Command, args []string) {
 	outPath := getOutputPath(args)
 	historyPath := filepath.Join(os.TempDir(), "frostfs-adm.history")
 	readline.SetHistoryPath(historyPath)
 	var c config
 	c.Wallet.Path, _ = cmd.Flags().GetString(walletFlag)
 	if c.Wallet.Path == "" {
 		c.Wallet.Path = getPath("Path to the storage node wallet: ")
 	}
 	w, err := wallet.NewWalletFromFile(c.Wallet.Path)
 	fatalOnErr(err)
 	fillWalletAccount(cmd, &c, w)
 	accH, err := flags.ParseAddress(c.Wallet.Account)
 	fatalOnErr(err)
 	acc := w.GetAccount(accH)
 	if acc == nil {
 		fatalOnErr(errors.New("can't find account in wallet"))
 	}
 	c.Wallet.Password, err = input.ReadPassword(fmt.Sprintf("Account password for %s: ", c.Wallet.Account))
 	fatalOnErr(err)
 	err = acc.Decrypt(c.Wallet.Password, keys.NEP2ScryptParams())
 	fatalOnErr(err)
 	c.AuthorizedKeys = append(c.AuthorizedKeys, hex.EncodeToString(acc.PrivateKey().PublicKey().Bytes()))
 	network := readNetwork(cmd)
 	c.MorphRPC = n3config[network].MorphRPC
 	depositGas(cmd, acc, network)
 	c.Attribute.Locode = getString("UN-LOCODE attribute in [XX YYY] format: ")
 	endpoint := getDefaultEndpoint(cmd, &c)
 	c.Endpoint = getString(fmt.Sprintf("Listening address [%s]: ", endpoint))
 	if c.Endpoint == "" {
 		c.Endpoint = endpoint
 	}
 	c.ControlEndpoint = getString(fmt.Sprintf("Listening address (control endpoint) [%s]: ", defaultControlEndpoint))
 	if c.ControlEndpoint == "" {
 		c.ControlEndpoint = defaultControlEndpoint
 	}
 	c.TLSCert = getPath("TLS Certificate (optional): ")
 	if c.TLSCert != "" {
 		c.TLSKey = getPath("TLS Key: ")
 	}
 	c.Relay = getConfirmation(false, "Use node as a relay? yes/[no]: ")
 	if !c.Relay {
 		p := getPath("Path to the storage directory (all available storage will be used): ")
 		c.BlobstorPath = filepath.Join(p, "blob")
 		c.MetabasePath = filepath.Join(p, "meta")
 	}
 	out := applyTemplate(c)
 	fatalOnErr(os.WriteFile(outPath, out, 0o644))
 	cmd.Println("Node is ready for work! Run `frostfs-node -config " + outPath + "`")
 }
 func getDefaultEndpoint(cmd *cobra.Command, c *config) string {
 	var addr, port string
 	for {
 		c.AnnouncedAddress = getString("Publicly announced address: ")
 		validator := netutil.Address{}
 		err := validator.FromString(c.AnnouncedAddress)
 		if err != nil {
 			cmd.Println("Incorrect address format. See https://git.frostfs.info/TrueCloudLab/frostfs-node/src/branch/master/pkg/network/address.go for details.")
 			continue
 		}
 		uriAddr, err := url.Parse(validator.URIAddr())
 		if err != nil {
 			panic(fmt.Errorf("unexpected error: %w", err))
 		}
 		addr = uriAddr.Hostname()
 		port = uriAddr.Port()
 		ip, err := net.ResolveIPAddr("ip", addr)
 		if err != nil {
 			cmd.Printf("Can't resolve IP address %s: %v\n", addr, err)
 			continue
 		}
 		if !ip.IP.IsGlobalUnicast() {
 			cmd.Println("IP must be global unicast.")
 			continue
 		}
 		cmd.Printf("Resolved IP address: %s\n", ip.String())
 		_, err = strconv.ParseUint(port, 10, 16)
 		if err != nil {
 			cmd.Println("Port must be an integer.")
 			continue
 		}
 		break
 	}
 	return net.JoinHostPort(defaultDataEndpoint, port)
 }
 func fillWalletAccount(cmd *cobra.Command, c *config, w *wallet.Wallet) {
 	c.Wallet.Account, _ = cmd.Flags().GetString(accountFlag)
 	if c.Wallet.Account == "" {
 		addr := address.Uint160ToString(w.GetChangeAddress())
 		c.Wallet.Account = getWalletAccount(w, fmt.Sprintf("Wallet account [%s]: ", addr))
 		if c.Wallet.Account == "" {
 			c.Wallet.Account = addr
 		}
 	}
 }
 func readNetwork(cmd *cobra.Command) string {
 	var network string
 	for {
 		network = getString("Choose network [mainnet]/testnet: ")
 		switch network {
 		case "":
 			network = "mainnet"
 		case "testnet", "mainnet":
 		default:
 			cmd.Println(`Network must be either "mainnet" or "testnet"`)
 			continue
 		}
 		break
 	}
 	return network
 }
 func getOutputPath(args []string) string {
 	if len(args) != 0 {
 		return args[0]
 	}
 	outPath := getPath("File to write config at [./config.yml]: ")
 	if outPath == "" {
 		outPath = "./config.yml"
 	}
 	return outPath
 }
 func getWalletAccount(w *wallet.Wallet, prompt string) string {
 	addrs := make([]readline.PrefixCompleterInterface, len(w.Accounts))
 	for i := range w.Accounts {
 		addrs[i] = readline.PcItem(w.Accounts[i].Address)
 	}
 	readline.SetAutoComplete(readline.NewPrefixCompleter(addrs...))
