adm: Allow to use --local-dump everywhere --rpc-endpoint is present

Currently, we allow using `--local-dump` in `morph init` command. We also have this flag in other commands, but no `--protocol` which is also needed. And in new command we do not have the ability to use local dump at all. This commit makes it possible to work either with an RPC or with local-dump in every command. Refs #1035. Refs TrueCloudLab/frostfs-dev-env#42. Writing gopatch this time was really satisfying, btw: ``` @@ var flags expression @@ -flags.StringP(commonflags.EndpointFlag, ...) +commonflags.InitRPC(flags) @@ var flags expression @@ -_ = viper.BindPFlag(commonflags.EndpointFlag, flags.Lookup(...)) +commonflags.BindRPC(flags) ``` Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
adm: Move ProtoConfigPath from constants to commonflags package
2024-11-20 14:38:26 +03:00 · 2024-11-20 14:16:34 +03:00
394 changed files with 3917 additions and 4820 deletions
--- a/.forgejo/workflows/oci-image.yml
+++ b/.forgejo/workflows/oci-image.yml
@ -1,28 +0,0 @@
-name: OCI image
-
-on:
-  push:
-  workflow_dispatch:
-
-jobs:
-  image:
-    name: Build container images
-    runs-on: docker
-    container: git.frostfs.info/truecloudlab/env:oci-image-builder-bookworm
-    steps:
-      - name: Clone git repo
-        uses: actions/checkout@v3
-
-      - name: Build OCI image
-        run: make images
-
-      - name: Push image to OCI registry
-        run: |
-          echo "$REGISTRY_PASSWORD" \
-            | docker login --username truecloudlab --password-stdin git.frostfs.info
-          make push-images
-        if: >-
-          startsWith(github.ref, 'refs/tags/v') &&
-          (github.event_name == 'workflow_dispatch' || github.event_name == 'push')
-        env:
-          REGISTRY_PASSWORD: ${{secrets.FORGEJO_OCI_REGISTRY_PUSH_TOKEN}}
--- a/.forgejo/workflows/vulncheck.yml
+++ b/.forgejo/workflows/vulncheck.yml
@ -19,7 +19,6 @@ jobs:
        uses: actions/setup-go@v3
        with:
          go-version: '1.23'
-          check-latest: true

      - name: Install govulncheck
        run: go install golang.org/x/vuln/cmd/govulncheck@latest
--- a/.golangci.yml
+++ b/.golangci.yml
@ -89,7 +89,5 @@ linters:
    - protogetter
    - intrange
    - tenv
-    - unconvert
-    - unparam
  disable-all: true
  fast: false
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -9,30 +9,6 @@ Changelog for FrostFS Node
 ### Removed
 ### Updated

-## [v0.44.0] - 2024-25-11 - Rongbuk
-
-### Added
- Allow to prioritize nodes during GET traversal via attributes (#1439)
- Add metrics for the frostfsid cache (#1464)
- Customize constant attributes attached to every tracing span (#1488)
- Manage additional keys in the `frostfsid` contract (#1505)
- Describe `--rule` flag in detail for `frostfs-cli ape-manager` subcommands (#1519)
-
-### Changed
- Support richer interaction with the console in `frostfs-cli container policy-playground` (#1396)
- Print address in base58 format in `frostfs-adm morph policy set-admin` (#1515)
-
-### Fixed
- Fix EC object search (#1408)
- Fix EC object put when one of the nodes is unavailable (#1427)
-
-### Removed
- Drop most of the eACL-related code (#1425)
- Remove `--basic-acl` flag from `frostfs-cli container create` (#1483)
-
-### Upgrading from v0.43.0
-The metabase schema has changed completely, resync is required.
-
 ## [v0.42.0]

 ### Added
--- a/3
+++ b/3
@ -1,3 +0,0 @@
-.*          @TrueCloudLab/storage-core-committers @TrueCloudLab/storage-core-developers
-.forgejo/.* @potyarkin
-Makefile    @potyarkin
--- a/21
+++ b/21
@ -8,7 +8,7 @@ HUB_IMAGE ?= git.frostfs.info/truecloudlab/frostfs
 HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"

 GO_VERSION ?= 1.22
-LINT_VERSION ?= 1.62.2
+LINT_VERSION ?= 1.62.0
 TRUECLOUDLAB_LINT_VERSION ?= 0.0.8
 PROTOC_VERSION ?= 25.0
 PROTOGEN_FROSTFS_VERSION ?= $(shell go list -f '{{.Version}}' -m git.frostfs.info/TrueCloudLab/frostfs-sdk-go)
@ -139,15 +139,6 @@ images: image-storage image-ir image-cli image-adm
 # Build dirty local Docker images
 dirty-images: image-dirty-storage image-dirty-ir image-dirty-cli image-dirty-adm

-# Push FrostFS components' docker image to the registry
-push-image-%:
-	@echo "⇒ Publish FrostFS $* docker image "
-	@docker push $(HUB_IMAGE)-$*:$(HUB_TAG)
-
-# Push all Docker images to the registry
-.PHONY: push-images
-push-images: push-image-storage push-image-ir push-image-cli push-image-adm
-
 # Run `make %` in Golang container
 docker/%:
 	docker run --rm -t \
@ -279,12 +270,10 @@ env-up: all
 		echo "Frostfs contracts not found"; exit 1; \
 	fi
 	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph init --contracts ${FROSTFS_CONTRACTS_PATH}
-	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --gas 10.0 \
-		--storage-wallet ./dev/storage/wallet01.json \
-		--storage-wallet ./dev/storage/wallet02.json \
-		--storage-wallet ./dev/storage/wallet03.json \
-		--storage-wallet ./dev/storage/wallet04.json
-
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet01.json --gas 10.0
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet02.json --gas 10.0
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet03.json --gas 10.0
+	${BIN}/frostfs-adm --config ./dev/adm/frostfs-adm.yml morph refill-gas --storage-wallet ./dev/storage/wallet04.json --gas 10.0
 	@if [ ! -f "$(LOCODE_DB_PATH)" ]; then \
 		make locode-download; \
 	fi
--- a/2
+++ b/2
@ -1 +1 @@
-v0.44.0
+v0.42.0
--- a/cmd/frostfs-adm/internal/commonflags/flags.go
+++ b/cmd/frostfs-adm/internal/commonflags/flags.go
@ -16,16 +16,9 @@ const (
 	EndpointFlagDesc  = "N3 RPC node endpoint"
 	EndpointFlagShort = "r"

-	WalletPath          = "wallet"
-	WalletPathShorthand = "w"
-	WalletPathUsage     = "Path to the wallet"
-
 	AlphabetWalletsFlag     = "alphabet-wallets"
 	AlphabetWalletsFlagDesc = "Path to alphabet wallets dir"

-	AdminWalletPath  = "wallet-admin"
-	AdminWalletUsage = "Path to the admin wallet"
-
 	LocalDumpFlag                   = "local-dump"
 	ProtoConfigPath                 = "protocol"
 	ContractsInitFlag               = "contracts"
--- a/cmd/frostfs-adm/internal/commonflags/rpc.go
+++ b/cmd/frostfs-adm/internal/commonflags/rpc.go
@ -0,0 +1,21 @@
+package commonflags
+
+import (
+	"github.com/spf13/pflag"
+	"github.com/spf13/viper"
+)
+
+// InitRPC inits common flags for storage node services.
+func InitRPC(ff *pflag.FlagSet) {
+	ff.StringP(EndpointFlag, EndpointFlagShort, "", EndpointFlagDesc)
+	ff.String(ProtoConfigPath, "", "Path to the consensus node configuration")
+	ff.String(LocalDumpFlag, "", "Path to the blocks dump file")
+}
+
+// BindRPC binds API flags of storage node services to the viper.
+func BindRPC(ff *pflag.FlagSet) {
+	// LocalDumpFlag is left unbind intentionally:
+	// it serves as an explicit signal to use local dump instead of a remote RPC.
+	_ = viper.BindPFlag(EndpointFlag, ff.Lookup(EndpointFlag))
+	_ = viper.BindPFlag(ProtoConfigPath, ff.Lookup(ProtoConfigPath))
+}
--- a/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
+++ b/cmd/frostfs-adm/internal/modules/metabase/upgrade.go
@ -28,7 +28,6 @@ const (
 var (
 	errNoPathsFound          = errors.New("no metabase paths found")
 	errNoMorphEndpointsFound = errors.New("no morph endpoints found")
-	errUpgradeFailed         = errors.New("upgrade failed")
 )

 var UpgradeCmd = &cobra.Command{
@ -92,19 +91,14 @@ func upgrade(cmd *cobra.Command, _ []string) error {
 	if err := eg.Wait(); err != nil {
 		return err
 	}
-	allSuccess := true
 	for mb, ok := range result {
 		if ok {
 			cmd.Println(mb, ": success")
 		} else {
 			cmd.Println(mb, ": failed")
-			allSuccess = false
 		}
 	}
-	if allSuccess {
-		return nil
-	}
-	return errUpgradeFailed
+	return nil
 }

 func getMetabasePaths(appCfg *config.Config) ([]string, error) {
@ -141,7 +135,7 @@ func createContainerInfoProvider(cli *client.Client) (container.InfoProvider, er
 	if err != nil {
 		return nil, fmt.Errorf("resolve container contract hash: %w", err)
 	}
-	cc, err := morphcontainer.NewFromMorph(cli, sh, 0)
+	cc, err := morphcontainer.NewFromMorph(cli, sh, 0, morphcontainer.TryNotary())
 	if err != nil {
 		return nil, fmt.Errorf("create morph container client: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape.go
@ -8,7 +8,7 @@ import (
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	apeCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/ape"
 	apechain "git.frostfs.info/TrueCloudLab/policy-engine/pkg/chain"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -25,7 +25,7 @@ var (
 		Use:   "add-rule-chain",
 		Short: "Add rule chain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: addRuleChain,
@ -35,7 +35,7 @@ var (
 		Use:   "rm-rule-chain",
 		Short: "Remove rule chain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: removeRuleChain,
@ -45,7 +45,7 @@ var (
 		Use:   "list-rule-chains",
 		Short: "List rule chains",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: listRuleChains,
 	}
@ -54,7 +54,7 @@ var (
 		Use:   "set-admin",
 		Short: "Set admin",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: setAdmin,
@ -64,7 +64,7 @@ var (
 		Use:   "get-admin",
 		Short: "Get admin",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: getAdmin,
 	}
@ -73,7 +73,7 @@ var (
 		Use:   "list-targets",
 		Short: "List targets",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: listTargets,
 	}
@ -81,8 +81,7 @@ var (

 func initAddRuleChainCmd() {
 	Cmd.AddCommand(addRuleChainCmd)
-
-	addRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(addRuleChainCmd.Flags())
 	addRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

 	addRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
@ -100,8 +99,7 @@ func initAddRuleChainCmd() {

 func initRemoveRuleChainCmd() {
 	Cmd.AddCommand(removeRuleChainCmd)
-
-	removeRuleChainCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(removeRuleChainCmd.Flags())
 	removeRuleChainCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

 	removeRuleChainCmd.Flags().String(apeCmd.TargetTypeFlag, "", apeCmd.TargetTypeFlagDesc)
@ -116,8 +114,7 @@ func initRemoveRuleChainCmd() {

 func initListRuleChainsCmd() {
 	Cmd.AddCommand(listRuleChainsCmd)
-
-	listRuleChainsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(listRuleChainsCmd.Flags())
 	listRuleChainsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
 	_ = listRuleChainsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
 	listRuleChainsCmd.Flags().String(apeCmd.TargetNameFlag, "", apeCmd.TargetNameFlagDesc)
@ -127,8 +124,7 @@ func initListRuleChainsCmd() {

 func initSetAdminCmd() {
 	Cmd.AddCommand(setAdminCmd)
-
-	setAdminCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(setAdminCmd.Flags())
 	setAdminCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	setAdminCmd.Flags().String(addrAdminFlag, "", addrAdminDesc)
 	_ = setAdminCmd.MarkFlagRequired(addrAdminFlag)
@ -136,14 +132,12 @@ func initSetAdminCmd() {

 func initGetAdminCmd() {
 	Cmd.AddCommand(getAdminCmd)
-
-	getAdminCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(getAdminCmd.Flags())
 }

 func initListTargetsCmd() {
 	Cmd.AddCommand(listTargetsCmd)
-
-	listTargetsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(listTargetsCmd.Flags())
 	listTargetsCmd.Flags().StringP(apeCmd.TargetTypeFlag, "t", "", apeCmd.TargetTypeFlagDesc)
 	_ = listTargetsCmd.MarkFlagRequired(apeCmd.TargetTypeFlag)
 }
@ -200,7 +194,7 @@ func listRuleChains(cmd *cobra.Command, _ []string) {

 func setAdmin(cmd *cobra.Command, _ []string) {
 	s, _ := cmd.Flags().GetString(addrAdminFlag)
-	addr, err := address.StringToUint160(s)
+	addr, err := util.Uint160DecodeStringLE(s)
 	commonCmd.ExitOnErr(cmd, "can't decode admin addr: %w", err)
 	pci, ac := newPolicyContractInterface(cmd)
 	h, vub, err := pci.SetAdmin(addr)
@ -214,7 +208,7 @@ func getAdmin(cmd *cobra.Command, _ []string) {
 	pci, _ := newPolicyContractReaderInterface(cmd)
 	addr, err := pci.GetAdmin()
 	commonCmd.ExitOnErr(cmd, "unable to get admin: %w", err)
-	cmd.Println(address.Uint160ToString(addr))
+	cmd.Println(addr.StringLE())
 }

 func listTargets(cmd *cobra.Command, _ []string) {
--- a/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/ape/ape_util.go
@ -3,8 +3,6 @@ package ape
 import (
 	"errors"

-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
@ -55,15 +53,16 @@ func (n *invokerAdapter) GetRPCInvoker() invoker.RPCInvoke {
 }

 func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorageReader, *invoker.Invoker) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

 	inv := invoker.New(c, nil)
+	var ch util.Uint160
 	r := management.NewReader(inv)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)

-	ch, err := helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
+	ch, err = helper.NNSResolveHash(inv, nnsCs.Hash, helper.DomainOf(constants.PolicyContract))
 	commonCmd.ExitOnErr(cmd, "unable to resolve policy contract hash: %w", err)

 	invokerAdapter := &invokerAdapter{
@ -75,11 +74,10 @@ func newPolicyContractReaderInterface(cmd *cobra.Command) (*morph.ContractStorag
 }

 func newPolicyContractInterface(cmd *cobra.Command) (*morph.ContractStorage, *helper.LocalActor) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

-	walletDir := config.ResolveHomePath(viper.GetString(commonflags.AlphabetWalletsFlag))
-	ac, err := helper.NewLocalActor(c, &helper.AlphabetWallets{Path: walletDir, Label: constants.ConsensusAccountName})
+	ac, err := helper.NewLocalActor(cmd, c, constants.ConsensusAccountName)
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)

 	var ch util.Uint160
--- a/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
+++ b/cmd/frostfs-adm/internal/modules/morph/balance/balance.go
@ -51,7 +51,7 @@ func dumpBalances(cmd *cobra.Command, _ []string) error {
 		nmHash          util.Uint160
 	)

-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/balance/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/balance/root.go
@ -3,20 +3,19 @@ package balance
 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
 )

 var DumpCmd = &cobra.Command{
 	Use:   "dump-balances",
 	Short: "Dump GAS balances",
 	PreRun: func(cmd *cobra.Command, _ []string) {
-		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+		commonflags.BindRPC(cmd.Flags())
 	},
 	RunE: dumpBalances,
 }

 func initDumpBalancesCmd() {
-	DumpCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(DumpCmd.Flags())
 	DumpCmd.Flags().BoolP(dumpBalancesStorageFlag, "s", false, "Dump balances of storage nodes from the current netmap")
 	DumpCmd.Flags().BoolP(dumpBalancesAlphabetFlag, "a", false, "Dump balances of alphabet contracts")
 	DumpCmd.Flags().BoolP(dumpBalancesProxyFlag, "p", false, "Dump balances of the proxy contract")
--- a/cmd/frostfs-adm/internal/modules/morph/config/config.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/config.go
@ -26,7 +26,7 @@ import (
 const forceConfigSet = "force"

 func dumpNetworkConfig(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/config/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/config/root.go
@ -13,7 +13,7 @@ var (
 		Short:                 "Add/update global config value in the FrostFS network",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Args: cobra.MinimumNArgs(1),
 		RunE: SetConfigCmd,
@ -23,7 +23,7 @@ var (
 		Use:   "dump-config",
 		Short: "Dump FrostFS network config",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: dumpNetworkConfig,
 	}
@ -31,14 +31,11 @@ var (

 func initSetConfigCmd() {
 	SetCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	SetCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(SetCmd.Flags())
 	SetCmd.Flags().Bool(forceConfigSet, false, "Force setting not well-known configuration key")
-	SetCmd.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 }

-func initDumpNetworkConfigCmd() {
-	DumpCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-}
+func initDumpNetworkConfigCmd() { commonflags.InitRPC(DumpCmd.Flags()) }

 func init() {
 	initSetConfigCmd()
--- a/cmd/frostfs-adm/internal/modules/morph/container/container.go
+++ b/cmd/frostfs-adm/internal/modules/morph/container/container.go
@ -76,7 +76,7 @@ func dumpContainers(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("invalid filename: %w", err)
 	}

-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
@ -157,7 +157,7 @@ func dumpSingleContainer(bw *io.BufBinWriter, ch util.Uint160, inv *invoker.Invo
 }

 func listContainers(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/container/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/container/root.go
@ -17,7 +17,7 @@ var (
 		Use:   "dump-containers",
 		Short: "Dump FrostFS containers to file",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: dumpContainers,
 	}
@ -27,7 +27,7 @@ var (
 		Short: "Restore FrostFS containers from file",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: restoreContainers,
 	}
@ -36,26 +36,26 @@ var (
 		Use:   "list-containers",
 		Short: "List FrostFS containers",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: listContainers,
 	}
 )

 func initListContainersCmd() {
-	ListCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(ListCmd.Flags())
 	ListCmd.Flags().String(containerContractFlag, "", "Container contract hash (for networks without NNS)")
 }

 func initRestoreContainersCmd() {
 	RestoreCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	RestoreCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(RestoreCmd.Flags())
 	RestoreCmd.Flags().String(containerDumpFlag, "", "File to restore containers from")
 	RestoreCmd.Flags().StringSlice(containerIDsFlag, nil, "Containers to restore")
 }

 func initDumpContainersCmd() {
-	DumpCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(DumpCmd.Flags())
 	DumpCmd.Flags().String(containerDumpFlag, "", "File where to save dumped containers")
 	DumpCmd.Flags().String(containerContractFlag, "", "Container contract hash (for networks without NNS)")
 	DumpCmd.Flags().StringSlice(containerIDsFlag, nil, "Containers to dump")
--- a/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/deploy.go
@ -40,7 +40,7 @@ Contract's manifest file name must be 'config.json'.
 NNS name is taken by stripping '_contract.nef' from the NEF file (similar to frostfs contracts).`,
 	PreRun: func(cmd *cobra.Command, _ []string) {
 		_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+		commonflags.BindRPC(cmd.Flags())
 	},
 	RunE: deployContractCmd,
 }
@ -50,8 +50,7 @@ func init() {

 	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	_ = DeployCmd.MarkFlagFilename(commonflags.AlphabetWalletsFlag)
-
-	ff.StringP(commonflags.EndpointFlag, "r", "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(ff)
 	ff.String(contractPathFlag, "", "Path to the contract directory")
 	_ = DeployCmd.MarkFlagFilename(contractPathFlag)

--- a/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/dump_hashes.go
@ -36,7 +36,7 @@ type contractDumpInfo struct {
 }

 func dumpContractHashes(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't create N3 client: %w", err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/contract/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/contract/root.go
@ -11,7 +11,7 @@ var (
 		Use:   "dump-hashes",
 		Short: "Dump deployed contract hashes",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: dumpContractHashes,
 	}
@ -20,20 +20,20 @@ var (
 		Short: "Update FrostFS contracts",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: updateContracts,
 	}
 )

 func initDumpContractHashesCmd() {
-	DumpHashesCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(DumpHashesCmd.Flags())
 	DumpHashesCmd.Flags().String(commonflags.CustomZoneFlag, "", "Custom zone to search.")
 }

 func initUpdateContractsCmd() {
 	UpdateCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	UpdateCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(UpdateCmd.Flags())
 	UpdateCmd.Flags().String(commonflags.ContractsInitFlag, "", commonflags.ContractsInitFlagDesc)
 	UpdateCmd.Flags().String(commonflags.ContractsURLFlag, "", commonflags.ContractsURLFlagDesc)
 	UpdateCmd.MarkFlagsMutuallyExclusive(commonflags.ContractsInitFlag, commonflags.ContractsURLFlag)
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/additional_keys.go
@ -13,7 +13,7 @@ var (
 		Short: "Add a public key to the subject in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidAddSubjectKey,
 	}
@ -22,7 +22,7 @@ var (
 		Short: "Remove a public key from the subject in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidRemoveSubjectKey,
 	}
@ -32,7 +32,7 @@ func initFrostfsIDAddSubjectKeyCmd() {
 	Cmd.AddCommand(frostfsidAddSubjectKeyCmd)

 	ff := frostfsidAddSubjectKeyCmd.Flags()
-	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(ff)
 	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

 	ff.String(subjectAddressFlag, "", "Subject address")
@ -46,7 +46,7 @@ func initFrostfsIDRemoveSubjectKeyCmd() {
 	Cmd.AddCommand(frostfsidRemoveSubjectKeyCmd)

 	ff := frostfsidRemoveSubjectKeyCmd.Flags()
-	ff.StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(ff)
 	ff.String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)

 	ff.String(subjectAddressFlag, "", "Subject address")
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid.go
@ -39,11 +39,6 @@ const (
 	groupIDFlag        = "group-id"

 	rootNamespacePlaceholder = "<root>"
-
-	keyFlag       = "key"
-	keyDescFlag   = "Key for storing a value in the subject's KV storage"
-	valueFlag     = "value"
-	valueDescFlag = "Value to be stored in the subject's KV storage"
 )

 var (
@ -57,7 +52,7 @@ var (
 		Short: "Create new namespace in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidCreateNamespace,
 	}
@ -66,7 +61,8 @@ var (
 		Use:   "list-namespaces",
 		Short: "List all namespaces in frostfsid",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidListNamespaces,
 	}
@ -76,7 +72,7 @@ var (
 		Short: "Create subject in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidCreateSubject,
 	}
@ -86,7 +82,7 @@ var (
 		Short: "Delete subject from frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidDeleteSubject,
 	}
@ -95,7 +91,8 @@ var (
 		Use:   "list-subjects",
 		Short: "List subjects in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidListSubjects,
 	}
@ -105,7 +102,7 @@ var (
 		Short: "Create group in frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidCreateGroup,
 	}
@ -115,7 +112,7 @@ var (
 		Short: "Delete group from frostfsid contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidDeleteGroup,
 	}
@ -124,7 +121,8 @@ var (
 		Use:   "list-groups",
 		Short: "List groups in namespace",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidListGroups,
 	}
@ -134,7 +132,7 @@ var (
 		Short: "Add subject to group",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidAddSubjectToGroup,
 	}
@ -144,7 +142,7 @@ var (
 		Short: "Remove subject from group",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidRemoveSubjectFromGroup,
 	}
@ -153,32 +151,16 @@ var (
 		Use:   "list-group-subjects",
 		Short: "List subjects in group",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: frostfsidListGroupSubjects,
 	}
-
-	frostfsidSetKVCmd = &cobra.Command{
-		Use:   "set-kv",
-		Short: "Store a key-value pair in the subject's KV storage",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-		},
-		Run: frostfsidSetKV,
-	}
-	frostfsidDeleteKVCmd = &cobra.Command{
-		Use:   "delete-kv",
-		Short: "Delete a value from the subject's KV storage",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-		},
-		Run: frostfsidDeleteKV,
-	}
 )

 func initFrostfsIDCreateNamespaceCmd() {
 	Cmd.AddCommand(frostfsidCreateNamespaceCmd)
-	frostfsidCreateNamespaceCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidCreateNamespaceCmd.Flags())
 	frostfsidCreateNamespaceCmd.Flags().String(namespaceFlag, "", "Namespace name to create")
 	frostfsidCreateNamespaceCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	_ = frostfsidCreateNamespaceCmd.MarkFlagRequired(namespaceFlag)
@ -186,12 +168,13 @@ func initFrostfsIDCreateNamespaceCmd() {

 func initFrostfsIDListNamespacesCmd() {
 	Cmd.AddCommand(frostfsidListNamespacesCmd)
-	frostfsidListNamespacesCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidListNamespacesCmd.Flags())
+	frostfsidListNamespacesCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDCreateSubjectCmd() {
 	Cmd.AddCommand(frostfsidCreateSubjectCmd)
-	frostfsidCreateSubjectCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidCreateSubjectCmd.Flags())
 	frostfsidCreateSubjectCmd.Flags().String(namespaceFlag, "", "Namespace where create subject")
 	frostfsidCreateSubjectCmd.Flags().String(subjectNameFlag, "", "Subject name, must be unique in namespace")
 	frostfsidCreateSubjectCmd.Flags().String(subjectKeyFlag, "", "Subject hex-encoded public key")
@ -200,21 +183,22 @@ func initFrostfsIDCreateSubjectCmd() {

 func initFrostfsIDDeleteSubjectCmd() {
 	Cmd.AddCommand(frostfsidDeleteSubjectCmd)
-	frostfsidDeleteSubjectCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidDeleteSubjectCmd.Flags())
 	frostfsidDeleteSubjectCmd.Flags().String(subjectAddressFlag, "", "Subject address")
 	frostfsidDeleteSubjectCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDListSubjectsCmd() {
 	Cmd.AddCommand(frostfsidListSubjectsCmd)
-	frostfsidListSubjectsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidListSubjectsCmd.Flags())
 	frostfsidListSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace to list subjects")
 	frostfsidListSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
+	frostfsidListSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDCreateGroupCmd() {
 	Cmd.AddCommand(frostfsidCreateGroupCmd)
-	frostfsidCreateGroupCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidCreateGroupCmd.Flags())
 	frostfsidCreateGroupCmd.Flags().String(namespaceFlag, "", "Namespace where create group")
 	frostfsidCreateGroupCmd.Flags().String(groupNameFlag, "", "Group name, must be unique in namespace")
 	frostfsidCreateGroupCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
@ -223,7 +207,7 @@ func initFrostfsIDCreateGroupCmd() {

 func initFrostfsIDDeleteGroupCmd() {
 	Cmd.AddCommand(frostfsidDeleteGroupCmd)
-	frostfsidDeleteGroupCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidDeleteGroupCmd.Flags())
 	frostfsidDeleteGroupCmd.Flags().String(namespaceFlag, "", "Namespace to delete group")
 	frostfsidDeleteGroupCmd.Flags().Int64(groupIDFlag, 0, "Group id")
 	frostfsidDeleteGroupCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
@ -231,13 +215,14 @@ func initFrostfsIDDeleteGroupCmd() {

 func initFrostfsIDListGroupsCmd() {
 	Cmd.AddCommand(frostfsidListGroupsCmd)
-	frostfsidListGroupsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidListGroupsCmd.Flags())
 	frostfsidListGroupsCmd.Flags().String(namespaceFlag, "", "Namespace to list groups")
+	frostfsidListGroupsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initFrostfsIDAddSubjectToGroupCmd() {
 	Cmd.AddCommand(frostfsidAddSubjectToGroupCmd)
-	frostfsidAddSubjectToGroupCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidAddSubjectToGroupCmd.Flags())
 	frostfsidAddSubjectToGroupCmd.Flags().String(subjectAddressFlag, "", "Subject address")
 	frostfsidAddSubjectToGroupCmd.Flags().Int64(groupIDFlag, 0, "Group id")
 	frostfsidAddSubjectToGroupCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
@ -245,7 +230,7 @@ func initFrostfsIDAddSubjectToGroupCmd() {

 func initFrostfsIDRemoveSubjectFromGroupCmd() {
 	Cmd.AddCommand(frostfsidRemoveSubjectFromGroupCmd)
-	frostfsidRemoveSubjectFromGroupCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidRemoveSubjectFromGroupCmd.Flags())
 	frostfsidRemoveSubjectFromGroupCmd.Flags().String(subjectAddressFlag, "", "Subject address")
 	frostfsidRemoveSubjectFromGroupCmd.Flags().Int64(groupIDFlag, 0, "Group id")
 	frostfsidRemoveSubjectFromGroupCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
@ -253,25 +238,11 @@ func initFrostfsIDRemoveSubjectFromGroupCmd() {

 func initFrostfsIDListGroupSubjectsCmd() {
 	Cmd.AddCommand(frostfsidListGroupSubjectsCmd)
-	frostfsidListGroupSubjectsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(frostfsidListGroupSubjectsCmd.Flags())
 	frostfsidListGroupSubjectsCmd.Flags().String(namespaceFlag, "", "Namespace name")
 	frostfsidListGroupSubjectsCmd.Flags().Int64(groupIDFlag, 0, "Group id")
 	frostfsidListGroupSubjectsCmd.Flags().Bool(includeNamesFlag, false, "Whether include subject name (require additional requests)")
-}
-
-func initFrostfsIDSetKVCmd() {
-	Cmd.AddCommand(frostfsidSetKVCmd)
-	frostfsidSetKVCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	frostfsidSetKVCmd.Flags().String(subjectAddressFlag, "", "Subject address")
-	frostfsidSetKVCmd.Flags().String(keyFlag, "", keyDescFlag)
-	frostfsidSetKVCmd.Flags().String(valueFlag, "", valueDescFlag)
-}
-
-func initFrostfsIDDeleteKVCmd() {
-	Cmd.AddCommand(frostfsidDeleteKVCmd)
-	frostfsidDeleteKVCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	frostfsidDeleteKVCmd.Flags().String(subjectAddressFlag, "", "Subject address")
-	frostfsidDeleteKVCmd.Flags().String(keyFlag, "", keyDescFlag)
+	frostfsidListGroupSubjectsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func frostfsidCreateNamespace(cmd *cobra.Command, _ []string) {
@ -291,7 +262,7 @@ func frostfsidListNamespaces(cmd *cobra.Command, _ []string) {
 	reader := frostfsidrpclient.NewReader(inv, hash)
 	sessionID, it, err := reader.ListNamespaces()
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)
-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)

 	namespaces, err := frostfsidclient.ParseNamespaces(items)
@ -343,7 +314,7 @@ func frostfsidListSubjects(cmd *cobra.Command, _ []string) {
 	sessionID, it, err := reader.ListNamespaceSubjects(ns)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)

-	subAddresses, err := frostfsidclient.UnwrapArrayOfUint160(readIterator(inv, &it, sessionID))
+	subAddresses, err := frostfsidclient.UnwrapArrayOfUint160(readIterator(inv, &it, iteratorBatchSize, sessionID))
 	commonCmd.ExitOnErr(cmd, "can't unwrap: %w", err)

 	sort.Slice(subAddresses, func(i, j int) bool { return subAddresses[i].Less(subAddresses[j]) })
@ -357,7 +328,7 @@ func frostfsidListSubjects(cmd *cobra.Command, _ []string) {
 		sessionID, it, err := reader.ListSubjects()
 		commonCmd.ExitOnErr(cmd, "can't get subject: %w", err)

-		items, err := readIterator(inv, &it, sessionID)
+		items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 		commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)

 		subj, err := frostfsidclient.ParseSubject(items)
@ -403,7 +374,7 @@ func frostfsidListGroups(cmd *cobra.Command, _ []string) {
 	sessionID, it, err := reader.ListGroups(ns)
 	commonCmd.ExitOnErr(cmd, "can't get namespace: %w", err)

-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)
 	groups, err := frostfsidclient.ParseGroups(items)
 	commonCmd.ExitOnErr(cmd, "can't parse groups: %w", err)
@ -441,45 +412,6 @@ func frostfsidRemoveSubjectFromGroup(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "remove subject from group error: %w", err)
 }

-func frostfsidSetKV(cmd *cobra.Command, _ []string) {
-	subjectAddress := getFrostfsIDSubjectAddress(cmd)
-	key, _ := cmd.Flags().GetString(keyFlag)
-	value, _ := cmd.Flags().GetString(valueFlag)
-
-	if key == "" {
-		commonCmd.ExitOnErr(cmd, "", errors.New("key can't be empty"))
-	}
-
-	ffsid, err := newFrostfsIDClient(cmd)
-	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
-
-	method, args := ffsid.roCli.SetSubjectKVCall(subjectAddress, key, value)
-
-	ffsid.addCall(method, args)
-
-	err = ffsid.sendWait()
-	commonCmd.ExitOnErr(cmd, "set KV: %w", err)
-}
-
-func frostfsidDeleteKV(cmd *cobra.Command, _ []string) {
-	subjectAddress := getFrostfsIDSubjectAddress(cmd)
-	key, _ := cmd.Flags().GetString(keyFlag)
-
-	if key == "" {
-		commonCmd.ExitOnErr(cmd, "", errors.New("key can't be empty"))
-	}
-
-	ffsid, err := newFrostfsIDClient(cmd)
-	commonCmd.ExitOnErr(cmd, "init contract client: %w", err)
-
-	method, args := ffsid.roCli.DeleteSubjectKVCall(subjectAddress, key)
-
-	ffsid.addCall(method, args)
-
-	err = ffsid.sendWait()
-	commonCmd.ExitOnErr(cmd, "delete KV: %w", err)
-}
-
 func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	ns := getFrostfsIDNamespace(cmd)
 	groupID := getFrostfsIDGroupID(cmd)
@ -492,7 +424,7 @@ func frostfsidListGroupSubjects(cmd *cobra.Command, _ []string) {
 	sessionID, it, err := reader.ListGroupSubjects(ns, big.NewInt(groupID))
 	commonCmd.ExitOnErr(cmd, "can't list groups: %w", err)

-	items, err := readIterator(inv, &it, sessionID)
+	items, err := readIterator(inv, &it, iteratorBatchSize, sessionID)
 	commonCmd.ExitOnErr(cmd, "can't read iterator: %w", err)

 	subjects, err := frostfsidclient.UnwrapArrayOfUint160(items, err)
@ -565,28 +497,32 @@ func (f *frostfsidClient) sendWaitRes() (*state.AppExecResult, error) {
 	}
 	f.bw.Reset()

+	if len(f.wCtx.SentTxs) == 0 {
+		return nil, errors.New("no transactions to wait")
+	}
+
 	f.wCtx.Command.Println("Waiting for transactions to persist...")
 	return f.roCli.Wait(f.wCtx.SentTxs[0].Hash, f.wCtx.SentTxs[0].Vub, nil)
 }

-func readIterator(inv *invoker.Invoker, iter *result.Iterator, sessionID uuid.UUID) ([]stackitem.Item, error) {
+func readIterator(inv *invoker.Invoker, iter *result.Iterator, batchSize int, sessionID uuid.UUID) ([]stackitem.Item, error) {
 	var shouldStop bool
 	res := make([]stackitem.Item, 0)
 	for !shouldStop {
-		items, err := inv.TraverseIterator(sessionID, iter, iteratorBatchSize)
+		items, err := inv.TraverseIterator(sessionID, iter, batchSize)
 		if err != nil {
 			return nil, err
 		}

 		res = append(res, items...)
-		shouldStop = len(items) < iteratorBatchSize
+		shouldStop = len(items) < batchSize
 	}

 	return res, nil
 }

 func initInvoker(cmd *cobra.Command) (*invoker.Invoker, *state.Contract, util.Uint160) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/frostfsid_util_test.go
@ -1,12 +1,59 @@
 package frostfsid

 import (
+	"encoding/hex"
 	"testing"

+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/ape"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
+	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 )

+func TestFrostfsIDConfig(t *testing.T) {
+	pks := make([]*keys.PrivateKey, 4)
+	for i := range pks {
+		pk, err := keys.NewPrivateKey()
+		require.NoError(t, err)
+		pks[i] = pk
+	}
+
+	fmts := []string{
+		pks[0].GetScriptHash().StringLE(),
+		address.Uint160ToString(pks[1].GetScriptHash()),
+		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
+		hex.EncodeToString(pks[3].PublicKey().Bytes()),
+	}
+
+	for i := range fmts {
+		v := viper.New()
+		v.Set("frostfsid.admin", fmts[i])
+
+		actual, found, err := helper.GetFrostfsIDAdmin(v)
+		require.NoError(t, err)
+		require.True(t, found)
+		require.Equal(t, pks[i].GetScriptHash(), actual)
+	}
+
+	t.Run("bad key", func(t *testing.T) {
+		v := viper.New()
+		v.Set("frostfsid.admin", "abc")
+
+		_, found, err := helper.GetFrostfsIDAdmin(v)
+		require.Error(t, err)
+		require.True(t, found)
+	})
+	t.Run("missing key", func(t *testing.T) {
+		v := viper.New()
+
+		_, found, err := helper.GetFrostfsIDAdmin(v)
+		require.NoError(t, err)
+		require.False(t, found)
+	})
+}
+
 func TestNamespaceRegexp(t *testing.T) {
 	for _, tc := range []struct {
 		name      string
--- a/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/frostfsid/root.go
@ -12,8 +12,6 @@ func init() {
 	initFrostfsIDAddSubjectToGroupCmd()
 	initFrostfsIDRemoveSubjectFromGroupCmd()
 	initFrostfsIDListGroupSubjectsCmd()
-	initFrostfsIDSetKVCmd()
-	initFrostfsIDDeleteKVCmd()
 	initFrostfsIDAddSubjectKeyCmd()
 	initFrostfsIDRemoveSubjectKeyCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/generate.go
@ -12,6 +12,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/gas"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract"
@ -140,29 +141,60 @@ func addMultisigAccount(w *wallet.Wallet, m int, name, password string, pubs key
 }

 func generateStorageCreds(cmd *cobra.Command, _ []string) error {
-	walletPath, _ := cmd.Flags().GetString(commonflags.StorageWalletFlag)
-	w, err := wallet.NewWallet(walletPath)
-	if err != nil {
-		return fmt.Errorf("create wallet: %w", err)
-	}
-
-	label, _ := cmd.Flags().GetString(storageWalletLabelFlag)
-	password, err := config.GetStoragePassword(viper.GetViper(), label)
-	if err != nil {
-		return fmt.Errorf("can't fetch password: %w", err)
-	}
-
-	if label == "" {
-		label = constants.SingleAccountName
-	}
-
-	if err := w.CreateAccount(label, password); err != nil {
-		return fmt.Errorf("can't create account: %w", err)
-	}
-	return refillGas(cmd, storageGasConfigFlag, w.Accounts[0].ScriptHash())
+	return refillGas(cmd, storageGasConfigFlag, true)
 }