 	defer readline.SetAutoComplete(nil)
 	s, err := readline.Line(prompt)
 	fatalOnErr(err)
 	return strings.TrimSpace(s) // autocompleter can return a string with a trailing space
 }
 func getString(prompt string) string {
 	s, err := readline.Line(prompt)
 	fatalOnErr(err)
 	if s != "" {
 		_ = readline.AddHistory(s)
 	}
 	return s
 }
 type filenameCompleter struct{}
 func (filenameCompleter) Do(line []rune, pos int) (newLine [][]rune, length int) {
 	prefix := string(line[:pos])
 	dir := filepath.Dir(prefix)
 	de, err := os.ReadDir(dir)
 	if err != nil {
 		return nil, 0
 	}
 	for i := range de {
 		name := filepath.Join(dir, de[i].Name())
 		if strings.HasPrefix(name, prefix) {
 			tail := []rune(strings.TrimPrefix(name, prefix))
 			if de[i].IsDir() {
 				tail = append(tail, filepath.Separator)
 			}
 			newLine = append(newLine, tail)
 		}
 	}
 	if pos != 0 {
 		return newLine, pos - len([]rune(dir))
 	}
 	return newLine, 0
 }
 func getPath(prompt string) string {
 	readline.SetAutoComplete(filenameCompleter{})
 	defer readline.SetAutoComplete(nil)
 	p, err := readline.Line(prompt)
 	fatalOnErr(err)
 	if p == "" {
 		return p
 	}
 	_ = readline.AddHistory(p)
 	abs, err := filepath.Abs(p)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("can't create an absolute path: %w", err))
 	}
 	return abs
 }
 func getConfirmation(def bool, prompt string) bool {
 	for {
 		s, err := readline.Line(prompt)
 		fatalOnErr(err)
 		switch strings.ToLower(s) {
 		case "y", "yes":
 			return true
 		case "n", "no":
 			return false
 		default:
 			if len(s) == 0 {
 				return def
 			}
 		}
 	}
 }
 func applyTemplate(c config) []byte {
 	tmpl, err := template.New("config").Parse(configTemplate)
 	fatalOnErr(err)
 	b := bytes.NewBuffer(nil)
 	fatalOnErr(tmpl.Execute(b, c))
 	return b.Bytes()
 }
 func fatalOnErr(err error) {
 	if err != nil {
 		_, _ = fmt.Fprintf(os.Stderr, "Error: %v\n", err)
 		os.Exit(1)
 	}
 }
 func depositGas(cmd *cobra.Command, acc *wallet.Account, network string) {
 	sideClient := initClient(n3config[network].MorphRPC)
 	balanceHash, _ := util.Uint160DecodeStringLE(n3config[network].BalanceContract)
 	sideActor, err := actor.NewSimple(sideClient, acc)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("creating actor over side chain client: %w", err))
 	}
 	sideGas := nep17.NewReader(sideActor, balanceHash)
 	accSH := acc.Contract.ScriptHash()
 	balance, err := sideGas.BalanceOf(accSH)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("side chain balance: %w", err))
 	}
 	ok := getConfirmation(false, fmt.Sprintf("Current NeoFS balance is %s, make a deposit? y/[n]: ",
 		fixedn.ToString(balance, 12)))
 	if !ok {
 		return
 	}
 	amountStr := getString("Enter amount in GAS: ")
 	amount, err := fixedn.FromString(amountStr, 8)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("invalid amount: %w", err))
 	}
 	mainClient := initClient(n3config[network].RPC)
 	neofsHash, _ := util.Uint160DecodeStringLE(n3config[network].NeoFSContract)
 	mainActor, err := actor.NewSimple(mainClient, acc)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("creating actor over main chain client: %w", err))
 	}
 	mainGas := nep17.New(mainActor, gas.Hash)
 	txHash, _, err := mainGas.Transfer(accSH, neofsHash, amount, nil)
 	if err != nil {
 		fatalOnErr(fmt.Errorf("sending TX to the NeoFS contract: %w", err))
 	}
 	cmd.Print("Waiting for transactions to persist.")
 	tick := time.NewTicker(time.Second / 2)
 	defer tick.Stop()
 	timer := time.NewTimer(time.Second * 20)
 	defer timer.Stop()
 	at := trigger.Application
 loop:
 	for {
 		select {
 		case <-tick.C:
 			_, err := mainClient.GetApplicationLog(txHash, &at)
 			if err == nil {
 				cmd.Print("\n")
 				break loop
 			}
 			cmd.Print(".")
 		case <-timer.C:
 			cmd.Printf("\nTimeout while waiting for transaction to persist.\n")
 			if getConfirmation(false, "Continue configuration? yes/[no]: ") {
 				return
 			}
 			os.Exit(1)
 		}
 	}
 }
 func initClient(rpc []string) *rpcclient.Client {
 	var c *rpcclient.Client
 	var err error
 	shuffled := make([]string, len(rpc))
 	copy(shuffled, rpc)
 	rand.Shuffle(len(shuffled), func(i, j int) { shuffled[i], shuffled[j] = shuffled[j], shuffled[i] })
 	for _, endpoint := range shuffled {
 		c, err = rpcclient.New(context.Background(), "https://"+endpoint, rpcclient.Options{
 			DialTimeout:    time.Second * 2,
 			RequestTimeout: time.Second * 5,
 		})
 		if err != nil {
 			continue
 		}
 		if err = c.Init(); err != nil {
 			continue
 		}
 		return c
 	}
 	fatalOnErr(fmt.Errorf("can't create N3 client: %w", err))
 	panic("unreachable")
 }
--- a/cmd/frostfs-cli/docs/sessions.md
+++ b/cmd/frostfs-cli/docs/sessions.md
@ -72,3 +72,4 @@ All other `object` sub-commands support only static sessions (2).