-func refillGas(cmd *cobra.Command, gasFlag string, gasReceivers ...util.Uint160) (err error) {
+func refillGas(cmd *cobra.Command, gasFlag string, createWallet bool) (err error) {
+	// storage wallet path is not part of the config
+	storageWalletPath, _ := cmd.Flags().GetString(commonflags.StorageWalletFlag)
+	// wallet address is not part of the config
+	walletAddress, _ := cmd.Flags().GetString(walletAddressFlag)
+
+	var gasReceiver util.Uint160
+
+	if len(walletAddress) != 0 {
+		gasReceiver, err = address.StringToUint160(walletAddress)
+		if err != nil {
+			return fmt.Errorf("invalid wallet address %s: %w", walletAddress, err)
+		}
+	} else {
+		if storageWalletPath == "" {
+			return fmt.Errorf("missing wallet path (use '--%s <out.json>')", commonflags.StorageWalletFlag)
+		}
+
+		var w *wallet.Wallet
+
+		if createWallet {
+			w, err = wallet.NewWallet(storageWalletPath)
+		} else {
+			w, err = wallet.NewWalletFromFile(storageWalletPath)
+		}
+
+		if err != nil {
+			return fmt.Errorf("can't create wallet: %w", err)
+		}
+
+		if createWallet {
+			var password string
+
+			label, _ := cmd.Flags().GetString(storageWalletLabelFlag)
+			password, err := config.GetStoragePassword(viper.GetViper(), label)
+			if err != nil {
+				return fmt.Errorf("can't fetch password: %w", err)
+			}
+
+			if label == "" {
+				label = constants.SingleAccountName
+			}
+
+			if err := w.CreateAccount(label, password); err != nil {
+				return fmt.Errorf("can't create account: %w", err)
+			}
+		}
+
+		gasReceiver = w.Accounts[0].Contract.ScriptHash()
+	}
+
 	gasStr := viper.GetString(gasFlag)

 	gasAmount, err := helper.ParseGASAmount(gasStr)
@ -176,11 +208,9 @@ func refillGas(cmd *cobra.Command, gasFlag string, gasReceivers ...util.Uint160)
 	}

 	bw := io.NewBufBinWriter()
-	for _, gasReceiver := range gasReceivers {
-		emit.AppCall(bw.BinWriter, gas.Hash, "transfer", callflag.All,
-			wCtx.CommitteeAcc.Contract.ScriptHash(), gasReceiver, int64(gasAmount), nil)
-		emit.Opcodes(bw.BinWriter, opcode.ASSERT)
-	}
+	emit.AppCall(bw.BinWriter, gas.Hash, "transfer", callflag.All,
+		wCtx.CommitteeAcc.Contract.ScriptHash(), gasReceiver, int64(gasAmount), nil)
+	emit.Opcodes(bw.BinWriter, opcode.ASSERT)
 	if bw.Err != nil {
 		return fmt.Errorf("BUG: invalid transfer arguments: %w", bw.Err)
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/generate/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/generate/root.go
@ -1,12 +1,7 @@
 package generate

 import (
-	"fmt"
-
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
-	"github.com/nspcc-dev/neo-go/pkg/util"
-	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )
@ -24,7 +19,7 @@ var (
 		Short: "Generate storage node wallet for the morph network",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(storageGasConfigFlag, cmd.Flags().Lookup(storageGasCLIFlag))
 		},
 		RunE: generateStorageCreds,
@ -34,31 +29,11 @@ var (
 		Short: "Refill GAS of storage node's wallet in the morph network",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.RefillGasAmountFlag, cmd.Flags().Lookup(commonflags.RefillGasAmountFlag))
 		},
 		RunE: func(cmd *cobra.Command, _ []string) error {
-			storageWalletPaths, _ := cmd.Flags().GetStringArray(commonflags.StorageWalletFlag)
-			walletAddresses, _ := cmd.Flags().GetStringArray(walletAddressFlag)
-
-			var gasReceivers []util.Uint160
-			for _, walletAddress := range walletAddresses {
-				addr, err := address.StringToUint160(walletAddress)
-				if err != nil {
-					return fmt.Errorf("invalid wallet address %s: %w", walletAddress, err)
-				}
-
-				gasReceivers = append(gasReceivers, addr)
-			}
-			for _, storageWalletPath := range storageWalletPaths {
-				w, err := wallet.NewWalletFromFile(storageWalletPath)
-				if err != nil {
-					return fmt.Errorf("can't create wallet: %w", err)
-				}
-
-				gasReceivers = append(gasReceivers, w.Accounts[0].Contract.ScriptHash())
-			}
-			return refillGas(cmd, commonflags.RefillGasAmountFlag, gasReceivers...)
+			return refillGas(cmd, commonflags.RefillGasAmountFlag, false)
 		},
 	}
 	GenerateAlphabetCmd = &cobra.Command{
@ -74,16 +49,16 @@ var (

 func initRefillGasCmd() {
 	RefillGasCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	RefillGasCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	RefillGasCmd.Flags().StringArray(commonflags.StorageWalletFlag, nil, "Path to storage node wallet")
-	RefillGasCmd.Flags().StringArray(walletAddressFlag, nil, "Address of wallet")
+	commonflags.InitRPC(RefillGasCmd.Flags())
+	RefillGasCmd.Flags().String(commonflags.StorageWalletFlag, "", "Path to storage node wallet")
+	RefillGasCmd.Flags().String(walletAddressFlag, "", "Address of wallet")
 	RefillGasCmd.Flags().String(commonflags.RefillGasAmountFlag, "", "Additional amount of GAS to transfer")
-	RefillGasCmd.MarkFlagsOneRequired(walletAddressFlag, commonflags.StorageWalletFlag)
+	RefillGasCmd.MarkFlagsMutuallyExclusive(walletAddressFlag, commonflags.StorageWalletFlag)
 }

 func initGenerateStorageCmd() {
 	GenerateStorageCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	GenerateStorageCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(GenerateStorageCmd.Flags())
 	GenerateStorageCmd.Flags().String(commonflags.StorageWalletFlag, "", "Path to new storage node wallet")
 	GenerateStorageCmd.Flags().String(storageGasCLIFlag, "", "Initial amount of GAS to transfer")
 	GenerateStorageCmd.Flags().StringP(storageWalletLabelFlag, "l", "", "Wallet label")
--- a/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/actor.go
@ -3,6 +3,9 @@ package helper
 import (
 	"fmt"

+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
+	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
@ -13,6 +16,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )

@ -24,88 +28,48 @@ type LocalActor struct {
 	rpcInvoker invoker.RPCInvoke
 }

-type AlphabetWallets struct {
-	Label string
-	Path  string
-}
-
-func (a *AlphabetWallets) GetAccount(v *viper.Viper) ([]*wallet.Account, error) {
-	w, err := GetAlphabetWallets(v, a.Path)
-	if err != nil {
-		return nil, err
-	}
-
-	var accounts []*wallet.Account
-	for _, wall := range w {
-		acc, err := GetWalletAccount(wall, a.Label)
-		if err != nil {
-			return nil, err
-		}
-		accounts = append(accounts, acc)
-	}
-	return accounts, nil
-}
-
-type RegularWallets struct{ Path string }
-
-func (r *RegularWallets) GetAccount() ([]*wallet.Account, error) {
-	w, err := getRegularWallet(r.Path)
-	if err != nil {
-		return nil, err
-	}
-
-	return []*wallet.Account{w.GetAccount(w.GetChangeAddress())}, nil
-}
-
 // NewLocalActor create LocalActor with accounts form provided wallets.
 // In case of empty wallets provided created actor with dummy account only for read operation.
 //
 // If wallets are provided, the contract client will use accounts with accName name from these wallets.
 // To determine which account name should be used in a contract client, refer to how the contract
 // verifies the transaction signature.
-func NewLocalActor(c actor.RPCActor, alphabet *AlphabetWallets, regularWallets ...*RegularWallets) (*LocalActor, error) {
+func NewLocalActor(cmd *cobra.Command, c actor.RPCActor, accName string) (*LocalActor, error) {
+	walletDir := config.ResolveHomePath(viper.GetString(commonflags.AlphabetWalletsFlag))
 	var act *actor.Actor
 	var accounts []*wallet.Account
-	var signers []actor.SignerAccount
-
-	if alphabet != nil {
-		account, err := alphabet.GetAccount(viper.GetViper())
+	if walletDir == "" {
+		account, err := wallet.NewAccount()
+		commonCmd.ExitOnErr(cmd, "unable to create dummy account: %w", err)
+		act, err = actor.New(c, []actor.SignerAccount{{
+			Signer: transaction.Signer{
+				Account: account.Contract.ScriptHash(),
+				Scopes:  transaction.Global,
+			},
+			Account: account,
+		}})
 		if err != nil {
 			return nil, err
 		}
+	} else {
+		wallets, err := GetAlphabetWallets(viper.GetViper(), walletDir)
+		commonCmd.ExitOnErr(cmd, "unable to get alphabet wallets: %w", err)

-		accounts = append(accounts, account...)
-		signers = append(signers, actor.SignerAccount{
+		for _, w := range wallets {
+			acc, err := GetWalletAccount(w, accName)
+			commonCmd.ExitOnErr(cmd, fmt.Sprintf("can't find %s account: %%w", accName), err)
+			accounts = append(accounts, acc)
+		}
+		act, err = actor.New(c, []actor.SignerAccount{{
 			Signer: transaction.Signer{
-				Account: account[0].Contract.ScriptHash(),
+				Account: accounts[0].Contract.ScriptHash(),
 				Scopes:  transaction.Global,
 			},
-			Account: account[0],
-		})
-	}
-
-	for _, w := range regularWallets {
-		if w == nil {
-			continue
-		}
-		account, err := w.GetAccount()
+			Account: accounts[0],
+		}})
 		if err != nil {
 			return nil, err
 		}
-
-		accounts = append(accounts, account...)
-		signers = append(signers, actor.SignerAccount{
-			Signer: transaction.Signer{
-				Account: account[0].Contract.ScriptHash(),
-				Scopes:  transaction.Global,
-			},
-			Account: account[0],
-		})
-	}
-
-	act, err := actor.New(c, signers)
-	if err != nil {
-		return nil, err
 	}
 	return &LocalActor{
 		neoActor:   act,
--- a/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/contract.go
@ -82,7 +82,7 @@ func GetContractDeployData(c *InitializeContext, ctrName string, keysParam []any
 			h, found, err = getFrostfsIDAdminFromContract(c.ReadOnlyInvoker)
 		}
 		if method != constants.UpdateMethodName || err == nil && !found {
-			h, found, err = getFrostfsIDAdmin(viper.GetViper())
+			h, found, err = GetFrostfsIDAdmin(viper.GetViper())
 		}
 		if err != nil {
 			return nil, err
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid.go
@ -11,7 +11,7 @@ import (

 const frostfsIDAdminConfigKey = "frostfsid.admin"

-func getFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
+func GetFrostfsIDAdmin(v *viper.Viper) (util.Uint160, bool, error) {
 	admin := v.GetString(frostfsIDAdminConfigKey)
 	if admin == "" {
 		return util.Uint160{}, false, nil
--- a/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/frostfsid_test.go
@ -1,53 +0,0 @@
-package helper
-
-import (
-	"encoding/hex"
-	"testing"
-
-	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
-	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
-	"github.com/spf13/viper"
-	"github.com/stretchr/testify/require"
-)
-
-func TestFrostfsIDConfig(t *testing.T) {
-	pks := make([]*keys.PrivateKey, 4)
-	for i := range pks {
-		pk, err := keys.NewPrivateKey()
-		require.NoError(t, err)
-		pks[i] = pk
-	}
-
-	fmts := []string{
-		pks[0].GetScriptHash().StringLE(),
-		address.Uint160ToString(pks[1].GetScriptHash()),
-		hex.EncodeToString(pks[2].PublicKey().UncompressedBytes()),
-		hex.EncodeToString(pks[3].PublicKey().Bytes()),
-	}
-
-	for i := range fmts {
-		v := viper.New()
-		v.Set("frostfsid.admin", fmts[i])
-
-		actual, found, err := getFrostfsIDAdmin(v)
-		require.NoError(t, err)
-		require.True(t, found)
-		require.Equal(t, pks[i].GetScriptHash(), actual)
-	}
-
-	t.Run("bad key", func(t *testing.T) {
-		v := viper.New()
-		v.Set("frostfsid.admin", "abc")
-
-		_, found, err := getFrostfsIDAdmin(v)
-		require.Error(t, err)
-		require.True(t, found)
-	})
-	t.Run("missing key", func(t *testing.T) {
-		v := viper.New()
-
-		_, found, err := getFrostfsIDAdmin(v)
-		require.NoError(t, err)
-		require.False(t, found)
-	})
-}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/initialize_ctx.go
@ -134,12 +134,12 @@ func NewInitializeContext(cmd *cobra.Command, v *viper.Viper) (*InitializeContex
 		return nil, err
 	}

-	accounts, err := getSingleAccounts(wallets)
+	accounts, err := createWalletAccounts(wallets)
 	if err != nil {
 		return nil, err
 	}

-	cliCtx, err := defaultClientContext(c, committeeAcc)
+	cliCtx, err := DefaultClientContext(c, committeeAcc)
 	if err != nil {
 		return nil, fmt.Errorf("client context: %w", err)
 	}
@ -191,7 +191,7 @@ func createClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet)
 		}
 		c, err = NewLocalClient(cmd, v, wallets, ldf.Value.String())
 	} else {
-		c, err = NewRemoteClient(v)
+		c, err = GetN3Client(v)
 	}
 	if err != nil {
 		return nil, fmt.Errorf("can't create N3 client: %w", err)
@ -211,7 +211,7 @@ func getContractsPath(cmd *cobra.Command, needContracts bool) (string, error) {
 	return ctrPath, nil
 }

-func getSingleAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
+func createWalletAccounts(wallets []*wallet.Wallet) ([]*wallet.Account, error) {
 	accounts := make([]*wallet.Account, len(wallets))
 	for i, w := range wallets {
 		acc, err := GetWalletAccount(w, constants.SingleAccountName)
--- a/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/local_client.go
@ -58,59 +58,17 @@ func NewLocalClient(cmd *cobra.Command, v *viper.Viper, wallets []*wallet.Wallet
 		return nil, err
 	}

-	go bc.Run()
-
-	accounts, err := getBlockSigningAccounts(cfg.ProtocolConfiguration, wallets)
-	if err != nil {
-		return nil, err
-	}
-
-	if cmd.Name() != "init" {
-		if err := restoreDump(bc, dumpPath); err != nil {
-			return nil, fmt.Errorf("restore dump: %w", err)
-		}
-	}
-
-	return &LocalClient{
-		bc:       bc,
-		dumpPath: dumpPath,
-		accounts: accounts,
-	}, nil
-}
-
-func restoreDump(bc *core.Blockchain, dumpPath string) error {
-	f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
-	if err != nil {
-		return fmt.Errorf("can't open local dump: %w", err)
-	}
-	defer f.Close()
-
-	r := io.NewBinReaderFromIO(f)
-
-	var skip uint32
-	if bc.BlockHeight() != 0 {
-		skip = bc.BlockHeight() + 1
-	}
-
-	count := r.ReadU32LE() - skip
-	if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
-		return err
-	}
-	return nil
-}
-
-func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet.Wallet) ([]*wallet.Account, error) {
+	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ProtocolConfiguration.ValidatorsCount))
 	accounts := make([]*wallet.Account, len(wallets))
 	for i := range accounts {
-		acc, err := GetWalletAccount(wallets[i], constants.ConsensusAccountName)
+		accounts[i], err = GetWalletAccount(wallets[i], constants.ConsensusAccountName)
 		if err != nil {
 			return nil, err
 		}
-		accounts[i] = acc
 	}

 	indexMap := make(map[string]int)
-	for i, pub := range cfg.StandbyCommittee {
+	for i, pub := range cfg.ProtocolConfiguration.StandbyCommittee {
 		indexMap[pub] = i
 	}

@ -119,12 +77,37 @@ func getBlockSigningAccounts(cfg config.ProtocolConfiguration, wallets []*wallet
 		pj := accounts[j].PrivateKey().PublicKey().Bytes()
 		return indexMap[string(pi)] < indexMap[string(pj)]
 	})
-	sort.Slice(accounts[:cfg.ValidatorsCount], func(i, j int) bool {
+	sort.Slice(accounts[:cfg.ProtocolConfiguration.ValidatorsCount], func(i, j int) bool {
 		return accounts[i].PublicKey().Cmp(accounts[j].PublicKey()) == -1
 	})

-	m := smartcontract.GetDefaultHonestNodeCount(int(cfg.ValidatorsCount))
-	return accounts[:m], nil
+	go bc.Run()
+
+	if cmd.Name() != "init" {
+		f, err := os.OpenFile(dumpPath, os.O_RDONLY, 0o600)
+		if err != nil {
+			return nil, fmt.Errorf("can't open local dump: %w", err)
+		}
+		defer f.Close()
+
+		r := io.NewBinReaderFromIO(f)
+
+		var skip uint32
+		if bc.BlockHeight() != 0 {
+			skip = bc.BlockHeight() + 1
+		}
+
+		count := r.ReadU32LE() - skip
+		if err := chaindump.Restore(bc, r, skip, count, nil); err != nil {
+			return nil, fmt.Errorf("can't restore local dump: %w", err)
+		}
+	}
+
+	return &LocalClient{
+		bc:       bc,
+		dumpPath: dumpPath,
+		accounts: accounts[:m],
+	}, nil
 }

 func (l *LocalClient) GetBlockCount() (uint32, error) {
@ -145,6 +128,11 @@ func (l *LocalClient) GetApplicationLog(h util.Uint256, t *trigger.Type) (*resul
 	return &a, nil
 }

+func (l *LocalClient) GetCommittee() (keys.PublicKeys, error) {
+	// not used by `morph init` command
+	panic("unexpected call")
+}
+
 // InvokeFunction is implemented via `InvokeScript`.
 func (l *LocalClient) InvokeFunction(h util.Uint160, method string, sPrm []smartcontract.Parameter, ss []transaction.Signer) (*result.Invoke, error) {
 	var err error
@ -308,7 +296,13 @@ func (l *LocalClient) InvokeScript(script []byte, signers []transaction.Signer)
 }

 func (l *LocalClient) SendRawTransaction(tx *transaction.Transaction) (util.Uint256, error) {
-	tx = tx.Copy()
+	// We need to test that transaction was formed correctly to catch as many errors as we can.
+	bs := tx.Bytes()
+	_, err := transaction.NewTransactionFromBytes(bs)
+	if err != nil {
+		return tx.Hash(), fmt.Errorf("invalid transaction: %w", err)
+	}
+
 	l.transactions = append(l.transactions, tx)
 	return tx.Hash(), nil
 }
--- a/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/n3client.go
@ -10,6 +10,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/neorpc/result"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
@ -24,10 +25,15 @@ import (
 // Client represents N3 client interface capable of test-invoking scripts
 // and sending signed transactions to chain.
 type Client interface {
-	actor.RPCActor
+	invoker.RPCInvoke

+	GetBlockCount() (uint32, error)
 	GetNativeContracts() ([]state.Contract, error)
 	GetApplicationLog(util.Uint256, *trigger.Type) (*result.ApplicationLog, error)
+	GetVersion() (*result.Version, error)
+	SendRawTransaction(*transaction.Transaction) (util.Uint256, error)
+	GetCommittee() (keys.PublicKeys, error)
+	CalculateNetworkFee(tx *transaction.Transaction) (int64, error)
 }

 type HashVUBPair struct {
@ -42,7 +48,7 @@ type ClientContext struct {
 	SentTxs         []HashVUBPair
 }

-func NewRemoteClient(v *viper.Viper) (Client, error) {
+func GetN3Client(v *viper.Viper) (Client, error) {
 	// number of opened connections
 	// by neo-go client per one host
 	const (
@ -82,14 +88,8 @@ func NewRemoteClient(v *viper.Viper) (Client, error) {
 	return c, nil
 }

-func defaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
-	commAct, err := actor.New(c, []actor.SignerAccount{{
-		Signer: transaction.Signer{
-			Account: committeeAcc.Contract.ScriptHash(),
-			Scopes:  transaction.Global,
-		},
-		Account: committeeAcc,
-	}})
+func DefaultClientContext(c Client, committeeAcc *wallet.Account) (*ClientContext, error) {
+	commAct, err := NewActor(c, committeeAcc)
 	if err != nil {
 		return nil, err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/helper/util.go
+++ b/cmd/frostfs-adm/internal/modules/morph/helper/util.go
@ -14,36 +14,16 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/innerring"
-	"github.com/nspcc-dev/neo-go/cli/input"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
+	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/fixedn"
+	"github.com/nspcc-dev/neo-go/pkg/rpcclient/actor"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/viper"
 )

-func getRegularWallet(walletPath string) (*wallet.Wallet, error) {
-	w, err := wallet.NewWalletFromFile(walletPath)
-	if err != nil {
-		return nil, err
-	}
-
-	password, err := input.ReadPassword("Enter password for wallet:")
-	if err != nil {
-		return nil, fmt.Errorf("can't fetch password: %w", err)
-	}
-
-	for i := range w.Accounts {
-		if err = w.Accounts[i].Decrypt(password, keys.NEP2ScryptParams()); err != nil {
-			err = fmt.Errorf("can't unlock wallet: %w", err)
-			break
-		}
-	}
-
-	return w, err
-}
-
 func GetAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, error) {
 	wallets, err := openAlphabetWallets(v, walletDir)
 	if err != nil {
@ -73,7 +53,7 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 			if errors.Is(err, os.ErrNotExist) {
 				err = nil
 			} else {
-				err = fmt.Errorf("can't open alphabet wallet: %w", err)
+				err = fmt.Errorf("can't open wallet: %w", err)
 			}
 			break
 		}
@ -107,6 +87,16 @@ func openAlphabetWallets(v *viper.Viper, walletDir string) ([]*wallet.Wallet, er
 	return wallets, nil
 }

+func NewActor(c actor.RPCActor, committeeAcc *wallet.Account) (*actor.Actor, error) {
+	return actor.New(c, []actor.SignerAccount{{
+		Signer: transaction.Signer{
+			Account: committeeAcc.Contract.ScriptHash(),
+			Scopes:  transaction.Global,
+		},
+		Account: committeeAcc,
+	}})
+}
+
 func ReadContract(ctrPath, ctrName string) (*ContractState, error) {
 	rawNef, err := os.ReadFile(filepath.Join(ctrPath, ctrName+"_contract.nef"))
 	if err != nil {
--- a/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/initialize/root.go
@ -21,7 +21,7 @@ var Cmd = &cobra.Command{
 	Short: "Initialize side chain network with smart-contracts and network settings",
 	PreRun: func(cmd *cobra.Command, _ []string) {
 		_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+		commonflags.BindRPC(cmd.Flags())
 		_ = viper.BindPFlag(commonflags.EpochDurationInitFlag, cmd.Flags().Lookup(epochDurationCLIFlag))
 		_ = viper.BindPFlag(commonflags.MaxObjectSizeInitFlag, cmd.Flags().Lookup(maxObjectSizeCLIFlag))
 		_ = viper.BindPFlag(commonflags.MaxECDataCountFlag, cmd.Flags().Lookup(commonflags.MaxECDataCountFlag))
@ -31,14 +31,13 @@ var Cmd = &cobra.Command{
 		_ = viper.BindPFlag(commonflags.ContainerFeeInitFlag, cmd.Flags().Lookup(containerFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.ContainerAliasFeeInitFlag, cmd.Flags().Lookup(containerAliasFeeCLIFlag))
 		_ = viper.BindPFlag(commonflags.WithdrawFeeInitFlag, cmd.Flags().Lookup(withdrawFeeCLIFlag))
-		_ = viper.BindPFlag(commonflags.ProtoConfigPath, cmd.Flags().Lookup(commonflags.ProtoConfigPath))
 	},
 	RunE: initializeSideChainCmd,
 }

 func initInitCmd() {
 	Cmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	Cmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(Cmd.Flags())
 	Cmd.Flags().String(commonflags.ContractsInitFlag, "", commonflags.ContractsInitFlagDesc)
 	Cmd.Flags().String(commonflags.ContractsURLFlag, "", commonflags.ContractsURLFlagDesc)
 	Cmd.Flags().Uint(epochDurationCLIFlag, 240, "Amount of side chain blocks in one FrostFS epoch")
@ -47,8 +46,6 @@ func initInitCmd() {
 	// Defaults are taken from neo-preodolenie.
 	Cmd.Flags().Uint64(containerFeeCLIFlag, 1000, "Container registration fee")
 	Cmd.Flags().Uint64(containerAliasFeeCLIFlag, 500, "Container alias fee")
-	Cmd.Flags().String(commonflags.ProtoConfigPath, "", "Path to the consensus node configuration")
-	Cmd.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
 	Cmd.MarkFlagsMutuallyExclusive(commonflags.ContractsInitFlag, commonflags.ContractsURLFlag)
 }

--- a/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/netmap_candidates.go
@ -13,7 +13,7 @@ import (
 )

 func listNetmapCandidatesNodes(cmd *cobra.Command, _ []string) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client: %w", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/netmap/root.go
@ -11,7 +11,8 @@ var (
 		Use:   "netmap-candidates",
 		Short: "List netmap candidates nodes",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
+			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: listNetmapCandidatesNodes,
 	}
@ -20,20 +21,17 @@ var (
 		Short: "Create new FrostFS epoch event in the side chain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: ForceNewEpochCmd,
 	}
 )

-func initNetmapCandidatesCmd() {
-	CandidatesCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-}
+func initNetmapCandidatesCmd() { commonflags.InitRPC(CandidatesCmd.Flags()) }

 func initForceNewEpochCmd() {
 	ForceNewEpoch.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	ForceNewEpoch.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	ForceNewEpoch.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
+	commonflags.InitRPC(ForceNewEpoch.Flags())
 	ForceNewEpoch.Flags().Int64(deltaFlag, 1, "Number of epochs to increase the current epoch")
 }

--- a/cmd/frostfs-adm/internal/modules/morph/nns/domains.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/domains.go
@ -6,14 +6,12 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
 )

 func initRegisterCmd() {
 	Cmd.AddCommand(registerCmd)
-	registerCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(registerCmd.Flags())
 	registerCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	registerCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	registerCmd.Flags().String(nnsEmailFlag, constants.FrostfsOpsEmail, "Domain owner email")
@ -21,13 +19,12 @@ func initRegisterCmd() {
 	registerCmd.Flags().Int64(nnsRetryFlag, constants.NNSRetryDefVal, "SOA record RETRY parameter")
 	registerCmd.Flags().Int64(nnsExpireFlag, int64(constants.DefaultExpirationTime), "SOA record EXPIRE parameter")
 	registerCmd.Flags().Int64(nnsTTLFlag, constants.NNSTtlDefVal, "SOA record TTL parameter")
-	registerCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)

 	_ = cobra.MarkFlagRequired(registerCmd.Flags(), nnsNameFlag)
 }

 func registerDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)

 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
@ -48,16 +45,15 @@ func registerDomain(cmd *cobra.Command, _ []string) {

 func initDeleteCmd() {
 	Cmd.AddCommand(deleteCmd)
-	deleteCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(deleteCmd.Flags())
 	deleteCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	deleteCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
-	deleteCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)

 	_ = cobra.MarkFlagRequired(deleteCmd.Flags(), nnsNameFlag)
 }

 func deleteDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)

 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.DeleteDomain(name)
@ -66,28 +62,3 @@ func deleteDomain(cmd *cobra.Command, _ []string) {
 	commonCmd.ExitOnErr(cmd, "delete domain error: %w", err)
 	cmd.Println("Domain deleted successfully")
 }
-
-func initSetAdminCmd() {
-	Cmd.AddCommand(setAdminCmd)
-	setAdminCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	setAdminCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	setAdminCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
-	setAdminCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)
-	setAdminCmd.Flags().String(commonflags.AdminWalletPath, "", commonflags.AdminWalletUsage)
-	_ = setAdminCmd.MarkFlagRequired(commonflags.AdminWalletPath)
-
-	_ = cobra.MarkFlagRequired(setAdminCmd.Flags(), nnsNameFlag)
-}
-
-func setAdmin(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
-
-	name, _ := cmd.Flags().GetString(nnsNameFlag)
-	w, err := wallet.NewWalletFromFile(viper.GetString(commonflags.AdminWalletPath))
-	commonCmd.ExitOnErr(cmd, "can't get admin wallet: %w", err)
-	h, vub, err := c.SetAdmin(name, w.GetAccount(w.GetChangeAddress()).ScriptHash())
-
-	_, err = actor.Wait(h, vub, err)
-	commonCmd.ExitOnErr(cmd, "Set admin error: %w", err)
-	cmd.Println("Set admin successfully")
-}
--- a/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/helper.go
@ -1,67 +1,26 @@
 package nns

 import (
-	"errors"
-
 	client "git.frostfs.info/TrueCloudLab/frostfs-contract/rpcclient/nns"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/config"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/constants"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
-	"github.com/nspcc-dev/neo-go/pkg/rpcclient/invoker"
 	"github.com/nspcc-dev/neo-go/pkg/rpcclient/management"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )

-func nnsWriter(cmd *cobra.Command) (*client.Contract, *helper.LocalActor) {
+func getRPCClient(cmd *cobra.Command) (*client.Contract, *helper.LocalActor, util.Uint160) {
 	v := viper.GetViper()
-	c, err := helper.NewRemoteClient(v)
+	c, err := helper.GetN3Client(v)
 	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)

-	alphabetWalletPath := config.ResolveHomePath(v.GetString(commonflags.AlphabetWalletsFlag))
-	walletPath := config.ResolveHomePath(v.GetString(commonflags.WalletPath))
-	adminWalletPath := config.ResolveHomePath(v.GetString(commonflags.AdminWalletPath))
-
-	var (
-		alphabet       *helper.AlphabetWallets
-		regularWallets []*helper.RegularWallets
-	)
-
-	if alphabetWalletPath != "" {
-		alphabet = &helper.AlphabetWallets{Path: alphabetWalletPath, Label: constants.ConsensusAccountName}
-	}
-
-	if walletPath != "" {
-		regularWallets = append(regularWallets, &helper.RegularWallets{Path: walletPath})
-	}
-
-	if adminWalletPath != "" {
-		regularWallets = append(regularWallets, &helper.RegularWallets{Path: adminWalletPath})
-	}
-
-	if alphabet == nil && regularWallets == nil {
-		commonCmd.ExitOnErr(cmd, "", errors.New("no wallets provided"))
-	}
-
-	ac, err := helper.NewLocalActor(c, alphabet, regularWallets...)
+	ac, err := helper.NewLocalActor(cmd, c, constants.CommitteeAccountName)
 	commonCmd.ExitOnErr(cmd, "can't create actor: %w", err)

 	r := management.NewReader(ac.Invoker)
 	nnsCs, err := helper.GetContractByID(r, 1)
 	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-	return client.New(ac, nnsCs.Hash), ac
-}
-
-func nnsReader(cmd *cobra.Command) (*client.ContractReader, *invoker.Invoker) {
-	c, err := helper.NewRemoteClient(viper.GetViper())
-	commonCmd.ExitOnErr(cmd, "unable to create NEO rpc client: %w", err)
-
-	inv := invoker.New(c, nil)
-	r := management.NewReader(inv)
-	nnsCs, err := helper.GetContractByID(r, 1)
-	commonCmd.ExitOnErr(cmd, "can't get NNS contract state: %w", err)
-
-	return client.NewReader(inv, nnsCs.Hash), inv
+	return client.New(ac, nnsCs.Hash), ac, nnsCs.Hash
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/record.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/record.go
@ -8,18 +8,18 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-contract/nns"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
+	"github.com/nspcc-dev/neo-go/pkg/rpcclient/unwrap"
 	"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
 	"github.com/spf13/cobra"
 )

 func initAddRecordCmd() {
 	Cmd.AddCommand(addRecordCmd)
-	addRecordCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(addRecordCmd.Flags())
 	addRecordCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	addRecordCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	addRecordCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
 	addRecordCmd.Flags().String(nnsRecordDataFlag, "", nnsRecordDataFlagDesc)
-	addRecordCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)

 	_ = cobra.MarkFlagRequired(addRecordCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(addRecordCmd.Flags(), nnsRecordTypeFlag)
@ -28,7 +28,8 @@ func initAddRecordCmd() {

 func initGetRecordsCmd() {
 	Cmd.AddCommand(getRecordsCmd)
-	getRecordsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(getRecordsCmd.Flags())
+	getRecordsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	getRecordsCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	getRecordsCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)

@ -37,11 +38,10 @@ func initGetRecordsCmd() {

 func initDelRecordsCmd() {
 	Cmd.AddCommand(delRecordsCmd)
-	delRecordsCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(delRecordsCmd.Flags())
 	delRecordsCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	delRecordsCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	delRecordsCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
-	delRecordsCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)

 	_ = cobra.MarkFlagRequired(delRecordsCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(delRecordsCmd.Flags(), nnsRecordTypeFlag)
@ -49,12 +49,11 @@ func initDelRecordsCmd() {

 func initDelRecordCmd() {
 	Cmd.AddCommand(delRecordCmd)
-	delRecordCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(delRecordCmd.Flags())
 	delRecordCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	delRecordCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	delRecordCmd.Flags().String(nnsRecordTypeFlag, "", nnsRecordTypeFlagDesc)
 	delRecordCmd.Flags().String(nnsRecordDataFlag, "", nnsRecordDataFlagDesc)
-	delRecordCmd.Flags().StringP(commonflags.WalletPath, commonflags.WalletPathShorthand, "", commonflags.WalletPathUsage)

 	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsNameFlag)
 	_ = cobra.MarkFlagRequired(delRecordCmd.Flags(), nnsRecordTypeFlag)
@ -62,7 +61,7 @@ func initDelRecordCmd() {
 }

 func addRecord(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
@ -78,16 +77,16 @@ func addRecord(cmd *cobra.Command, _ []string) {
 }

 func getRecords(cmd *cobra.Command, _ []string) {
-	c, inv := nnsReader(cmd)
+	c, act, hash := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	if recordType == "" {
-		sid, r, err := c.GetAllRecords(name)
+		sid, r, err := unwrap.SessionIterator(act.Invoker.Call(hash, "getAllRecords", name))
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		defer func() {
-			_ = inv.TerminateSession(sid)
+			_ = act.Invoker.TerminateSession(sid)
 		}()
-		items, err := inv.TraverseIterator(sid, &r, 0)
+		items, err := act.Invoker.TraverseIterator(sid, &r, 0)
 		commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		for len(items) != 0 {
 			for j := range items {
@ -98,7 +97,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 					recordTypeToString(nns.RecordType(rs[1].Value().(*big.Int).Int64())),
 					string(bs))
 			}
-			items, err = inv.TraverseIterator(sid, &r, 0)
+			items, err = act.Invoker.TraverseIterator(sid, &r, 0)
 			commonCmd.ExitOnErr(cmd, "unable to get records: %w", err)
 		}
 	} else {
@ -115,7 +114,7 @@ func getRecords(cmd *cobra.Command, _ []string) {
 }

 func delRecords(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
 	typ, err := getRecordType(recordType)
@ -130,7 +129,7 @@ func delRecords(cmd *cobra.Command, _ []string) {
 }

 func delRecord(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	data, _ := cmd.Flags().GetString(nnsRecordDataFlag)
 	recordType, _ := cmd.Flags().GetString(nnsRecordTypeFlag)
--- a/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/renew.go
@ -8,13 +8,13 @@ import (

 func initRenewCmd() {
 	Cmd.AddCommand(renewCmd)
-	renewCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(renewCmd.Flags())
 	renewCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	renewCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 }

 func renewDomain(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)
 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	h, vub, err := c.Renew(name)
 	commonCmd.ExitOnErr(cmd, "unable to renew domain: %w", err)
--- a/cmd/frostfs-adm/internal/modules/morph/nns/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/root.go
@ -29,7 +29,7 @@ var (
 		Use:   "tokens",
 		Short: "List all registered domain names",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: listTokens,
 	}
@ -37,9 +37,8 @@ var (
 		Use:   "register",
 		Short: "Registers a new domain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: registerDomain,
 	}
@ -47,9 +46,8 @@ var (
 		Use:   "delete",
 		Short: "Delete a domain by name",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: deleteDomain,
 	}
@ -57,7 +55,7 @@ var (
 		Use:   "renew",
 		Short: "Increases domain expiration date",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: renewDomain,
@ -66,7 +64,7 @@ var (
 		Use:   "update",
 		Short: "Updates soa record",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
 		},
 		Run: updateSOA,
@ -75,9 +73,8 @@ var (
 		Use:   "add-record",
 		Short: "Adds a new record of the specified type to the provided domain",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: addRecord,
 	}
@ -85,7 +82,7 @@ var (
 		Use:   "get-records",
 		Short: "Returns domain record of the specified type",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: getRecords,
 	}
@ -93,9 +90,8 @@ var (
 		Use:   "delete-records",
 		Short: "Removes domain records with the specified type",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: delRecords,
 	}
@ -103,23 +99,11 @@ var (
 		Use:   "delete-record",
 		Short: "Removes domain record with the specified type and data",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
 		},
 		Run: delRecord,
 	}
-	setAdminCmd = &cobra.Command{
-		Use:   "set-admin",
-		Short: "Sets admin for domain",
-		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
-			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.WalletPath, cmd.Flags().Lookup(commonflags.WalletPath))
-			_ = viper.BindPFlag(commonflags.AdminWalletPath, cmd.Flags().Lookup(commonflags.AdminWalletPath))
-		},
-		Run: setAdmin,
-	}
 )

 func init() {
@ -132,5 +116,4 @@ func init() {
 	initGetRecordsCmd()
 	initDelRecordsCmd()
 	initDelRecordCmd()
-	initSetAdminCmd()
 }
--- a/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/tokens.go
@ -17,12 +17,13 @@ const (

 func initTokensCmd() {
 	Cmd.AddCommand(tokensCmd)
-	tokensCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(tokensCmd.Flags())
+	tokensCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	tokensCmd.Flags().BoolP(commonflags.Verbose, commonflags.VerboseShorthand, false, verboseDesc)
 }

 func listTokens(cmd *cobra.Command, _ []string) {
-	c, _ := nnsReader(cmd)
+	c, _, _ := getRPCClient(cmd)
 	it, err := c.Tokens()
 	commonCmd.ExitOnErr(cmd, "unable to get tokens: %w", err)
 	for toks, err := it.Next(10); err == nil && len(toks) > 0; toks, err = it.Next(10) {
@ -40,7 +41,7 @@ func listTokens(cmd *cobra.Command, _ []string) {
 	}
 }

-func getCnameRecord(c *client.ContractReader, token []byte) (string, error) {
+func getCnameRecord(c *client.Contract, token []byte) (string, error) {
 	items, err := c.GetRecords(string(token), big.NewInt(int64(nns.CNAME)))

 	// GetRecords returns the error "not an array" if the domain does not contain records.
--- a/cmd/frostfs-adm/internal/modules/morph/nns/update.go
+++ b/cmd/frostfs-adm/internal/modules/morph/nns/update.go
@ -11,7 +11,7 @@ import (

 func initUpdateCmd() {
 	Cmd.AddCommand(updateCmd)
-	updateCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(updateCmd.Flags())
 	updateCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 	updateCmd.Flags().String(nnsNameFlag, "", nnsNameFlagDesc)
 	updateCmd.Flags().String(nnsEmailFlag, constants.FrostfsOpsEmail, "Domain owner email")
@ -30,7 +30,7 @@ func initUpdateCmd() {
 }

 func updateSOA(cmd *cobra.Command, _ []string) {
-	c, actor := nnsWriter(cmd)
+	c, actor, _ := getRPCClient(cmd)

 	name, _ := cmd.Flags().GetString(nnsNameFlag)
 	email, _ := cmd.Flags().GetString(nnsEmailFlag)
--- a/cmd/frostfs-adm/internal/modules/morph/node/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/node/root.go
@ -12,15 +12,14 @@ var RemoveCmd = &cobra.Command{
 	Long:  `Move nodes to the Offline state in the candidates list and tick an epoch to update the netmap`,
 	PreRun: func(cmd *cobra.Command, _ []string) {
 		_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+		commonflags.BindRPC(cmd.Flags())
 	},
 	RunE: RemoveNodesCmd,
 }

 func initRemoveNodesCmd() {
 	RemoveCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	RemoveCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	RemoveCmd.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
+	commonflags.InitRPC(RemoveCmd.Flags())
 }

 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/notary.go
@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"math/big"
+	"strconv"