 List of commands supporting sessions (static only):
 - `create`
 - `delete`
 - `set-eacl`
--- a/cmd/frostfs-cli/internal/client/client.go
+++ b/cmd/frostfs-cli/internal/client/client.go
@ -2,19 +2,19 @@ package internal
 import (
 	"bytes"
 	"cmp"
 	"context"
 	"errors"
 	"fmt"
 	"io"
-	"os"
+	"sort"
-	"slices"
+	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/accounting"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/checksum"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	containerSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	objectSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
@ -76,29 +76,13 @@ func ListContainers(ctx context.Context, prm ListContainersPrm) (res ListContain
 // SortedIDList returns sorted list of identifiers of user's containers.
 func (x ListContainersRes) SortedIDList() []cid.ID {
 	list := x.cliRes.Containers()
-	slices.SortFunc(list, cid.ID.Cmp)
+	sort.Slice(list, func(i, j int) bool {
 		lhs, rhs := list[i].EncodeToString(), list[j].EncodeToString()
 		return strings.Compare(lhs, rhs) < 0
 	})
 	return list
 }
 func ListContainersStream(ctx context.Context, prm ListContainersPrm, processCnr func(id cid.ID) bool) (err error) {
 	cliPrm := &client.PrmContainerListStream{
 		XHeaders: prm.XHeaders,
 		OwnerID:  prm.OwnerID,
 		Session:  prm.Session,
 	}
 	rdr, err := prm.cli.ContainerListInit(ctx, *cliPrm)
 	if err != nil {
 		return fmt.Errorf("init container list: %w", err)
 	}
 	err = rdr.Iterate(processCnr)
 	if err != nil {
 		return fmt.Errorf("read container list: %w", err)
 	}
 	return
 }
 // PutContainerPrm groups parameters of PutContainer operation.
 type PutContainerPrm struct {
 	Client       *client.Client
@ -205,6 +189,31 @@ func DeleteContainer(ctx context.Context, prm DeleteContainerPrm) (res DeleteCon
 	return
 }
 // EACLPrm groups parameters of EACL operation.
 type EACLPrm struct {
 	Client       *client.Client
 	ClientParams client.PrmContainerEACL
 }
 // EACLRes groups the resulting values of EACL operation.
 type EACLRes struct {
 	cliRes *client.ResContainerEACL
 }
 // EACL returns requested eACL table.
 func (x EACLRes) EACL() eacl.Table {
 	return x.cliRes.Table()
 }
 // EACL reads eACL table from FrostFS by container ID.
 //
 // Returns any error which prevented the operation from completing correctly in error return.
 func EACL(ctx context.Context, prm EACLPrm) (res EACLRes, err error) {
 	res.cliRes, err = prm.Client.ContainerEACL(ctx, prm.ClientParams)
 	return
 }
 // NetworkInfoPrm groups parameters of NetworkInfo operation.
 type NetworkInfoPrm struct {
 	Client       *client.Client
@ -579,6 +588,13 @@ type HeadObjectPrm struct {
 	commonObjectPrm
 	objectAddressPrm
 	rawPrm
 	mainOnly bool
 }
 // SetMainOnlyFlag sets flag to get only main fields of an object header in terms of FrostFS API.
 func (x *HeadObjectPrm) SetMainOnlyFlag(v bool) {
 	x.mainOnly = v
 }
 // HeadObjectRes groups the resulting values of HeadObject operation.
@ -673,7 +689,9 @@ func SearchObjects(ctx context.Context, prm SearchObjectsPrm) (*SearchObjectsRes
 	for {
 		n, ok = rdr.Read(buf)
-		list = append(list, buf[:n]...)
+		for i := 0; i < n; i++ {
 			list = append(list, buf[i])
 		}
 		if !ok {
 			break
 		}
@ -684,7 +702,10 @@ func SearchObjects(ctx context.Context, prm SearchObjectsPrm) (*SearchObjectsRes
 		return nil, fmt.Errorf("read object list: %w", err)
 	}
-	slices.SortFunc(list, oid.ID.Cmp)
+	sort.Slice(list, func(i, j int) bool {
 		lhs, rhs := list[i].EncodeToString(), list[j].EncodeToString()
 		return strings.Compare(lhs, rhs) < 0
 	})
 	return &SearchObjectsRes{
 		ids: list,
@ -848,71 +869,3 @@ func SyncContainerSettings(ctx context.Context, prm SyncContainerPrm) (*SyncCont
 	return new(SyncContainerRes), nil
 }
 // PatchObjectPrm groups parameters of PatchObject operation.