 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/modules/morph/helper"
@ -40,8 +41,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 	}

 	accHash := w.GetChangeAddress()
-	addr, _ := cmd.Flags().GetString(walletAccountFlag)
-	if addr != "" {
+	if addr, err := cmd.Flags().GetString(walletAccountFlag); err == nil {
 		accHash, err = address.StringToUint160(addr)
 		if err != nil {
 			return fmt.Errorf("invalid address: %s", addr)
@ -53,7 +53,7 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("can't find account for %s", accHash)
 	}

-	prompt := fmt.Sprintf("Enter password for %s > ", address.Uint160ToString(accHash))
+	prompt := fmt.Sprintf("Enter password for %s >", address.Uint160ToString(accHash))
 	pass, err := input.ReadPassword(prompt)
 	if err != nil {
 		return fmt.Errorf("can't get password: %v", err)
@ -73,16 +73,23 @@ func depositNotary(cmd *cobra.Command, _ []string) error {
 		return err
 	}

-	till, _ := cmd.Flags().GetInt64(notaryDepositTillFlag)
-	if till <= 0 {
-		return errInvalidNotaryDepositLifetime
+	till := int64(defaultNotaryDepositLifetime)
+	tillStr, err := cmd.Flags().GetString(notaryDepositTillFlag)
+	if err != nil {
+		return err
+	}
+	if tillStr != "" {
+		till, err = strconv.ParseInt(tillStr, 10, 64)
+		if err != nil || till <= 0 {
+			return errInvalidNotaryDepositLifetime
+		}
 	}

 	return transferGas(cmd, acc, accHash, gasAmount, till)
 }

 func transferGas(cmd *cobra.Command, acc *wallet.Account, accHash util.Uint160, gasAmount fixedn.Fixed8, till int64) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	if err != nil {
 		return err
 	}
--- a/cmd/frostfs-adm/internal/modules/morph/notary/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/notary/root.go
@ -3,24 +3,23 @@ package notary
 import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-adm/internal/commonflags"
 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
 )

 var DepositCmd = &cobra.Command{
 	Use:   "deposit-notary",
 	Short: "Deposit GAS for notary service",
 	PreRun: func(cmd *cobra.Command, _ []string) {
-		_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+		commonflags.BindRPC(cmd.Flags())
 	},
 	RunE: depositNotary,
 }

 func initDepositoryNotaryCmd() {
-	DepositCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
+	commonflags.InitRPC(DepositCmd.Flags())
 	DepositCmd.Flags().String(commonflags.StorageWalletFlag, "", "Path to storage node wallet")
 	DepositCmd.Flags().String(walletAccountFlag, "", "Wallet account address")
 	DepositCmd.Flags().String(commonflags.RefillGasAmountFlag, "", "Amount of GAS to deposit")
-	DepositCmd.Flags().Int64(notaryDepositTillFlag, defaultNotaryDepositLifetime, "Notary deposit duration in blocks")
+	DepositCmd.Flags().String(notaryDepositTillFlag, "", "Notary deposit duration in blocks")
 }

 func init() {
--- a/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/policy.go
@ -62,7 +62,7 @@ func SetPolicyCmd(cmd *cobra.Command, args []string) error {
 }

 func dumpPolicyCmd(cmd *cobra.Command, _ []string) error {
-	c, err := helper.NewRemoteClient(viper.GetViper())
+	c, err := helper.GetN3Client(viper.GetViper())
 	commonCmd.ExitOnErr(cmd, "can't create N3 client:", err)

 	inv := invoker.New(c, nil)
--- a/cmd/frostfs-adm/internal/modules/morph/policy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/policy/root.go
@ -13,7 +13,7 @@ var (
 		Short:                 "Set global policy values",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: SetPolicyCmd,
 		ValidArgsFunction: func(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
@ -25,7 +25,7 @@ var (
 		Use:   "dump-policy",
 		Short: "Dump FrostFS policy",
 		PreRun: func(cmd *cobra.Command, _ []string) {
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		RunE: dumpPolicyCmd,
 	}
@ -33,13 +33,10 @@ var (

 func initSetPolicyCmd() {
 	Set.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
-	Set.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	Set.Flags().String(commonflags.LocalDumpFlag, "", "Path to the blocks dump file")
+	commonflags.InitRPC(Set.Flags())
 }

-func initDumpPolicyCmd() {
-	Dump.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-}
+func initDumpPolicyCmd() { commonflags.InitRPC(Dump.Flags()) }

 func init() {
 	initSetPolicyCmd()
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/proxy.go
@ -20,32 +20,23 @@ const (
 	accountAddressFlag = "account"
 )

-func parseAddresses(cmd *cobra.Command) []util.Uint160 {
-	var addrs []util.Uint160
-
-	accs, _ := cmd.Flags().GetStringArray(accountAddressFlag)
-	for _, acc := range accs {
-		addr, err := address.StringToUint160(acc)
-		commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
-
-		addrs = append(addrs, addr)
-	}
-	return addrs
-}
-
 func addProxyAccount(cmd *cobra.Command, _ []string) {
-	addrs := parseAddresses(cmd)
-	err := processAccount(cmd, addrs, "addAccount")
+	acc, _ := cmd.Flags().GetString(accountAddressFlag)
+	addr, err := address.StringToUint160(acc)
+	commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
+	err = processAccount(cmd, addr, "addAccount")
 	commonCmd.ExitOnErr(cmd, "processing error: %w", err)
 }

 func removeProxyAccount(cmd *cobra.Command, _ []string) {
-	addrs := parseAddresses(cmd)
-	err := processAccount(cmd, addrs, "removeAccount")
+	acc, _ := cmd.Flags().GetString(accountAddressFlag)
+	addr, err := address.StringToUint160(acc)
+	commonCmd.ExitOnErr(cmd, "invalid account: %w", err)
+	err = processAccount(cmd, addr, "removeAccount")
 	commonCmd.ExitOnErr(cmd, "processing error: %w", err)
 }

-func processAccount(cmd *cobra.Command, addrs []util.Uint160, method string) error {
+func processAccount(cmd *cobra.Command, addr util.Uint160, method string) error {
 	wCtx, err := helper.NewInitializeContext(cmd, viper.GetViper())
 	if err != nil {
 		return fmt.Errorf("can't initialize context: %w", err)
@ -63,9 +54,7 @@ func processAccount(cmd *cobra.Command, addrs []util.Uint160, method string) err
 	}

 	bw := io.NewBufBinWriter()
-	for _, addr := range addrs {
-		emit.AppCall(bw.BinWriter, proxyHash, method, callflag.All, addr)
-	}
+	emit.AppCall(bw.BinWriter, proxyHash, method, callflag.All, addr)

 	if err := wCtx.SendConsensusTx(bw.Bytes()); err != nil {
 		return err
--- a/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
+++ b/cmd/frostfs-adm/internal/modules/morph/proxy/root.go
@ -12,7 +12,7 @@ var (
 		Short: "Adds account to proxy contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: addProxyAccount,
 	}
@ -21,23 +21,21 @@ var (
 		Short: "Remove from proxy contract",
 		PreRun: func(cmd *cobra.Command, _ []string) {
 			_ = viper.BindPFlag(commonflags.AlphabetWalletsFlag, cmd.Flags().Lookup(commonflags.AlphabetWalletsFlag))
-			_ = viper.BindPFlag(commonflags.EndpointFlag, cmd.Flags().Lookup(commonflags.EndpointFlag))
+			commonflags.BindRPC(cmd.Flags())
 		},
 		Run: removeProxyAccount,
 	}
 )

 func initProxyAddAccount() {
-	AddAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	AddAccountCmd.Flags().StringArray(accountAddressFlag, nil, "Wallet address string")
-	_ = AddAccountCmd.MarkFlagRequired(accountAddressFlag)
+	commonflags.InitRPC(AddAccountCmd.Flags())
+	AddAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	AddAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

 func initProxyRemoveAccount() {
-	RemoveAccountCmd.Flags().StringP(commonflags.EndpointFlag, commonflags.EndpointFlagShort, "", commonflags.EndpointFlagDesc)
-	RemoveAccountCmd.Flags().StringArray(accountAddressFlag, nil, "Wallet address string")
-	_ = AddAccountCmd.MarkFlagRequired(accountAddressFlag)
+	commonflags.InitRPC(RemoveAccountCmd.Flags())
+	RemoveAccountCmd.Flags().String(accountAddressFlag, "", "Wallet address string")
 	RemoveAccountCmd.Flags().String(commonflags.AlphabetWalletsFlag, "", commonflags.AlphabetWalletsFlagDesc)
 }

--- a/cmd/frostfs-adm/internal/modules/storagecfg/root.go
+++ b/cmd/frostfs-adm/internal/modules/storagecfg/root.go
@ -11,7 +11,6 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
-	"slices"
 	"strconv"
 	"strings"
 	"text/template"
@ -106,7 +105,7 @@ func storageConfig(cmd *cobra.Command, args []string) {
 		fatalOnErr(errors.New("can't find account in wallet"))
 	}

-	c.Wallet.Password, err = input.ReadPassword(fmt.Sprintf("Enter password for %s > ", c.Wallet.Account))
+	c.Wallet.Password, err = input.ReadPassword(fmt.Sprintf("Account password for %s: ", c.Wallet.Account))
 	fatalOnErr(err)

 	err = acc.Decrypt(c.Wallet.Password, keys.NEP2ScryptParams())
@ -411,7 +410,8 @@ func initClient(rpc []string) *rpcclient.Client {
 	var c *rpcclient.Client
 	var err error

-	shuffled := slices.Clone(rpc)
+	shuffled := make([]string, len(rpc))
+	copy(shuffled, rpc)
 	rand.Shuffle(len(shuffled), func(i, j int) { shuffled[i], shuffled[j] = shuffled[j], shuffled[i] })

 	for _, endpoint := range shuffled {
--- a/cmd/frostfs-cli/internal/client/client.go
+++ b/cmd/frostfs-cli/internal/client/client.go
@ -9,6 +9,7 @@ import (
 	"io"
 	"os"
 	"slices"
+	"sort"
 	"strings"

 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/accounting"
@ -77,31 +78,13 @@ func ListContainers(ctx context.Context, prm ListContainersPrm) (res ListContain
 // SortedIDList returns sorted list of identifiers of user's containers.
 func (x ListContainersRes) SortedIDList() []cid.ID {
 	list := x.cliRes.Containers()
-	slices.SortFunc(list, func(lhs, rhs cid.ID) int {
-		return strings.Compare(lhs.EncodeToString(), rhs.EncodeToString())
+	sort.Slice(list, func(i, j int) bool {
+		lhs, rhs := list[i].EncodeToString(), list[j].EncodeToString()
+		return strings.Compare(lhs, rhs) < 0
 	})
 	return list
 }

-func ListContainersStream(ctx context.Context, prm ListContainersPrm, processCnr func(id cid.ID) bool) (err error) {
-	cliPrm := &client.PrmContainerListStream{
-		XHeaders: prm.XHeaders,
-		OwnerID:  prm.OwnerID,
-		Session:  prm.Session,
-	}
-	rdr, err := prm.cli.ContainerListInit(ctx, *cliPrm)
-	if err != nil {
-		return fmt.Errorf("init container list: %w", err)
-	}
-
-	err = rdr.Iterate(processCnr)
-	if err != nil {
-		return fmt.Errorf("read container list: %w", err)
-	}
-
-	return
-}
-
 // PutContainerPrm groups parameters of PutContainer operation.
 type PutContainerPrm struct {
 	Client       *client.Client
--- a/cmd/frostfs-cli/modules/bearer/generate_override.go
+++ b/cmd/frostfs-cli/modules/bearer/generate_override.go
@ -52,7 +52,7 @@ func genereateAPEOverride(cmd *cobra.Command, _ []string) {

 	outputPath, _ := cmd.Flags().GetString(outputFlag)
 	if outputPath != "" {
-		err := os.WriteFile(outputPath, overrideMarshalled, 0o644)
+		err := os.WriteFile(outputPath, []byte(overrideMarshalled), 0o644)
 		commonCmd.ExitOnErr(cmd, "dump error: %w", err)
 	} else {
 		fmt.Print("\n")
--- a/cmd/frostfs-cli/modules/container/list.go
+++ b/cmd/frostfs-cli/modules/container/list.go
@ -6,11 +6,8 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
 	containerSDK "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/spf13/cobra"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
 )

 // flags of list command.
@ -54,60 +51,44 @@ var listContainersCmd = &cobra.Command{

 		var prm internalclient.ListContainersPrm
 		prm.SetClient(cli)
-		prm.OwnerID = idUser
+		prm.Account = idUser
+
+		res, err := internalclient.ListContainers(cmd.Context(), prm)
+		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
+
 		prmGet := internalclient.GetContainerPrm{
 			Client: cli,
 		}
-		var containerIDs []cid.ID
-
-		err := internalclient.ListContainersStream(cmd.Context(), prm, func(id cid.ID) bool {
-			printContainer(cmd, prmGet, id)
-			return false
-		})
-		if err == nil {
-			return
-		}
-
-		if e, ok := status.FromError(err); ok && e.Code() == codes.Unimplemented {
-			res, err := internalclient.ListContainers(cmd.Context(), prm)
-			commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
-			containerIDs = res.SortedIDList()
-		} else {
-			commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
-		}

+		containerIDs := res.SortedIDList()
 		for _, cnrID := range containerIDs {
-			printContainer(cmd, prmGet, cnrID)
+			if flagVarListName == "" && !flagVarListPrintAttr {
+				cmd.Println(cnrID.String())
+				continue
+			}
+
+			prmGet.ClientParams.ContainerID = &cnrID
+			res, err := internalclient.GetContainer(cmd.Context(), prmGet)
+			if err != nil {
+				cmd.Printf("  failed to read attributes: %v\n", err)
+				continue
+			}
+
+			cnr := res.Container()
+			if cnrName := containerSDK.Name(cnr); flagVarListName != "" && cnrName != flagVarListName {
+				continue
+			}
+			cmd.Println(cnrID.String())
+
+			if flagVarListPrintAttr {
+				cnr.IterateUserAttributes(func(key, val string) {
+					cmd.Printf("  %s: %s\n", key, val)
+				})
+			}
 		}
 	},
 }

-func printContainer(cmd *cobra.Command, prmGet internalclient.GetContainerPrm, id cid.ID) {
-	if flagVarListName == "" && !flagVarListPrintAttr {
-		cmd.Println(id.String())
-		return
-	}
-
-	prmGet.ClientParams.ContainerID = &id
-	res, err := internalclient.GetContainer(cmd.Context(), prmGet)
-	if err != nil {
-		cmd.Printf("  failed to read attributes: %v\n", err)
-		return
-	}
-
-	cnr := res.Container()
-	if cnrName := containerSDK.Name(cnr); flagVarListName != "" && cnrName != flagVarListName {
-		return
-	}
-	cmd.Println(id.String())
-
-	if flagVarListPrintAttr {
-		cnr.IterateUserAttributes(func(key, val string) {
-			cmd.Printf("  %s: %s\n", key, val)
-		})
-	}
-}
-
 func initContainerListContainersCmd() {
 	commonflags.Init(listContainersCmd)

--- a/cmd/frostfs-cli/modules/container/policy_playground.go
+++ b/cmd/frostfs-cli/modules/container/policy_playground.go
@ -23,11 +23,11 @@ type policyPlaygroundREPL struct {
 	nodes map[string]netmap.NodeInfo
 }

-func newPolicyPlaygroundREPL(cmd *cobra.Command) *policyPlaygroundREPL {
+func newPolicyPlaygroundREPL(cmd *cobra.Command) (*policyPlaygroundREPL, error) {
 	return &policyPlaygroundREPL{
 		cmd:   cmd,
 		nodes: map[string]netmap.NodeInfo{},
-	}
+	}, nil
 }

 func (repl *policyPlaygroundREPL) handleLs(args []string) error {
@ -246,7 +246,8 @@ var policyPlaygroundCmd = &cobra.Command{
 	Long: `A REPL for testing placement policies.
 If a wallet and endpoint is provided, the initial netmap data will be loaded from the snapshot of the node. Otherwise, an empty playground is created.`,
 	Run: func(cmd *cobra.Command, _ []string) {
-		repl := newPolicyPlaygroundREPL(cmd)
+		repl, err := newPolicyPlaygroundREPL(cmd)
+		commonCmd.ExitOnErr(cmd, "could not create policy playground: %w", err)
 		commonCmd.ExitOnErr(cmd, "policy playground failed: %w", repl.run())
 	},
 }
--- a/cmd/frostfs-cli/modules/control/evacuate_shard.go
+++ b/cmd/frostfs-cli/modules/control/evacuate_shard.go
@ -0,0 +1,56 @@
+package control
+
+import (
+	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
+	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
+	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
+	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/rpc/client"
+	"github.com/spf13/cobra"
+)
+
+const ignoreErrorsFlag = "no-errors"
+
+var evacuateShardCmd = &cobra.Command{
+	Use:        "evacuate",
+	Short:      "Evacuate objects from shard",
+	Long:       "Evacuate objects from shard to other shards",
+	Run:        evacuateShard,
+	Deprecated: "use frostfs-cli control shards evacuation start",
+}
+
+func evacuateShard(cmd *cobra.Command, _ []string) {
+	pk := key.Get(cmd)
+
+	req := &control.EvacuateShardRequest{Body: new(control.EvacuateShardRequest_Body)}
+	req.Body.Shard_ID = getShardIDList(cmd)
+	req.Body.IgnoreErrors, _ = cmd.Flags().GetBool(ignoreErrorsFlag)
+
+	signRequest(cmd, pk, req)
+
+	cli := getClient(cmd, pk)
+
+	var resp *control.EvacuateShardResponse
+	var err error
+	err = cli.ExecRaw(func(client *client.Client) error {
+		resp, err = control.EvacuateShard(client, req)
+		return err
+	})
+	commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
+
+	cmd.Printf("Objects moved: %d\n", resp.GetBody().GetCount())
+
+	verifyResponse(cmd, resp.GetSignature(), resp.GetBody())
+
+	cmd.Println("Shard has successfully been evacuated.")
+}
+
+func initControlEvacuateShardCmd() {
+	initControlFlags(evacuateShardCmd)
+
+	flags := evacuateShardCmd.Flags()
+	flags.StringSlice(shardIDFlag, nil, "List of shard IDs in base58 encoding")
+	flags.Bool(shardAllFlag, false, "Process all shards")
+	flags.Bool(ignoreErrorsFlag, false, "Skip invalid/unreadable objects")
+
+	evacuateShardCmd.MarkFlagsMutuallyExclusive(shardIDFlag, shardAllFlag)
+}
--- a/cmd/frostfs-cli/modules/control/evacuation.go
+++ b/cmd/frostfs-cli/modules/control/evacuation.go
@ -17,11 +17,10 @@ import (
 )

 const (
-	awaitFlag        = "await"
-	noProgressFlag   = "no-progress"
-	scopeFlag        = "scope"
-	repOneOnlyFlag   = "rep-one-only"
-	ignoreErrorsFlag = "no-errors"
+	awaitFlag      = "await"
+	noProgressFlag = "no-progress"
+	scopeFlag      = "scope"
+	repOneOnlyFlag = "rep-one-only"

 	containerWorkerCountFlag = "container-worker-count"
 	objectWorkerCountFlag    = "object-worker-count"
--- a/cmd/frostfs-cli/modules/control/set_netmap_status.go
+++ b/cmd/frostfs-cli/modules/control/set_netmap_status.go
@ -127,7 +127,7 @@ func awaitSetNetmapStatus(cmd *cobra.Command, pk *ecdsa.PrivateKey, cli *client.
 		var resp *control.GetNetmapStatusResponse
 		var err error
 		err = cli.ExecRaw(func(client *rawclient.Client) error {
-			resp, err = control.GetNetmapStatus(cmd.Context(), client, req)
+			resp, err = control.GetNetmapStatus(client, req)
 			return err
 		})
 		commonCmd.ExitOnErr(cmd, "failed to get current netmap status: %w", err)
--- a/cmd/frostfs-cli/modules/control/shards.go
+++ b/cmd/frostfs-cli/modules/control/shards.go
@ -13,6 +13,7 @@ var shardsCmd = &cobra.Command{
 func initControlShardsCmd() {
 	shardsCmd.AddCommand(listShardsCmd)
 	shardsCmd.AddCommand(setShardModeCmd)
+	shardsCmd.AddCommand(evacuateShardCmd)
 	shardsCmd.AddCommand(evacuationShardCmd)
 	shardsCmd.AddCommand(flushCacheCmd)
 	shardsCmd.AddCommand(doctorCmd)
@ -22,6 +23,7 @@ func initControlShardsCmd() {

 	initControlShardsListCmd()
 	initControlSetShardModeCmd()
+	initControlEvacuateShardCmd()
 	initControlEvacuationShardCmd()
 	initControlFlushCacheCmd()
 	initControlDoctorCmd()
--- a/cmd/frostfs-cli/modules/object/hash.go
+++ b/cmd/frostfs-cli/modules/object/hash.go
@ -9,6 +9,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/key"
 	commonCmd "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common"
+	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/checksum"
 	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
 	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/spf13/cobra"
@ -41,9 +42,7 @@ func initObjectHashCmd() {
 	flags.String(commonflags.OIDFlag, "", commonflags.OIDFlagUsage)
 	_ = objectHashCmd.MarkFlagRequired(commonflags.OIDFlag)

-	flags.StringSlice("range", nil, "Range to take hash from in the form offset1:length1,...")
-	_ = objectHashCmd.MarkFlagRequired("range")
-
+	flags.String("range", "", "Range to take hash from in the form offset1:length1,...")
 	flags.String("type", hashSha256, "Hash type. Either 'sha256' or 'tz'")
 	flags.String(getRangeHashSaltFlag, "", "Salt in hex format")
 }
@ -67,6 +66,36 @@ func getObjectHash(cmd *cobra.Command, _ []string) {
 	pk := key.GetOrGenerate(cmd)
 	cli := internalclient.GetSDKClientByFlag(cmd, pk, commonflags.RPC)

+	tz := typ == hashTz
+	fullHash := len(ranges) == 0
+	if fullHash {
+		var headPrm internalclient.HeadObjectPrm
+		headPrm.SetClient(cli)
+		Prepare(cmd, &headPrm)
+		headPrm.SetAddress(objAddr)
+
+		// get hash of full payload through HEAD (may be user can do it through dedicated command?)
+		res, err := internalclient.HeadObject(cmd.Context(), headPrm)
+		commonCmd.ExitOnErr(cmd, "rpc error: %w", err)
+
+		var cs checksum.Checksum
+		var csSet bool
+
+		if tz {
+			cs, csSet = res.Header().PayloadHomomorphicHash()
+		} else {
+			cs, csSet = res.Header().PayloadChecksum()
+		}
+
+		if csSet {
+			cmd.Println(hex.EncodeToString(cs.Value()))
+		} else {
+			cmd.Println("Missing checksum in object header.")
+		}
+
+		return
+	}
+
 	var hashPrm internalclient.HashPayloadRangesPrm
 	hashPrm.SetClient(cli)
 	Prepare(cmd, &hashPrm)
@ -75,7 +104,7 @@ func getObjectHash(cmd *cobra.Command, _ []string) {
 	hashPrm.SetSalt(salt)
 	hashPrm.SetRanges(ranges)

-	if typ == hashTz {
+	if tz {
 		hashPrm.TZ()
 	}

--- a/cmd/frostfs-cli/modules/object/nodes.go
+++ b/cmd/frostfs-cli/modules/object/nodes.go
@ -1,12 +1,15 @@
 package object

 import (
+	"bytes"
+	"cmp"
 	"context"
 	"crypto/ecdsa"
 	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"slices"
 	"sync"

 	internalclient "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/client"
@ -320,7 +323,7 @@ func getReplicaRequiredPlacement(cmd *cobra.Command, objects []phyObject, placem
 	}
 	placementBuilder := placement.NewNetworkMapBuilder(netmap)
 	for _, object := range objects {
-		placement, err := placementBuilder.BuildPlacement(cmd.Context(), object.containerID, &object.objectID, placementPolicy)
+		placement, err := placementBuilder.BuildPlacement(object.containerID, &object.objectID, placementPolicy)
 		commonCmd.ExitOnErr(cmd, "failed to get required placement for object: %w", err)
 		for repIdx, rep := range placement {
 			numOfReplicas := placementPolicy.ReplicaDescriptor(repIdx).NumberOfObjects()
@ -358,7 +361,7 @@ func getECRequiredPlacementInternal(cmd *cobra.Command, object phyObject, placem
 		placementObjectID = object.ecHeader.parent
 	}
 	placementBuilder := placement.NewNetworkMapBuilder(netmap)
-	placement, err := placementBuilder.BuildPlacement(cmd.Context(), object.containerID, &placementObjectID, placementPolicy)
+	placement, err := placementBuilder.BuildPlacement(object.containerID, &placementObjectID, placementPolicy)
 	commonCmd.ExitOnErr(cmd, "failed to get required placement: %w", err)

 	for _, vector := range placement {
@ -504,6 +507,7 @@ func isObjectStoredOnNode(ctx context.Context, cmd *cobra.Command, cnrID cid.ID,
 }

 func printPlacement(cmd *cobra.Command, objID oid.ID, objects []phyObject, result *objectNodesResult) {
+	normilizeObjectNodesResult(objects, result)
 	if json, _ := cmd.Flags().GetBool(commonflags.JSON); json {
 		printObjectNodesAsJSON(cmd, objID, objects, result)
 	} else {
@ -511,6 +515,34 @@ func printPlacement(cmd *cobra.Command, objID oid.ID, objects []phyObject, resul
 	}
 }

+func normilizeObjectNodesResult(objects []phyObject, result *objectNodesResult) {
+	slices.SortFunc(objects, func(lhs, rhs phyObject) int {
+		if lhs.ecHeader == nil && rhs.ecHeader == nil {
+			return bytes.Compare(lhs.objectID[:], rhs.objectID[:])
+		}
+		if lhs.ecHeader == nil {
+			return -1
+		}
+		if rhs.ecHeader == nil {
+			return 1
+		}
+		if lhs.ecHeader.parent == rhs.ecHeader.parent {
+			return cmp.Compare(lhs.ecHeader.index, rhs.ecHeader.index)
+		}
+		return bytes.Compare(lhs.ecHeader.parent[:], rhs.ecHeader.parent[:])
+	})
+	for _, obj := range objects {
+		op := result.placements[obj.objectID]
+		slices.SortFunc(op.confirmedNodes, func(lhs, rhs netmapSDK.NodeInfo) int {
+			return bytes.Compare(lhs.PublicKey(), rhs.PublicKey())
+		})
+		slices.SortFunc(op.requiredNodes, func(lhs, rhs netmapSDK.NodeInfo) int {
+			return bytes.Compare(lhs.PublicKey(), rhs.PublicKey())
+		})
+		result.placements[obj.objectID] = op
+	}
+}
+
 func printObjectNodesAsText(cmd *cobra.Command, objID oid.ID, objects []phyObject, result *objectNodesResult) {
 	fmt.Fprintf(cmd.OutOrStdout(), "Object %s stores payload in %d data objects:\n", objID.EncodeToString(), len(objects))

--- a/cmd/frostfs-cli/modules/object/patch.go
+++ b/cmd/frostfs-cli/modules/object/patch.go
@ -46,7 +46,7 @@ func initObjectPatchCmd() {
 	flags.String(commonflags.OIDFlag, "", commonflags.OIDFlagUsage)
 	_ = objectRangeCmd.MarkFlagRequired(commonflags.OIDFlag)

-	flags.StringSlice(newAttrsFlagName, nil, "New object attributes in form of Key1=Value1,Key2=Value2")
+	flags.String(newAttrsFlagName, "", "New object attributes in form of Key1=Value1,Key2=Value2")
 	flags.Bool(replaceAttrsFlagName, false, "Replace object attributes by new ones.")
 	flags.StringSlice(rangeFlagName, []string{}, "Range to which patch payload is applied. Format: offset:length")
 	flags.StringSlice(payloadFlagName, []string{}, "Path to file with patch payload.")
@ -99,9 +99,11 @@ func patch(cmd *cobra.Command, _ []string) {
 }

 func parseNewObjectAttrs(cmd *cobra.Command) ([]objectSDK.Attribute, error) {
-	rawAttrs, err := cmd.Flags().GetStringSlice(newAttrsFlagName)
-	if err != nil {
-		return nil, err
+	var rawAttrs []string
+
+	raw := cmd.Flag(newAttrsFlagName).Value.String()
+	if len(raw) != 0 {
+		rawAttrs = strings.Split(raw, ",")
 	}

 	attrs := make([]objectSDK.Attribute, len(rawAttrs), len(rawAttrs)+2) // name + timestamp attributes
--- a/cmd/frostfs-cli/modules/object/put.go
+++ b/cmd/frostfs-cli/modules/object/put.go
@ -50,7 +50,7 @@ func initObjectPutCmd() {

 	flags.String(commonflags.CIDFlag, "", commonflags.CIDFlagUsage)

-	flags.StringSlice("attributes", nil, "User attributes in form of Key1=Value1,Key2=Value2")
+	flags.String("attributes", "", "User attributes in form of Key1=Value1,Key2=Value2")
 	flags.Bool("disable-filename", false, "Do not set well-known filename attribute")
 	flags.Bool("disable-timestamp", false, "Do not set well-known timestamp attribute")
 	flags.Uint64VarP(&putExpiredOn, commonflags.ExpireAt, "e", 0, "The last active epoch in the life of the object")
@ -214,9 +214,11 @@ func getAllObjectAttributes(cmd *cobra.Command) []objectSDK.Attribute {
 }

 func parseObjectAttrs(cmd *cobra.Command) ([]objectSDK.Attribute, error) {
-	rawAttrs, err := cmd.Flags().GetStringSlice("attributes")
-	if err != nil {
-		return nil, err
+	var rawAttrs []string
+
+	raw := cmd.Flag("attributes").Value.String()
+	if len(raw) != 0 {
+		rawAttrs = strings.Split(raw, ",")
 	}

 	attrs := make([]objectSDK.Attribute, len(rawAttrs), len(rawAttrs)+2) // name + timestamp attributes
--- a/cmd/frostfs-cli/modules/object/range.go
+++ b/cmd/frostfs-cli/modules/object/range.go
@ -38,7 +38,7 @@ func initObjectRangeCmd() {
 	flags.String(commonflags.OIDFlag, "", commonflags.OIDFlagUsage)
 	_ = objectRangeCmd.MarkFlagRequired(commonflags.OIDFlag)

-	flags.StringSlice("range", nil, "Range to take data from in the form offset:length")
+	flags.String("range", "", "Range to take data from in the form offset:length")
 	flags.String(fileFlag, "", "File to write object payload to. Default: stdout.")
 	flags.Bool(rawFlag, false, rawFlagDesc)
 }
@ -195,10 +195,11 @@ func marshalECInfo(cmd *cobra.Command, info *objectSDK.ECInfo) ([]byte, error) {
 }

 func getRangeList(cmd *cobra.Command) ([]objectSDK.Range, error) {
-	vs, err := cmd.Flags().GetStringSlice("range")
-	if len(vs) == 0 || err != nil {
-		return nil, err
+	v := cmd.Flag("range").Value.String()
+	if len(v) == 0 {
+		return nil, nil
 	}
+	vs := strings.Split(v, ",")
 	rs := make([]objectSDK.Range, len(vs))
 	for i := range vs {
 		before, after, found := strings.Cut(vs[i], rangeSep)
--- a/cmd/frostfs-cli/modules/tree/client.go
+++ b/cmd/frostfs-cli/modules/tree/client.go
@ -9,6 +9,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-cli/internal/commonflags"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/tree"
+	metrics "git.frostfs.info/TrueCloudLab/frostfs-observability/metrics/grpc"
 	tracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@ -33,9 +34,11 @@ func _client() (tree.TreeServiceClient, error) {

 	opts := []grpc.DialOption{
 		grpc.WithChainUnaryInterceptor(
+			metrics.NewUnaryClientInterceptor(),
 			tracing.NewUnaryClientInteceptor(),
 		),
 		grpc.WithChainStreamInterceptor(
+			metrics.NewStreamClientInterceptor(),
 			tracing.NewStreamClientInterceptor(),
 		),
 		grpc.WithDefaultCallOptions(grpc.WaitForReady(true)),
--- a/cmd/frostfs-ir/httpcomponent.go
+++ b/cmd/frostfs-ir/httpcomponent.go
@ -77,7 +77,7 @@ func (c *httpComponent) reload(ctx context.Context) {
 		log.Info(ctx, c.name+" config updated")
 		if err := c.shutdown(ctx); err != nil {
 			log.Debug(ctx, logs.FrostFSIRCouldNotShutdownHTTPServer,
-				zap.Error(err),
+				zap.String("error", err.Error()),
 			)
 		} else {
 			c.init(ctx)
--- a/cmd/frostfs-ir/main.go
+++ b/cmd/frostfs-ir/main.go
@ -119,12 +119,12 @@ func shutdown(ctx context.Context) {
 	innerRing.Stop(ctx)
 	if err := metricsCmp.shutdown(ctx); err != nil {
 		log.Debug(ctx, logs.FrostFSIRCouldNotShutdownHTTPServer,
-			zap.Error(err),
+			zap.String("error", err.Error()),
 		)
 	}
 	if err := pprofCmp.shutdown(ctx); err != nil {
 		log.Debug(ctx, logs.FrostFSIRCouldNotShutdownHTTPServer,
-			zap.Error(err),
+			zap.String("error", err.Error()),
 		)
 	}

--- a/cmd/frostfs-ir/pprof.go
+++ b/cmd/frostfs-ir/pprof.go
@ -58,7 +58,7 @@ func (c *pprofComponent) reload(ctx context.Context) {
 		log.Info(ctx, c.name+" config updated")
 		if err := c.shutdown(ctx); err != nil {
 			log.Debug(ctx, logs.FrostFSIRCouldNotShutdownHTTPServer,
-				zap.Error(err))
+				zap.String("error", err.Error()))
 			return
 		}

--- a/cmd/frostfs-lens/internal/tui/buckets.go
+++ b/cmd/frostfs-lens/internal/tui/buckets.go
@ -124,7 +124,10 @@ func (v *BucketsView) loadNodeChildren(
 	path := parentBucket.Path
 	parser := parentBucket.NextParser

-	buffer := LoadBuckets(ctx, v.ui.db, path, v.ui.loadBufferSize)
+	buffer, err := LoadBuckets(ctx, v.ui.db, path, v.ui.loadBufferSize)
+	if err != nil {
+		return err
+	}

 	for item := range buffer {
 		if item.err != nil {
@ -132,7 +135,6 @@ func (v *BucketsView) loadNodeChildren(
 		}
 		bucket := item.val

-		var err error
 		bucket.Entry, bucket.NextParser, err = parser(bucket.Name, nil)
 		if err != nil {
 			return err
@ -178,7 +180,10 @@ func (v *BucketsView) bucketSatisfiesFilter(
 	defer cancel()

 	// Check the current bucket's nested buckets if exist
-	bucketsBuffer := LoadBuckets(ctx, v.ui.db, bucket.Path, v.ui.loadBufferSize)
+	bucketsBuffer, err := LoadBuckets(ctx, v.ui.db, bucket.Path, v.ui.loadBufferSize)
+	if err != nil {
+		return false, err
+	}

 	for item := range bucketsBuffer {
 		if item.err != nil {
@ -186,7 +191,6 @@ func (v *BucketsView) bucketSatisfiesFilter(
 		}
 		b := item.val

-		var err error
 		b.Entry, b.NextParser, err = bucket.NextParser(b.Name, nil)
 		if err != nil {
 			return false, err
@ -202,7 +206,10 @@ func (v *BucketsView) bucketSatisfiesFilter(
 	}

 	// Check the current bucket's nested records if exist
-	recordsBuffer := LoadRecords(ctx, v.ui.db, bucket.Path, v.ui.loadBufferSize)
+	recordsBuffer, err := LoadRecords(ctx, v.ui.db, bucket.Path, v.ui.loadBufferSize)
+	if err != nil {
+		return false, err
+	}

 	for item := range recordsBuffer {
 		if item.err != nil {
@ -210,7 +217,6 @@ func (v *BucketsView) bucketSatisfiesFilter(
 		}
 		r := item.val

-		var err error
 		r.Entry, _, err = bucket.NextParser(r.Key, r.Value)
 		if err != nil {
 			return false, err
--- a/cmd/frostfs-lens/internal/tui/db.go
+++ b/cmd/frostfs-lens/internal/tui/db.go
@ -35,7 +35,7 @@ func resolvePath(tx *bbolt.Tx, path [][]byte) (*bbolt.Bucket, error) {
 func load[T any](
 	ctx context.Context, db *bbolt.DB, path [][]byte, bufferSize int,
 	filter func(key, value []byte) bool, transform func(key, value []byte) T,
-) <-chan Item[T] {
+) (<-chan Item[T], error) {
 	buffer := make(chan Item[T], bufferSize)

 	go func() {
@ -77,13 +77,13 @@ func load[T any](
 		}
 	}()

-	return buffer
+	return buffer, nil
 }

 func LoadBuckets(
 	ctx context.Context, db *bbolt.DB, path [][]byte, bufferSize int,
-) <-chan Item[*Bucket] {
-	buffer := load(
+) (<-chan Item[*Bucket], error) {
+	buffer, err := load(
 		ctx, db, path, bufferSize,
 		func(_, value []byte) bool {
 			return value == nil
@ -98,14 +98,17 @@ func LoadBuckets(
 			}
 		},
 	)
+	if err != nil {
+		return nil, fmt.Errorf("can't start iterating bucket: %w", err)
+	}

-	return buffer
+	return buffer, nil
 }

 func LoadRecords(
 	ctx context.Context, db *bbolt.DB, path [][]byte, bufferSize int,
-) <-chan Item[*Record] {
-	buffer := load(
+) (<-chan Item[*Record], error) {
+	buffer, err := load(
 		ctx, db, path, bufferSize,
 		func(_, value []byte) bool {
 			return value != nil
@ -121,8 +124,11 @@ func LoadRecords(
 			}
 		},
 	)
+	if err != nil {
+		return nil, fmt.Errorf("can't start iterating bucket: %w", err)
+	}

-	return buffer
+	return buffer, nil
 }

 // HasBuckets checks if a bucket has nested buckets. It relies on assumption
@ -131,21 +137,24 @@ func HasBuckets(ctx context.Context, db *bbolt.DB, path [][]byte) (bool, error)
 	ctx, cancel := context.WithCancel(ctx)
 	defer cancel()

-	buffer := load(
+	buffer, err := load(
 		ctx, db, path, 1,
 		nil,
 		func(_, value []byte) []byte { return value },
 	)
+	if err != nil {
+		return false, err
+	}

 	x, ok := <-buffer
 	if !ok {
 		return false, nil
 	}
 	if x.err != nil {
-		return false, x.err
+		return false, err
 	}
 	if x.val != nil {
-		return false, nil
+		return false, err
 	}
 	return true, nil
 }
--- a/cmd/frostfs-lens/internal/tui/records.go
+++ b/cmd/frostfs-lens/internal/tui/records.go
@ -62,7 +62,10 @@ func (v *RecordsView) Mount(ctx context.Context) error {

 	ctx, v.onUnmount = context.WithCancel(ctx)

-	tempBuffer := LoadRecords(ctx, v.ui.db, v.bucket.Path, v.ui.loadBufferSize)
+	tempBuffer, err := LoadRecords(ctx, v.ui.db, v.bucket.Path, v.ui.loadBufferSize)
+	if err != nil {
+		return err
+	}

 	v.buffer = make(chan *Record, v.ui.loadBufferSize)
 	go func() {
@ -70,12 +73,11 @@ func (v *RecordsView) Mount(ctx context.Context) error {

 		for item := range tempBuffer {
 			if item.err != nil {
-				v.ui.stopOnError(item.err)
+				v.ui.stopOnError(err)
 				break
 			}
 			record := item.val