 type PatchObjectPrm struct {
 	commonObjectPrm
 	objectAddressPrm
 	NewAttributes []objectSDK.Attribute
 	ReplaceAttribute bool
 	NewSplitHeader *objectSDK.SplitHeader
 	PayloadPatches []PayloadPatch
 }
 type PayloadPatch struct {
 	Range objectSDK.Range
 	PayloadPath string
 }
 type PatchRes struct {
 	OID oid.ID
 }
 func Patch(ctx context.Context, prm PatchObjectPrm) (*PatchRes, error) {
 	patchPrm := client.PrmObjectPatch{
 		XHeaders:    prm.xHeaders,
 		BearerToken: prm.bearerToken,
 		Session:     prm.sessionToken,
 		Address:     prm.objAddr,
 	}
 	slices.SortFunc(prm.PayloadPatches, func(a, b PayloadPatch) int {
 		return cmp.Compare(a.Range.GetOffset(), b.Range.GetOffset())
 	})
 	patcher, err := prm.cli.ObjectPatchInit(ctx, patchPrm)
 	if err != nil {
 		return nil, fmt.Errorf("init payload reading: %w", err)
 	}
 	if patcher.PatchHeader(ctx, client.PatchHeaderPrm{
 		NewSplitHeader:    prm.NewSplitHeader,
 		NewAttributes:     prm.NewAttributes,
 		ReplaceAttributes: prm.ReplaceAttribute,
 	}) {
 		for _, pp := range prm.PayloadPatches {
 			payloadFile, err := os.OpenFile(pp.PayloadPath, os.O_RDONLY, os.ModePerm)
 			if err != nil {
 				return nil, err
 			}
 			applied := patcher.PatchPayload(ctx, &pp.Range, payloadFile)
 			_ = payloadFile.Close()
 			if !applied {
 				break
 			}
 		}
 	}
 	res, err := patcher.Close(ctx)
 	if err != nil {
 		return nil, err
 	}
 	return &PatchRes{
 		OID: res.ObjectID(),
 	}, nil
 }
--- a/cmd/frostfs-cli/internal/client/sdk.go
+++ b/cmd/frostfs-cli/internal/client/sdk.go
@ -56,9 +56,8 @@ func GetSDKClient(ctx context.Context, cmd *cobra.Command, key *ecdsa.PrivateKey
 	prmDial := client.PrmDial{
 		Endpoint: addr.URIAddr(),
 		GRPCDialOptions: []grpc.DialOption{
-			grpc.WithChainUnaryInterceptor(tracing.NewUnaryClientInterceptor()),
+			grpc.WithChainUnaryInterceptor(tracing.NewUnaryClientInteceptor()),
 			grpc.WithChainStreamInterceptor(tracing.NewStreamClientInterceptor()),
 			grpc.WithDefaultCallOptions(grpc.WaitForReady(true)),
 		},
 	}
 	if timeout := viper.GetDuration(commonflags.Timeout); timeout > 0 {
--- a/cmd/frostfs-cli/internal/common/tracing.go
+++ b/cmd/frostfs-cli/internal/common/tracing.go
@ -2,7 +2,7 @@ package common
 import (
 	"context"
-	"slices"
+	"sort"
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
@ -45,11 +45,15 @@ func StartClientCommandSpan(cmd *cobra.Command) {
 	})
 	commonCmd.ExitOnErr(cmd, "init tracing: %w", err)
-	var components []string
+	var components sort.StringSlice
 	for c := cmd; c != nil; c = c.Parent() {
 		components = append(components, c.Name())
 	}
-	slices.Reverse(components)
+	for i, j := 0, len(components)-1; i < j; {
 		components.Swap(i, j)
 		i++
 		j--
 	}
 	operation := strings.Join(components, ".")
 	ctx, span := tracing.StartSpanFromContext(cmd.Context(), operation)
--- a/cmd/frostfs-cli/internal/commonflags/flags.go
+++ b/cmd/frostfs-cli/internal/commonflags/flags.go
@ -28,7 +28,7 @@ const (
 	RPC          = "rpc-endpoint"
 	RPCShorthand = "r"
 	RPCDefault   = ""
-	RPCUsage     = "Remote node address ('<host>:<port>' or 'grpcs://<host>:<port>')"
+	RPCUsage     = "Remote node address (as 'multiaddr' or '<host>:<port>')"
 	Timeout          = "timeout"
 	TimeoutShorthand = "t"
--- a/cmd/frostfs-cli/internal/key/key_test.go
+++ b/cmd/frostfs-cli/internal/key/key_test.go
@ -24,8 +24,6 @@ var testCmd = &cobra.Command{
 }
 func Test_getOrGenerate(t *testing.T) {
 	t.Cleanup(viper.Reset)
 	dir := t.TempDir()
 	wallPath := filepath.Join(dir, "wallet.json")
--- a/cmd/frostfs-cli/modules/ape_manager/add_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/add_chain.go
@ -1,19 +1,45 @@
 package apemanager
 import (
-	"fmt"
+	"encoding/hex"
 	"errors"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
-	"git.frostfs.info/TrueCloudLab/policy-engine/pkg/engine"
+	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
 const (
 	chainIDFlag    = "chain-id"
 	chainIDHexFlag = "chain-id-hex"
 	ruleFlag       = "rule"
 	pathFlag       = "path"
 )
 const (
 	targetNameFlag = "target-name"
 	targetNameDesc = "Resource name in APE resource name format"
 	targetTypeFlag = "target-type"
 	targetTypeDesc = "Resource type(container/namespace)"
 )
 const (
 	defaultNamespace = ""
 	namespaceTarget  = "namespace"
 	containerTarget  = "container"
 	userTarget       = "user"
 	groupTarget      = "group"
 )
 var errUnknownTargetType = errors.New("unknown target type")
 var addCmd = &cobra.Command{
 	Use:   "add",
 	Short: "Add rule chain for a target",
@ -24,28 +50,55 @@ var addCmd = &cobra.Command{
 }
 func parseTarget(cmd *cobra.Command) (ct apeSDK.ChainTarget) {
-	t := apeCmd.ParseTarget(cmd)
+	typ, _ := cmd.Flags().GetString(targetTypeFlag)
 	name, _ := cmd.Flags().GetString(targetNameFlag)
-	ct.Name = t.Name
+	ct.Name = name
-	switch t.Type {
+	switch typ {
-	case engine.Namespace:
+	case namespaceTarget:
 		ct.TargetType = apeSDK.TargetTypeNamespace
-	case engine.Container:
+	case containerTarget:
 		var cnr cid.ID
 		commonCmd.ExitOnErr(cmd, "can't decode container ID: %w", cnr.DecodeString(name))
 		ct.TargetType = apeSDK.TargetTypeContainer
-	case engine.User:
+	case userTarget:
 		ct.TargetType = apeSDK.TargetTypeUser
-	case engine.Group:
+	case groupTarget:
 		ct.TargetType = apeSDK.TargetTypeGroup
 	default:
-		commonCmd.ExitOnErr(cmd, "conversion error: %w", fmt.Errorf("unknown type '%c'", t.Type))
+		commonCmd.ExitOnErr(cmd, "read target type error: %w", errUnknownTargetType)
 	}
 	return ct
 }
 func parseChain(cmd *cobra.Command) apeSDK.Chain {
-	c := apeCmd.ParseChain(cmd)
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
-	serialized := c.Bytes()
+	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
 	chainIDRaw := []byte(chainID)
 	if hexEncoded {
 		var err error
 		chainIDRaw, err = hex.DecodeString(chainID)
 		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
 	}
 	chain := new(apechain.Chain)
 	chain.ID = apechain.ID(chainIDRaw)
 	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", util.ParseAPEChain(chain, rules))
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", util.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", errors.New("rule is not passed"))
 	}
 	cmd.Println("Parsed chain:")
 	util.PrintHumanReadableAPEChain(cmd, chain)
 	serialized := chain.Bytes()
 	return apeSDK.Chain{
 		Raw: serialized,
 	}
@ -74,13 +127,13 @@ func initAddCmd() {
 	commonflags.Init(addCmd)
 	ff := addCmd.Flags()
-	ff.StringArray(apeCmd.RuleFlag, []string{}, apeCmd.RuleFlagDesc)
+	ff.StringArray(ruleFlag, []string{}, "Rule statement")
-	ff.String(apeCmd.PathFlag, "", apeCmd.PathFlagDesc)
+	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
-	ff.String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
+	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	ff.String(targetNameFlag, "", targetNameDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
-	_ = addCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = addCmd.MarkFlagRequired(targetTypeFlag)
-	ff.Bool(apeCmd.ChainIDHexFlag, false, apeCmd.ChainIDHexFlagDesc)
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
-	addCmd.MarkFlagsMutuallyExclusive(apeCmd.PathFlag, apeCmd.RuleFlag)
+	addCmd.MarkFlagsMutuallyExclusive(pathFlag, ruleFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/list_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/list_chain.go
@ -4,8 +4,8 @@ import (
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	apeutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
@ -35,7 +35,7 @@ func list(cmd *cobra.Command, _ []string) {
 	for _, respChain := range resp.Chains {
 		var chain apechain.Chain
 		commonCmd.ExitOnErr(cmd, "decode error: %w", chain.DecodeBytes(respChain.Raw))
-		apeCmd.PrintHumanReadableAPEChain(cmd, &chain)
+		apeutil.PrintHumanReadableAPEChain(cmd, &chain)
 	}
 }
@ -43,7 +43,7 @@ func initListCmd() {
 	commonflags.Init(listCmd)
 	ff := listCmd.Flags()
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	ff.String(targetNameFlag, "", targetNameDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
-	_ = listCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = listCmd.MarkFlagRequired(targetTypeFlag)
 }
--- a/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
+++ b/cmd/frostfs-cli/modules/ape_manager/remove_chain.go
@ -1,23 +1,29 @@
 package apemanager
 import (
 	"encoding/hex"
 	"errors"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	client_sdk "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
-var removeCmd = &cobra.Command{
+var (
-	Use:   "remove",
+	errEmptyChainID = errors.New("chain id cannot be empty")
-	Short: "Remove rule chain for a target",
+
-	Run:   remove,
+	removeCmd = &cobra.Command{
-	PersistentPreRun: func(cmd *cobra.Command, _ []string) {
+		Use:   "remove",
-		commonflags.Bind(cmd)
+		Short: "Remove rule chain for a target",
-	},
+		Run:   remove,
-}
+		PersistentPreRun: func(cmd *cobra.Command, _ []string) {
 			commonflags.Bind(cmd)
 		},
 	}
 )
 func remove(cmd *cobra.Command, _ []string) {
 	target := parseTarget(cmd)
@ -25,9 +31,19 @@ func remove(cmd *cobra.Command, _ []string) {
 	key := key.Get(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, key, commonflags.RPC)
-	chainID := apeCmd.ParseChainID(cmd)
+	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w", errEmptyChainID)
 	}
 	chainIDRaw := []byte(chainID)
 	hexEncoded, _ := cmd.Flags().GetBool(chainIDHexFlag)
 	if hexEncoded {
 		var err error
 		chainIDRaw, err = hex.DecodeString(chainID)
 		commonCmd.ExitOnErr(cmd, "can't decode chain ID as hex: %w", err)
 	}
 	_, err := cli.APEManagerRemoveChain(cmd.Context(), client_sdk.PrmAPEManagerRemoveChain{
 		ChainTarget: target,
 		ChainID:     chainIDRaw,
@ -42,10 +58,9 @@ func initRemoveCmd() {
 	commonflags.Init(removeCmd)
 	ff := removeCmd.Flags()
-	ff.String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
+	ff.String(targetNameFlag, "", targetNameDesc)
-	ff.String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
+	ff.String(targetTypeFlag, "", targetTypeDesc)
-	_ = removeCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
+	_ = removeCmd.MarkFlagRequired(targetTypeFlag)
-	ff.String(apeCmd.ChainIDFlag, "", apeCmd.ChainIDFlagDesc)
+	ff.String(chainIDFlag, "", "Chain id")
-	_ = removeCmd.MarkFlagRequired(apeCmd.ChainIDFlag)
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 	ff.Bool(apeCmd.ChainIDHexFlag, false, apeCmd.ChainIDHexFlagDesc)
 }
--- a/cmd/frostfs-cli/modules/bearer/create.go
+++ b/cmd/frostfs-cli/modules/bearer/create.go
@ -44,7 +44,6 @@ is set to current epoch + n.