-			var err error
 			record.Entry, _, err = v.bucket.NextParser(record.Key, record.Value)
 			if err != nil {
 				v.ui.stopOnError(err)
--- a/cmd/frostfs-node/apemanager.go
+++ b/cmd/frostfs-node/apemanager.go
@ -19,7 +19,6 @@ func initAPEManagerService(c *cfg) {
 		c.cfgObject.cfgAccessPolicyEngine.policyContractHash)

 	execsvc := apemanager.New(c.cfgObject.cnrSource, contractStorage,
-		c.cfgMorph.client,
 		apemanager.WithLogger(c.log))
 	sigsvc := apemanager.NewSignService(&c.key.PrivateKey, execsvc)
 	auditSvc := apemanager.NewAuditService(sigsvc, c.log, c.audit)
--- a/cmd/frostfs-node/cache.go
+++ b/cmd/frostfs-node/cache.go
@ -1,7 +1,6 @@
 package main

 import (
-	"context"
 	"sync"
 	"time"

@ -17,7 +16,7 @@ import (
 	"github.com/hashicorp/golang-lru/v2/expirable"
 )

-type netValueReader[K any, V any] func(ctx context.Context, cid K) (V, error)
+type netValueReader[K any, V any] func(K) (V, error)

 type valueWithError[V any] struct {
 	v V
@ -50,7 +49,7 @@ func newNetworkTTLCache[K comparable, V any](sz int, ttl time.Duration, netRdr n
 // updates the value from the network on cache miss or by TTL.
 //
 // returned value should not be modified.
-func (c *ttlNetCache[K, V]) get(ctx context.Context, key K) (V, error) {
+func (c *ttlNetCache[K, V]) get(key K) (V, error) {
 	hit := false
 	startedAt := time.Now()
 	defer func() {
@ -72,7 +71,7 @@ func (c *ttlNetCache[K, V]) get(ctx context.Context, key K) (V, error) {
 		return val.v, val.e
 	}

-	v, err := c.netRdr(ctx, key)
+	v, err := c.netRdr(key)

 	c.cache.Add(key, &valueWithError[V]{
 		v: v,
@ -136,7 +135,7 @@ func newNetworkLRUCache(sz int, netRdr netValueReader[uint64, *netmapSDK.NetMap]
 // updates the value from the network on cache miss.
 //
 // returned value should not be modified.
-func (c *lruNetCache) get(ctx context.Context, key uint64) (*netmapSDK.NetMap, error) {
+func (c *lruNetCache) get(key uint64) (*netmapSDK.NetMap, error) {
 	hit := false
 	startedAt := time.Now()
 	defer func() {
@ -149,7 +148,7 @@ func (c *lruNetCache) get(ctx context.Context, key uint64) (*netmapSDK.NetMap, e
 		return val, nil
 	}

-	val, err := c.netRdr(ctx, key)
+	val, err := c.netRdr(key)
 	if err != nil {
 		return nil, err
 	}
@ -167,11 +166,11 @@ type ttlContainerStorage struct {
 }

 func newCachedContainerStorage(v container.Source, ttl time.Duration, containerCacheSize uint32) ttlContainerStorage {
-	lruCnrCache := newNetworkTTLCache(int(containerCacheSize), ttl, func(ctx context.Context, id cid.ID) (*container.Container, error) {
-		return v.Get(ctx, id)
+	lruCnrCache := newNetworkTTLCache(int(containerCacheSize), ttl, func(id cid.ID) (*container.Container, error) {
+		return v.Get(id)
 	}, metrics.NewCacheMetrics("container"))
-	lruDelInfoCache := newNetworkTTLCache(int(containerCacheSize), ttl, func(ctx context.Context, id cid.ID) (*container.DelInfo, error) {
-		return v.DeletionInfo(ctx, id)
+	lruDelInfoCache := newNetworkTTLCache(int(containerCacheSize), ttl, func(id cid.ID) (*container.DelInfo, error) {
+		return v.DeletionInfo(id)
 	}, metrics.NewCacheMetrics("container_deletion_info"))

 	return ttlContainerStorage{
@ -189,12 +188,12 @@ func (s ttlContainerStorage) handleRemoval(cnr cid.ID) {

 // Get returns container value from the cache. If value is missing in the cache
 // or expired, then it returns value from side chain and updates the cache.
-func (s ttlContainerStorage) Get(ctx context.Context, cnr cid.ID) (*container.Container, error) {
-	return s.containerCache.get(ctx, cnr)
+func (s ttlContainerStorage) Get(cnr cid.ID) (*container.Container, error) {
+	return s.containerCache.get(cnr)
 }

-func (s ttlContainerStorage) DeletionInfo(ctx context.Context, cnr cid.ID) (*container.DelInfo, error) {
-	return s.delInfoCache.get(ctx, cnr)
+func (s ttlContainerStorage) DeletionInfo(cnr cid.ID) (*container.DelInfo, error) {
+	return s.delInfoCache.get(cnr)
 }

 type lruNetmapSource struct {
@ -206,8 +205,8 @@ type lruNetmapSource struct {
 func newCachedNetmapStorage(s netmap.State, v netmap.Source) netmap.Source {
 	const netmapCacheSize = 10

-	lruNetmapCache := newNetworkLRUCache(netmapCacheSize, func(ctx context.Context, key uint64) (*netmapSDK.NetMap, error) {
-		return v.GetNetMapByEpoch(ctx, key)
+	lruNetmapCache := newNetworkLRUCache(netmapCacheSize, func(key uint64) (*netmapSDK.NetMap, error) {
+		return v.GetNetMapByEpoch(key)
 	}, metrics.NewCacheMetrics("netmap"))

 	return &lruNetmapSource{
@ -216,16 +215,16 @@ func newCachedNetmapStorage(s netmap.State, v netmap.Source) netmap.Source {
 	}
 }

-func (s *lruNetmapSource) GetNetMap(ctx context.Context, diff uint64) (*netmapSDK.NetMap, error) {
-	return s.getNetMapByEpoch(ctx, s.netState.CurrentEpoch()-diff)
+func (s *lruNetmapSource) GetNetMap(diff uint64) (*netmapSDK.NetMap, error) {
+	return s.getNetMapByEpoch(s.netState.CurrentEpoch() - diff)
 }

-func (s *lruNetmapSource) GetNetMapByEpoch(ctx context.Context, epoch uint64) (*netmapSDK.NetMap, error) {
-	return s.getNetMapByEpoch(ctx, epoch)
+func (s *lruNetmapSource) GetNetMapByEpoch(epoch uint64) (*netmapSDK.NetMap, error) {
+	return s.getNetMapByEpoch(epoch)
 }

-func (s *lruNetmapSource) getNetMapByEpoch(ctx context.Context, epoch uint64) (*netmapSDK.NetMap, error) {
-	val, err := s.cache.get(ctx, epoch)
+func (s *lruNetmapSource) getNetMapByEpoch(epoch uint64) (*netmapSDK.NetMap, error) {
+	val, err := s.cache.get(epoch)
 	if err != nil {
 		return nil, err
 	}
@ -233,7 +232,7 @@ func (s *lruNetmapSource) getNetMapByEpoch(ctx context.Context, epoch uint64) (*
 	return val, nil
 }

-func (s *lruNetmapSource) Epoch(_ context.Context) (uint64, error) {
+func (s *lruNetmapSource) Epoch() (uint64, error) {
 	return s.netState.CurrentEpoch(), nil
 }

@ -241,10 +240,7 @@ type cachedIRFetcher struct {
 	*ttlNetCache[struct{}, [][]byte]
 }

-func newCachedIRFetcher(f interface {
-	InnerRingKeys(ctx context.Context) ([][]byte, error)
-},
-) cachedIRFetcher {
+func newCachedIRFetcher(f interface{ InnerRingKeys() ([][]byte, error) }) cachedIRFetcher {
 	const (
 		irFetcherCacheSize = 1 // we intend to store only one value

@ -258,8 +254,8 @@ func newCachedIRFetcher(f interface {
 	)

 	irFetcherCache := newNetworkTTLCache(irFetcherCacheSize, irFetcherCacheTTL,
-		func(ctx context.Context, _ struct{}) ([][]byte, error) {
-			return f.InnerRingKeys(ctx)
+		func(_ struct{}) ([][]byte, error) {
+			return f.InnerRingKeys()
 		}, metrics.NewCacheMetrics("ir_keys"),
 	)

@ -269,8 +265,8 @@ func newCachedIRFetcher(f interface {
 // InnerRingKeys returns cached list of Inner Ring keys. If keys are missing in
 // the cache or expired, then it returns keys from side chain and updates
 // the cache.
-func (f cachedIRFetcher) InnerRingKeys(ctx context.Context) ([][]byte, error) {
-	val, err := f.get(ctx, struct{}{})
+func (f cachedIRFetcher) InnerRingKeys() ([][]byte, error) {
+	val, err := f.get(struct{}{})
 	if err != nil {
 		return nil, err
 	}
@ -293,7 +289,7 @@ func newCachedMaxObjectSizeSource(src objectwriter.MaxSizeSource) objectwriter.M
 	}
 }

-func (c *ttlMaxObjectSizeCache) MaxObjectSize(ctx context.Context) uint64 {
+func (c *ttlMaxObjectSizeCache) MaxObjectSize() uint64 {
 	const ttl = time.Second * 30

 	hit := false
@ -315,7 +311,7 @@ func (c *ttlMaxObjectSizeCache) MaxObjectSize(ctx context.Context) uint64 {
 	c.mtx.Lock()
 	size = c.lastSize
 	if !c.lastUpdated.After(prevUpdated) {
-		size = c.src.MaxObjectSize(ctx)
+		size = c.src.MaxObjectSize()
 		c.lastSize = size
 		c.lastUpdated = time.Now()
 	}
--- a/cmd/frostfs-node/cache_test.go
+++ b/cmd/frostfs-node/cache_test.go
@ -1,7 +1,6 @@
 package main

 import (
-	"context"
 	"errors"
 	"testing"
 	"time"
@ -18,7 +17,7 @@ func TestTTLNetCache(t *testing.T) {
 	t.Run("Test Add and Get", func(t *testing.T) {
 		ti := time.Now()
 		cache.set(key, ti, nil)
-		val, err := cache.get(context.Background(), key)
+		val, err := cache.get(key)
 		require.NoError(t, err)
 		require.Equal(t, ti, val)
 	})
@ -27,7 +26,7 @@ func TestTTLNetCache(t *testing.T) {
 		ti := time.Now()
 		cache.set(key, ti, nil)
 		time.Sleep(2 * ttlDuration)
-		val, err := cache.get(context.Background(), key)
+		val, err := cache.get(key)
 		require.NoError(t, err)
 		require.NotEqual(t, val, ti)
 	})
@ -36,20 +35,20 @@ func TestTTLNetCache(t *testing.T) {
 		ti := time.Now()
 		cache.set(key, ti, nil)
 		cache.remove(key)
-		val, err := cache.get(context.Background(), key)
+		val, err := cache.get(key)
 		require.NoError(t, err)
 		require.NotEqual(t, val, ti)
 	})

 	t.Run("Test Cache Error", func(t *testing.T) {
 		cache.set("error", time.Now(), errors.New("mock error"))
-		_, err := cache.get(context.Background(), "error")
+		_, err := cache.get("error")
 		require.Error(t, err)
 		require.Equal(t, "mock error", err.Error())
 	})
 }

-func testNetValueReader(_ context.Context, key string) (time.Time, error) {
+func testNetValueReader(key string) (time.Time, error) {
 	if key == "error" {
 		return time.Now(), errors.New("mock error")
 	}
--- a/cmd/frostfs-node/config.go
+++ b/cmd/frostfs-node/config.go
@ -493,7 +493,6 @@ type cfg struct {
 	cfgNetmap         cfgNetmap
 	cfgControlService cfgControlService
 	cfgObject         cfgObject
-	cfgQoSService     cfgQoSService
 }

 // ReadCurrentNetMap reads network map which has been cached at the
@ -592,6 +591,8 @@ type cfgMorph struct {

 	client *client.Client

+	notaryEnabled bool
+
 	// TTL of Sidechain cached values. Non-positive value disables caching.
 	cacheTTL time.Duration

@ -607,10 +608,9 @@ type cfgAccounting struct {
 type cfgContainer struct {
 	scriptHash neogoutil.Uint160

-	parsers            map[event.Type]event.NotificationParser
-	subscribers        map[event.Type][]event.Handler
-	workerPool         util.WorkerPool // pool for asynchronous handlers
-	containerBatchSize uint32
+	parsers     map[event.Type]event.NotificationParser
+	subscribers map[event.Type][]event.Handler
+	workerPool  util.WorkerPool // pool for asynchronous handlers
 }

 type cfgFrostfsID struct {
@ -699,7 +699,8 @@ func initCfg(appCfg *config.Config) *cfg {

 	netState.metrics = c.metricsCollector

-	logPrm := c.loggerPrm()
+	logPrm, err := c.loggerPrm()
+	fatalOnErr(err)
 	logPrm.SamplingHook = c.metricsCollector.LogMetrics().GetSamplingHook()
 	log, err := logger.NewLogger(logPrm)
 	fatalOnErr(err)
@ -853,8 +854,8 @@ func initFrostfsID(appCfg *config.Config) cfgFrostfsID {
 }

 func initCfgGRPC() cfgGRPC {
-	maxChunkSize := uint64(maxMsgSize) * 3 / 4  // 25% to meta, 75% to payload
-	maxAddrAmount := maxChunkSize / addressSize // each address is about 72 bytes
+	maxChunkSize := uint64(maxMsgSize) * 3 / 4          // 25% to meta, 75% to payload
+	maxAddrAmount := uint64(maxChunkSize) / addressSize // each address is about 72 bytes

 	return cfgGRPC{
 		maxChunkSize:  maxChunkSize,
@ -1059,7 +1060,7 @@ func (c *cfg) getShardOpts(ctx context.Context, shCfg shardCfg) shardOptsWithID
 	return sh
 }

-func (c *cfg) loggerPrm() *logger.Prm {
+func (c *cfg) loggerPrm() (*logger.Prm, error) {
 	// check if it has been inited before
 	if c.dynamicConfiguration.logger == nil {
 		c.dynamicConfiguration.logger = new(logger.Prm)
@ -1078,7 +1079,7 @@ func (c *cfg) loggerPrm() *logger.Prm {
 	}
 	c.dynamicConfiguration.logger.PrependTimestamp = c.LoggerCfg.timestamp

-	return c.dynamicConfiguration.logger
+	return c.dynamicConfiguration.logger, nil
 }

 func (c *cfg) LocalAddress() network.AddressGroup {
@ -1120,7 +1121,7 @@ func initLocalStorage(ctx context.Context, c *cfg) {
 		err := ls.Close(context.WithoutCancel(ctx))
 		if err != nil {
 			c.log.Info(ctx, logs.FrostFSNodeStorageEngineClosingFailure,
-				zap.Error(err),
+				zap.String("error", err.Error()),
 			)
 		} else {
 			c.log.Info(ctx, logs.FrostFSNodeAllComponentsOfTheStorageEngineClosedSuccessfully)
@ -1147,7 +1148,7 @@ func initAccessPolicyEngine(ctx context.Context, c *cfg) {
 		c.cfgObject.cfgAccessPolicyEngine.policyContractHash)

 	cacheSize := morphconfig.APEChainCacheSize(c.appCfg)
-	if cacheSize > 0 && c.cfgMorph.cacheTTL > 0 {
+	if cacheSize > 0 {
 		morphRuleStorage = newMorphCache(morphRuleStorage, int(cacheSize), c.cfgMorph.cacheTTL)
 	}

@ -1206,11 +1207,11 @@ func (c *cfg) setContractNodeInfo(ni *netmap.NodeInfo) {
 }

 func (c *cfg) updateContractNodeInfo(ctx context.Context, epoch uint64) {
-	ni, err := c.netmapLocalNodeState(ctx, epoch)
+	ni, err := c.netmapLocalNodeState(epoch)
 	if err != nil {
 		c.log.Error(ctx, logs.FrostFSNodeCouldNotUpdateNodeStateOnNewEpoch,
 			zap.Uint64("epoch", epoch),
-			zap.Error(err))
+			zap.String("error", err.Error()))
 		return
 	}

@ -1220,9 +1221,9 @@ func (c *cfg) updateContractNodeInfo(ctx context.Context, epoch uint64) {
 // bootstrapWithState calls "addPeer" method of the Sidechain Netmap contract
 // with the binary-encoded information from the current node's configuration.
 // The state is set using the provided setter which MUST NOT be nil.
-func (c *cfg) bootstrapWithState(ctx context.Context, state netmap.NodeState) error {
+func (c *cfg) bootstrapWithState(ctx context.Context, stateSetter func(*netmap.NodeInfo)) error {
 	ni := c.cfgNodeInfo.localInfo
-	ni.SetStatus(state)
+	stateSetter(&ni)

 	prm := nmClient.AddPeerPrm{}
 	prm.SetNodeInfo(ni)
@ -1232,7 +1233,9 @@ func (c *cfg) bootstrapWithState(ctx context.Context, state netmap.NodeState) er

 // bootstrapOnline calls cfg.bootstrapWithState with "online" state.
 func bootstrapOnline(ctx context.Context, c *cfg) error {
-	return c.bootstrapWithState(ctx, netmap.Online)
+	return c.bootstrapWithState(ctx, func(ni *netmap.NodeInfo) {
+		ni.SetStatus(netmap.Online)
+	})
 }

 // bootstrap calls bootstrapWithState with:
@ -1243,7 +1246,9 @@ func (c *cfg) bootstrap(ctx context.Context) error {
 	st := c.cfgNetmap.state.controlNetmapStatus()
 	if st == control.NetmapStatus_MAINTENANCE {
 		c.log.Info(ctx, logs.FrostFSNodeBootstrappingWithTheMaintenanceState)
-		return c.bootstrapWithState(ctx, netmap.Maintenance)
+		return c.bootstrapWithState(ctx, func(ni *netmap.NodeInfo) {
+			ni.SetStatus(netmap.Maintenance)
+		})
 	}

 	c.log.Info(ctx, logs.FrostFSNodeBootstrappingWithOnlineState,
@ -1334,7 +1339,11 @@ func (c *cfg) reloadConfig(ctx context.Context) {

 	// Logger

-	logPrm := c.loggerPrm()
+	logPrm, err := c.loggerPrm()
+	if err != nil {
+		c.log.Error(ctx, logs.FrostFSNodeLoggerConfigurationPreparation, zap.Error(err))
+		return
+	}

 	components := c.getComponents(ctx, logPrm)