 		_ = viper.BindPFlag(commonflags.WalletPath, ff.Lookup(commonflags.WalletPath))
 		_ = viper.BindPFlag(commonflags.Account, ff.Lookup(commonflags.Account))
 		_ = viper.BindPFlag(commonflags.RPC, ff.Lookup(commonflags.RPC))
 	},
 }
@ -82,7 +81,7 @@ func createToken(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "can't parse --"+notValidBeforeFlag+" flag: %w", err)
 	if iatRelative || expRelative || nvbRelative {
-		endpoint := viper.GetString(commonflags.RPC)
+		endpoint, _ := cmd.Flags().GetString(commonflags.RPC)
 		if len(endpoint) == 0 {
 			commonCmd.ExitOnErr(cmd, "can't fetch current epoch: %w", fmt.Errorf("'%s' flag value must be specified", commonflags.RPC))
 		}
--- a/cmd/frostfs-cli/modules/bearer/generate_override.go
+++ b/cmd/frostfs-cli/modules/bearer/generate_override.go
@ -1,20 +1,31 @@
 package bearer
 import (
 	"errors"
 	"fmt"
 	"os"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	parseutil "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/modules/util"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apeSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ape"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
 	cidSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
 	"github.com/spf13/cobra"
 )
 var (
 	errChainIDCannotBeEmpty = errors.New("chain id cannot be empty")
 	errRuleIsNotParsed      = errors.New("rule is not passed")
 )
 const (
-	outputFlag = "output"
+	chainIDFlag    = "chain-id"
 	chainIDHexFlag = "chain-id-hex"
 	ruleFlag       = "rule"
 	pathFlag       = "path"
 	outputFlag     = "output"
 )
 var generateAPEOverrideCmd = &cobra.Command{
@ -29,7 +40,7 @@ Generated APE override can be dumped to a file in JSON format that is passed to
 }
 func genereateAPEOverride(cmd *cobra.Command, _ []string) {
-	c := apeCmd.ParseChain(cmd)
+	c := parseChain(cmd)
 	targetCID, _ := cmd.Flags().GetString(commonflags.CIDFlag)
 	var cid cidSDK.ID
@ -52,7 +63,7 @@ func genereateAPEOverride(cmd *cobra.Command, _ []string) {
 	outputPath, _ := cmd.Flags().GetString(outputFlag)
 	if outputPath != "" {
-		err := os.WriteFile(outputPath, overrideMarshalled, 0o644)
+		err := os.WriteFile(outputPath, []byte(overrideMarshalled), 0o644)
 		commonCmd.ExitOnErr(cmd, "dump error: %w", err)
 	} else {
 		fmt.Print("\n")
@ -66,11 +77,39 @@ func init() {
 	ff.StringP(commonflags.CIDFlag, "", "", "Target container ID.")
 	_ = cobra.MarkFlagRequired(createCmd.Flags(), commonflags.CIDFlag)
-	ff.StringArray(apeCmd.RuleFlag, []string{}, "Rule statement")
+	ff.StringArray(ruleFlag, []string{}, "Rule statement")
-	ff.String(apeCmd.PathFlag, "", "Path to encoded chain in JSON or binary format")
+	ff.String(pathFlag, "", "Path to encoded chain in JSON or binary format")
-	ff.String(apeCmd.ChainIDFlag, "", "Assign ID to the parsed chain")
+	ff.String(chainIDFlag, "", "Assign ID to the parsed chain")
-	ff.Bool(apeCmd.ChainIDHexFlag, false, "Flag to parse chain ID as hex")
+	ff.Bool(chainIDHexFlag, false, "Flag to parse chain ID as hex")
 	ff.String(outputFlag, "", "Output path to dump result JSON-encoded APE override")
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), outputFlag)
 }
 func parseChainID(cmd *cobra.Command) apechain.ID {
 	chainID, _ := cmd.Flags().GetString(chainIDFlag)
 	if chainID == "" {
 		commonCmd.ExitOnErr(cmd, "read chain id error: %w",
 			errChainIDCannotBeEmpty)
 	}
 	return apechain.ID(chainID)
 }
 func parseChain(cmd *cobra.Command) *apechain.Chain {
 	chain := new(apechain.Chain)
 	if rules, _ := cmd.Flags().GetStringArray(ruleFlag); len(rules) > 0 {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", parseutil.ParseAPEChain(chain, rules))
 	} else if encPath, _ := cmd.Flags().GetString(pathFlag); encPath != "" {
 		commonCmd.ExitOnErr(cmd, "decode binary or json error: %w", parseutil.ParseAPEChainBinaryOrJSON(chain, encPath))
 	} else {
 		commonCmd.ExitOnErr(cmd, "parser error: %w", errRuleIsNotParsed)
 	}
 	chain.ID = parseChainID(cmd)
 	cmd.Println("Parsed chain:")
 	parseutil.PrintHumanReadableAPEChain(cmd, chain)
 	return chain
 }
--- a/cmd/frostfs-cli/modules/container/create.go
+++ b/cmd/frostfs-cli/modules/container/create.go
@ -7,20 +7,22 @@ import (
 	"strings"
 	"time"
 	containerApi "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	containerApi "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
 )
 var (
 	containerACL         string
 	containerPolicy      string
 	containerAttributes  []string
 	containerAwait       bool
@ -87,6 +89,9 @@ It will be stored in sidechain when inner ring will accepts it.`,
 		err = parseAttributes(&cnr, containerAttributes)
 		commonCmd.ExitOnErr(cmd, "", err)
 		var basicACL acl.Basic
 		commonCmd.ExitOnErr(cmd, "decode basic ACL string: %w", basicACL.DecodeString(containerACL))
 		tok := getSession(cmd)
 		if tok != nil {
@ -100,6 +105,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 		}
 		cnr.SetPlacementPolicy(*placementPolicy)
 		cnr.SetBasicACL(basicACL)
 		var syncContainerPrm internalclient.SyncContainerPrm
 		syncContainerPrm.SetClient(cli)
@ -133,7 +139,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 				},
 			}
-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)
 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
@ -157,6 +163,10 @@ func initContainerCreateCmd() {
 	flags.DurationP(commonflags.Timeout, commonflags.TimeoutShorthand, commonflags.TimeoutDefault, commonflags.TimeoutUsage)
 	flags.StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, commonflags.WalletPathDefault, commonflags.WalletPathUsage)
 	flags.StringP(commonflags.Account, commonflags.AccountShorthand, commonflags.AccountDefault, commonflags.AccountUsage)
 	flags.StringVar(&containerACL, "basic-acl", acl.NamePrivate, fmt.Sprintf("HEX encoded basic ACL value or keywords like '%s', '%s', '%s'",
 		acl.NamePublicRW, acl.NamePrivate, acl.NamePublicROExtended,
 	))
 	flags.StringVarP(&containerPolicy, "policy", "p", "", "QL-encoded or JSON-encoded placement policy or path to file with it")
 	flags.StringSliceVarP(&containerAttributes, "attributes", "a", nil, "Comma separated pairs of container attributes in form of Key1=Value1,Key2=Value2")
 	flags.BoolVar(&containerAwait, "await", false, "Block execution until container is persisted")
--- a/cmd/frostfs-cli/modules/container/delete.go
+++ b/cmd/frostfs-cli/modules/container/delete.go
@ -110,7 +110,7 @@ Only owner of the container has a permission to remove container.`,
 				},
 			}
-			for range awaitTimeout {
+			for i := 0; i < awaitTimeout; i++ {
 				time.Sleep(1 * time.Second)
 				_, err := internalclient.GetContainer(cmd.Context(), getPrm)
--- a/cmd/frostfs-cli/modules/container/get_eacl.go
+++ b/cmd/frostfs-cli/modules/container/get_eacl.go
@ -0,0 +1,68 @@
 package container
 import (
 	"os"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
 	"github.com/spf13/cobra"
 )
 var getExtendedACLCmd = &cobra.Command{
 	Use:   "get-eacl",
 	Short: "Get extended ACL table of container",
 	Long:  `Get extended ACL table of container`,
 	Run: func(cmd *cobra.Command, _ []string) {
 		id := parseContainerID(cmd)
 		pk := key.GetOrGenerate(cmd)
 		cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC)
 		eaclPrm := internalclient.EACLPrm{
 			Client: cli,
 			ClientParams: client.PrmContainerEACL{
 				ContainerID: &id,
 			},
 		}
 		res, err := internalclient.EACL(cmd.Context(), eaclPrm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		eaclTable := res.EACL()
 		if containerPathTo == "" {
 			cmd.Println("eACL: ")
 			common.PrettyPrintJSON(cmd, &eaclTable, "eACL")
 			return
 		}
 		var data []byte
 		if containerJSON {
 			data, err = eaclTable.MarshalJSON()
 			commonCmd.ExitOnErr(cmd, "can't encode to JSON: %w", err)
 		} else {
 			data, err = eaclTable.Marshal()
 			commonCmd.ExitOnErr(cmd, "can't encode to binary: %w", err)
 		}
 		cmd.Println("dumping data to file:", containerPathTo)
 		err = os.WriteFile(containerPathTo, data, 0o644)
 		commonCmd.ExitOnErr(cmd, "could not write eACL to file: %w", err)
 	},
 }
 func initContainerGetEACLCmd() {
 	commonflags.Init(getExtendedACLCmd)
 	flags := getExtendedACLCmd.Flags()
 	flags.StringVar(&containerID, commonflags.CIDFlag, "", commonflags.CIDFlagUsage)
 	flags.StringVar(&containerPathTo, "to", "", "Path to dump encoded container (default: binary encoded)")
 	flags.BoolVar(&containerJSON, commonflags.JSON, false, "Encode EACL table in json format")
 }
--- a/cmd/frostfs-cli/modules/container/list.go
+++ b/cmd/frostfs-cli/modules/container/list.go
@ -1,16 +1,16 @@
 package container
 import (
 	"strings"
 	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	containerSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 )
 // flags of list command.
@ -54,60 +54,49 @@ var listContainersCmd = &cobra.Command{
 		var prm internalclient.ListContainersPrm
 		prm.SetClient(cli)
-		prm.OwnerID = idUser
+		prm.Account = idUser
 		res, err := internalclient.ListContainers(cmd.Context(), prm)
 		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		prmGet := internalclient.GetContainerPrm{
 			Client: cli,
 		}
 		var containerIDs []cid.ID
 		err := internalclient.ListContainersStream(cmd.Context(), prm, func(id cid.ID) bool {
 			printContainer(cmd, prmGet, id)
 			return false
 		})
 		if err == nil {
 			return
 		}
 		if e, ok := status.FromError(err); ok && e.Code() == codes.Unimplemented {
 			res, err := internalclient.ListContainers(cmd.Context(), prm)
 			commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 			containerIDs = res.SortedIDList()
 		} else {
 			commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
 		}
 		containerIDs := res.SortedIDList()
 		for _, cnrID := range containerIDs {
-			printContainer(cmd, prmGet, cnrID)
+			if flagVarListName == "" && !flagVarListPrintAttr {
 				cmd.Println(cnrID.String())
 				continue
 			}
 			cnrID := cnrID
 			prmGet.ClientParams.ContainerID = &cnrID
 			res, err := internalclient.GetContainer(cmd.Context(), prmGet)
 			if err != nil {
 				cmd.Printf("  failed to read attributes: %v\n", err)
 				continue
 			}
 			cnr := res.Container()
 			if cnrName := containerSDK.Name(cnr); flagVarListName != "" && cnrName != flagVarListName {
 				continue
 			}
 			cmd.Println(cnrID.String())
 			if flagVarListPrintAttr {
 				cnr.IterateAttributes(func(key, val string) {
 					if !strings.HasPrefix(key, container.SysAttributePrefix) && !strings.HasPrefix(key, container.SysAttributePrefixNeoFS) {
 						// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
 						//	Use dedicated method to skip system attributes.
 						cmd.Printf("  %s: %s\n", key, val)
 					}
 				})
 			}
 		}
 	},
 }
 func printContainer(cmd *cobra.Command, prmGet internalclient.GetContainerPrm, id cid.ID) {
 	if flagVarListName == "" && !flagVarListPrintAttr {
 		cmd.Println(id.String())
 		return
 	}
 	prmGet.ClientParams.ContainerID = &id
 	res, err := internalclient.GetContainer(cmd.Context(), prmGet)
 	if err != nil {
 		cmd.Printf("  failed to read attributes: %v\n", err)
 		return
 	}
 	cnr := res.Container()
 	if cnrName := containerSDK.Name(cnr); flagVarListName != "" && cnrName != flagVarListName {
 		return
 	}
 	cmd.Println(id.String())
 	if flagVarListPrintAttr {
 		cnr.IterateUserAttributes(func(key, val string) {
 			cmd.Printf("  %s: %s\n", key, val)
 		})
 	}
 }
 func initContainerListContainersCmd() {
 	commonflags.Init(listContainersCmd)
--- a/cmd/frostfs-cli/modules/container/list_objects.go
+++ b/cmd/frostfs-cli/modules/container/list_objects.go
@ -1,6 +1,9 @@
 package container
 import (
 	"strings"
 	v2object "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
@ -64,8 +67,14 @@ var listContainerObjectsCmd = &cobra.Command{
 				resHead, err := internalclient.HeadObject(cmd.Context(), prmHead)
 				if err == nil {
-					for _, attr := range resHead.Header().UserAttributes() {
+					attrs := resHead.Header().Attributes()
-						cmd.Printf("  %s: %s\n", attr.Key(), attr.Value())
+					for i := range attrs {
 						attrKey := attrs[i].Key()
 						if !strings.HasPrefix(attrKey, v2object.SysAttributePrefix) && !strings.HasPrefix(attrKey, v2object.SysAttributePrefixNeoFS) {
 							// FIXME(@cthulhu-rider): https://git.frostfs.info/TrueCloudLab/frostfs-sdk-go/issues/97
 							//	Use dedicated method to skip system attributes.
 							cmd.Printf("  %s: %s\n", attrKey, attrs[i].Value())
 						}
 					}
 				} else {
 					cmd.Printf("  failed to read attributes: %v\n", err)
--- a/Show more
+++ b/Show more
`@ -1,4 +1,4 @@`
	`FROM golang:1.23`	`FROM golang:1.22`

	`WORKDIR /tmp`	`WORKDIR /tmp`