@ -1457,7 +1466,7 @@ func (c *cfg) createTombstoneSource() *tombstone.ExpirationChecker {
 func (c *cfg) createContainerInfoProvider(ctx context.Context) container.InfoProvider {
 	return container.NewInfoProvider(func() (container.Source, error) {
 		c.initMorphComponents(ctx)
-		cc, err := containerClient.NewFromMorph(c.cfgMorph.client, c.cfgContainer.scriptHash, 0)
+		cc, err := containerClient.NewFromMorph(c.cfgMorph.client, c.cfgContainer.scriptHash, 0, containerClient.TryNotary())
 		if err != nil {
 			return nil, err
 		}
--- a/cmd/frostfs-node/config/calls.go
+++ b/cmd/frostfs-node/config/calls.go
@ -1,7 +1,6 @@
 package config

 import (
-	"slices"
 	"strings"

 	configViper "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/internal/common/config"
@ -53,5 +52,6 @@ func (x *Config) Value(name string) any {
 // It supports only one level of nesting and is intended to be used
 // to provide default values.
 func (x *Config) SetDefault(from *Config) {
-	x.defaultPath = slices.Clone(from.path)
+	x.defaultPath = make([]string, len(from.path))
+	copy(x.defaultPath, from.path)
 }
--- a/cmd/frostfs-node/config/container/container.go
+++ b/cmd/frostfs-node/config/container/container.go
@ -1,27 +0,0 @@
-package containerconfig
-
-import "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
-
-const (
-	subsection           = "container"
-	listStreamSubsection = "list_stream"
-
-	// ContainerBatchSizeDefault represents the maximum amount of containers to send via stream at once.
-	ContainerBatchSizeDefault = 1000
-)
-
-// ContainerBatchSize returns the value of "batch_size" config parameter
-// from "list_stream" subsection of "container" section.
-//
-// Returns ContainerBatchSizeDefault if the value is missing or if
-// the value is not positive integer.
-func ContainerBatchSize(c *config.Config) uint32 {
-	if c.Sub(subsection).Sub(listStreamSubsection).Value("batch_size") == nil {
-		return ContainerBatchSizeDefault
-	}
-	size := config.Uint32Safe(c.Sub(subsection).Sub(listStreamSubsection), "batch_size")
-	if size == 0 {
-		return ContainerBatchSizeDefault
-	}
-	return size
-}
--- a/cmd/frostfs-node/config/container/container_test.go
+++ b/cmd/frostfs-node/config/container/container_test.go
@ -1,27 +0,0 @@
-package containerconfig_test
-
-import (
-	"testing"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
-	containerconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/container"
-	configtest "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/test"
-	"github.com/stretchr/testify/require"
-)
-
-func TestContainerSection(t *testing.T) {
-	t.Run("defaults", func(t *testing.T) {
-		empty := configtest.EmptyConfig()
-		require.Equal(t, uint32(containerconfig.ContainerBatchSizeDefault), containerconfig.ContainerBatchSize(empty))
-	})
-
-	const path = "../../../../config/example/node"
-	fileConfigTest := func(c *config.Config) {
-		require.Equal(t, uint32(500), containerconfig.ContainerBatchSize(c))
-	}
-
-	configtest.ForEachFileType(path, fileConfigTest)
-	t.Run("ENV", func(t *testing.T) {
-		configtest.ForEnvFileType(t, path, fileConfigTest)
-	})
-}
--- a/cmd/frostfs-node/config/engine/config.go
+++ b/cmd/frostfs-node/config/engine/config.go
@ -41,10 +41,6 @@ func IterateShards(c *config.Config, required bool, f func(*shardconfig.Config)
 			c.Sub(si),
 		)

-		if sc.Mode() == mode.Disabled {
-			continue
-		}
-
 		// Path for the blobstor can't be present in the default section, because different shards
 		// must have different paths, so if it is missing, the shard is not here.
 		// At the same time checking for "blobstor" section doesn't work proper
@ -54,6 +50,10 @@ func IterateShards(c *config.Config, required bool, f func(*shardconfig.Config)
 		}
 		(*config.Config)(sc).SetDefault(def)

+		if sc.Mode() == mode.Disabled {
+			continue
+		}
+
 		if err := f(sc); err != nil {
 			return err
 		}
--- a/cmd/frostfs-node/config/engine/config_test.go
+++ b/cmd/frostfs-node/config/engine/config_test.go
@ -18,22 +18,6 @@ import (
 	"github.com/stretchr/testify/require"
 )

-func TestIterateShards(t *testing.T) {
-	fileConfigTest := func(c *config.Config) {
-		var res []string
-		require.NoError(t,
-			engineconfig.IterateShards(c, false, func(sc *shardconfig.Config) error {
-				res = append(res, sc.Metabase().Path())
-				return nil
-			}))
-		require.Equal(t, []string{"abc", "xyz"}, res)
-	}
-
-	const cfgDir = "./testdata/shards"
-	configtest.ForEachFileType(cfgDir, fileConfigTest)
-	configtest.ForEnvFileType(t, cfgDir, fileConfigTest)
-}
-
 func TestEngineSection(t *testing.T) {
 	t.Run("defaults", func(t *testing.T) {
 		empty := configtest.EmptyConfig()
--- a/cmd/frostfs-node/config/engine/testdata/shards.env
+++ b/cmd/frostfs-node/config/engine/testdata/shards.env
@ -1,3 +0,0 @@
-FROSTFS_STORAGE_SHARD_0_METABASE_PATH=abc
-FROSTFS_STORAGE_SHARD_1_MODE=disabled
-FROSTFS_STORAGE_SHARD_2_METABASE_PATH=xyz
--- a/cmd/frostfs-node/config/engine/testdata/shards.json
+++ b/cmd/frostfs-node/config/engine/testdata/shards.json
@ -1,13 +0,0 @@
-{
-  "storage.shard": {
-    "0": {
-      "metabase.path": "abc"
-    },
-    "1": {
-      "mode": "disabled"
-    },
-    "2": {
-      "metabase.path": "xyz"
-    }
-  }
-}
--- a/cmd/frostfs-node/config/engine/testdata/shards.yaml
+++ b/cmd/frostfs-node/config/engine/testdata/shards.yaml
@ -1,7 +0,0 @@
-storage.shard:
-  0:
-    metabase.path: abc
-  1:
-    mode: disabled
-  2:
-    metabase.path: xyz
--- a/cmd/frostfs-node/config/node/config.go
+++ b/cmd/frostfs-node/config/node/config.go
@ -198,7 +198,7 @@ func (l PersistentPolicyRulesConfig) Path() string {
 //
 // Returns PermDefault if the value is not a positive number.
 func (l PersistentPolicyRulesConfig) Perm() fs.FileMode {
-	p := config.UintSafe(l.cfg, "perm")
+	p := config.UintSafe((*config.Config)(l.cfg), "perm")
 	if p == 0 {
 		p = PermDefault
 	}
@ -210,7 +210,7 @@ func (l PersistentPolicyRulesConfig) Perm() fs.FileMode {
 //
 // Returns false if the value is not a boolean.
 func (l PersistentPolicyRulesConfig) NoSync() bool {
-	return config.BoolSafe(l.cfg, "no_sync")
+	return config.BoolSafe((*config.Config)(l.cfg), "no_sync")
 }

 // CompatibilityMode returns true if need to run node in compatibility with previous versions mode.
--- a/cmd/frostfs-node/config/qos/config.go
+++ b/cmd/frostfs-node/config/qos/config.go
@ -1,46 +0,0 @@
-package qos
-
-import (
-	"fmt"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
-	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
-)
-
-const (
-	subsection         = "qos"
-	criticalSubSection = "critical"
-	internalSubSection = "internal"
-)
-
-// CriticalAuthorizedKeys parses and returns an array of "critical.authorized_keys" config
-// parameter from "qos" section.
-//
-// Returns an empty list if not set.
-func CriticalAuthorizedKeys(c *config.Config) keys.PublicKeys {
-	return authorizedKeys(c, criticalSubSection)
-}
-
-// InternalAuthorizedKeys parses and returns an array of "internal.authorized_keys" config
-// parameter from "qos" section.
-//
-// Returns an empty list if not set.
-func InternalAuthorizedKeys(c *config.Config) keys.PublicKeys {
-	return authorizedKeys(c, internalSubSection)
-}
-
-func authorizedKeys(c *config.Config, sub string) keys.PublicKeys {
-	strKeys := config.StringSliceSafe(c.Sub(subsection).Sub(sub), "authorized_keys")
-	pubs := make(keys.PublicKeys, 0, len(strKeys))
-
-	for i := range strKeys {
-		pub, err := keys.NewPublicKeyFromString(strKeys[i])
-		if err != nil {
-			panic(fmt.Errorf("invalid authorized key %s for qos.%s: %w", strKeys[i], sub, err))
-		}
-
-		pubs = append(pubs, pub)
-	}
-
-	return pubs
-}
--- a/cmd/frostfs-node/config/qos/config_test.go
+++ b/cmd/frostfs-node/config/qos/config_test.go
@ -1,40 +0,0 @@
-package qos
-
-import (
-	"testing"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
-	configtest "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/test"
-	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
-	"github.com/stretchr/testify/require"
-)
-
-func TestQoSSection(t *testing.T) {
-	t.Run("defaults", func(t *testing.T) {
-		empty := configtest.EmptyConfig()
-
-		require.Empty(t, CriticalAuthorizedKeys(empty))
-		require.Empty(t, InternalAuthorizedKeys(empty))
-	})
-
-	const path = "../../../../config/example/node"
-
-	criticalPubs := make(keys.PublicKeys, 2)
-	criticalPubs[0], _ = keys.NewPublicKeyFromString("035839e45d472a3b7769a2a1bd7d54c4ccd4943c3b40f547870e83a8fcbfb3ce11")
-	criticalPubs[1], _ = keys.NewPublicKeyFromString("028f42cfcb74499d7b15b35d9bff260a1c8d27de4f446a627406a382d8961486d6")
-
-	internalPubs := make(keys.PublicKeys, 2)
-	internalPubs[0], _ = keys.NewPublicKeyFromString("02b3622bf4017bdfe317c58aed5f4c753f206b7db896046fa7d774bbc4bf7f8dc2")
-	internalPubs[1], _ = keys.NewPublicKeyFromString("031a6c6fbbdf02ca351745fa86b9ba5a9452d785ac4f7fc2b7548ca2a46c4fcf4a")
-
-	fileConfigTest := func(c *config.Config) {
-		require.Equal(t, criticalPubs, CriticalAuthorizedKeys(c))
-		require.Equal(t, internalPubs, InternalAuthorizedKeys(c))
-	}
-
-	configtest.ForEachFileType(path, fileConfigTest)
-
-	t.Run("ENV", func(t *testing.T) {
-		configtest.ForEnvFileType(t, path, fileConfigTest)
-	})
-}
--- a/cmd/frostfs-node/container.go
+++ b/cmd/frostfs-node/container.go
@ -5,7 +5,6 @@ import (
 	"context"
 	"net"

-	containerconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/container"
 	morphconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/morph"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/logs"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/metrics"
@ -29,7 +28,7 @@ import (
 func initContainerService(_ context.Context, c *cfg) {
 	// container wrapper that tries to invoke notary
 	// requests if chain is configured so
-	wrap, err := cntClient.NewFromMorph(c.cfgMorph.client, c.cfgContainer.scriptHash, 0)
+	wrap, err := cntClient.NewFromMorph(c.cfgMorph.client, c.cfgContainer.scriptHash, 0, cntClient.TryNotary())
 	fatalOnErr(err)

 	c.shared.cnrClient = wrap
@ -43,12 +42,11 @@ func initContainerService(_ context.Context, c *cfg) {
 	fatalOnErr(err)

 	cacheSize := morphconfig.FrostfsIDCacheSize(c.appCfg)
-	if cacheSize > 0 && c.cfgMorph.cacheTTL > 0 {
+	if cacheSize > 0 {
 		frostfsIDSubjectProvider = newMorphFrostfsIDCache(frostfsIDSubjectProvider, int(cacheSize), c.cfgMorph.cacheTTL, metrics.NewCacheMetrics("frostfs_id"))
 	}

 	c.shared.frostfsidClient = frostfsIDSubjectProvider
-	c.cfgContainer.containerBatchSize = containerconfig.ContainerBatchSize(c.appCfg)

 	defaultChainRouter := engine.NewDefaultChainRouterWithLocalOverrides(
 		c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine.MorphRuleChainStorage(),
@ -58,9 +56,7 @@ func initContainerService(_ context.Context, c *cfg) {
 		&c.key.PrivateKey,
 		containerService.NewAPEServer(defaultChainRouter, cnrRdr,
 			newCachedIRFetcher(createInnerRingFetcher(c)), c.netMapSource, c.shared.frostfsidClient,
-			containerService.NewSplitterService(
-				c.cfgContainer.containerBatchSize, c.respSvc,
-				containerService.NewExecutionService(containerMorph.NewExecutor(cnrRdr, cnrWrt), c.respSvc)),
+			containerService.NewExecutionService(containerMorph.NewExecutor(cnrRdr, cnrWrt), c.respSvc),
 		),
 	)
 	service = containerService.NewAuditService(service, c.log, c.audit)
@ -100,7 +96,7 @@ func configureEACLAndContainerSources(c *cfg, client *cntClient.Client, cnrSrc c
 				// TODO: use owner directly from the event after neofs-contract#256 will become resolved
 				//  but don't forget about the profit of reading the new container and caching it:
 				//  creation success are most commonly tracked by polling GET op.
-				cnr, err := cnrSrc.Get(ctx, ev.ID)
+				cnr, err := cnrSrc.Get(ev.ID)
 				if err == nil {
 					containerCache.containerCache.set(ev.ID, cnr, nil)
 				} else {
@ -221,25 +217,20 @@ type morphContainerReader struct {
 	src containerCore.Source

 	lister interface {
-		ContainersOf(context.Context, *user.ID) ([]cid.ID, error)
-		IterateContainersOf(context.Context, *user.ID, func(cid.ID) error) error
+		ContainersOf(*user.ID) ([]cid.ID, error)
 	}
 }

-func (x *morphContainerReader) Get(ctx context.Context, id cid.ID) (*containerCore.Container, error) {
-	return x.src.Get(ctx, id)
+func (x *morphContainerReader) Get(id cid.ID) (*containerCore.Container, error) {
+	return x.src.Get(id)
 }

-func (x *morphContainerReader) DeletionInfo(ctx context.Context, id cid.ID) (*containerCore.DelInfo, error) {
-	return x.src.DeletionInfo(ctx, id)
+func (x *morphContainerReader) DeletionInfo(id cid.ID) (*containerCore.DelInfo, error) {
+	return x.src.DeletionInfo(id)
 }

-func (x *morphContainerReader) ContainersOf(ctx context.Context, id *user.ID) ([]cid.ID, error) {
-	return x.lister.ContainersOf(ctx, id)
-}
-
-func (x *morphContainerReader) IterateContainersOf(ctx context.Context, id *user.ID, processCID func(cid.ID) error) error {
-	return x.lister.IterateContainersOf(ctx, id, processCID)
+func (x *morphContainerReader) ContainersOf(id *user.ID) ([]cid.ID, error) {
+	return x.lister.ContainersOf(id)
 }

 type morphContainerWriter struct {
--- a/cmd/frostfs-node/control.go
+++ b/cmd/frostfs-node/control.go
@ -7,12 +7,9 @@ import (

 	controlconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/control"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/logs"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/qos"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
 	controlSvc "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/server"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/sdnotify"
-	metrics "git.frostfs.info/TrueCloudLab/frostfs-observability/metrics/grpc"
-	tracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
 )
@ -53,14 +50,7 @@ func initControlService(ctx context.Context, c *cfg) {
 		return
 	}

-	c.cfgControlService.server = grpc.NewServer(
-		grpc.ChainUnaryInterceptor(
-			qos.NewSetCriticalIOTagUnaryServerInterceptor(),
-			metrics.NewUnaryServerInterceptor(),
-			tracing.NewUnaryServerInterceptor(),
-		),
-		// control service has no stream methods, so no stream interceptors added
-	)
+	c.cfgControlService.server = grpc.NewServer()

 	c.onShutdown(func() {
 		stopGRPC(ctx, "FrostFS Control API", c.cfgControlService.server, c.log)
--- a/cmd/frostfs-node/frostfsid.go
+++ b/cmd/frostfs-node/frostfsid.go
@ -1,7 +1,6 @@
 package main

 import (
-	"context"
 	"strings"
 	"time"

@ -43,7 +42,7 @@ func newMorphFrostfsIDCache(subjProvider frostfsidcore.SubjectProvider, size int
 	}
 }

-func (m *morphFrostfsIDCache) GetSubject(ctx context.Context, addr util.Uint160) (*client.Subject, error) {
+func (m *morphFrostfsIDCache) GetSubject(addr util.Uint160) (*client.Subject, error) {
 	hit := false
 	startedAt := time.Now()
 	defer func() {
@ -56,7 +55,7 @@ func (m *morphFrostfsIDCache) GetSubject(ctx context.Context, addr util.Uint160)
 		return result.subject, result.err
 	}

-	subj, err := m.subjProvider.GetSubject(ctx, addr)
+	subj, err := m.subjProvider.GetSubject(addr)
 	if err != nil {
 		if m.isCacheableError(err) {
 			m.subjCache.Add(addr, subjectWithError{
@ -70,7 +69,7 @@ func (m *morphFrostfsIDCache) GetSubject(ctx context.Context, addr util.Uint160)
 	return subj, nil
 }

-func (m *morphFrostfsIDCache) GetSubjectExtended(ctx context.Context, addr util.Uint160) (*client.SubjectExtended, error) {
+func (m *morphFrostfsIDCache) GetSubjectExtended(addr util.Uint160) (*client.SubjectExtended, error) {
 	hit := false
 	startedAt := time.Now()
 	defer func() {
@ -83,7 +82,7 @@ func (m *morphFrostfsIDCache) GetSubjectExtended(ctx context.Context, addr util.
 		return result.subject, result.err
 	}

-	subjExt, err := m.subjProvider.GetSubjectExtended(ctx, addr)
+	subjExt, err := m.subjProvider.GetSubjectExtended(addr)
 	if err != nil {
 		if m.isCacheableError(err) {
 			m.subjExtCache.Add(addr, subjectExtWithError{
--- a/cmd/frostfs-node/grpc.go
+++ b/cmd/frostfs-node/grpc.go
@ -12,7 +12,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
 	metrics "git.frostfs.info/TrueCloudLab/frostfs-observability/metrics/grpc"
 	tracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
-	qos "git.frostfs.info/TrueCloudLab/frostfs-qos/tagging"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
@ -131,12 +130,10 @@ func getGrpcServerOpts(ctx context.Context, c *cfg, sc *grpcconfig.Config) ([]gr
 	serverOpts := []grpc.ServerOption{
 		grpc.MaxRecvMsgSize(maxRecvMsgSize),
 		grpc.ChainUnaryInterceptor(
-			qos.NewUnaryServerInterceptor(),
 			metrics.NewUnaryServerInterceptor(),
 			tracing.NewUnaryServerInterceptor(),
 		),
 		grpc.ChainStreamInterceptor(
-			qos.NewStreamServerInterceptor(),
 			metrics.NewStreamServerInterceptor(),
 			tracing.NewStreamServerInterceptor(),
 		),
--- a/cmd/frostfs-node/main.go
+++ b/cmd/frostfs-node/main.go
@ -101,7 +101,6 @@ func initApp(ctx context.Context, c *cfg) {

 	initAndLog(ctx, c, "gRPC", func(c *cfg) { initGRPC(ctx, c) })
 	initAndLog(ctx, c, "netmap", func(c *cfg) { initNetmapService(ctx, c) })
-	initAndLog(ctx, c, "qos", func(c *cfg) { initQoSService(c) })

 	initAccessPolicyEngine(ctx, c)
 	initAndLog(ctx, c, "access policy engine", func(c *cfg) {
@ -135,7 +134,7 @@ func stopAndLog(ctx context.Context, c *cfg, name string, stopper func(context.C
 	err := stopper(ctx)
 	if err != nil {
 		c.log.Debug(ctx, fmt.Sprintf("could not shutdown %s server", name),
-			zap.Error(err),
+			zap.String("error", err.Error()),
 		)
 	}

--- a/cmd/frostfs-node/morph.go
+++ b/cmd/frostfs-node/morph.go
@ -35,16 +35,20 @@ func (c *cfg) initMorphComponents(ctx context.Context) {

 	lookupScriptHashesInNNS(c) // smart contract auto negotiation

-	err := c.cfgMorph.client.EnableNotarySupport(
-		client.WithProxyContract(
-			c.cfgMorph.proxyScriptHash,
-		),
+	if c.cfgMorph.notaryEnabled {
+		err := c.cfgMorph.client.EnableNotarySupport(
+			client.WithProxyContract(
+				c.cfgMorph.proxyScriptHash,
+			),
+		)
+		fatalOnErr(err)
+	}
+
+	c.log.Info(ctx, logs.FrostFSNodeNotarySupport,
+		zap.Bool("sidechain_enabled", c.cfgMorph.notaryEnabled),
 	)
-	fatalOnErr(err)

-	c.log.Info(ctx, logs.FrostFSNodeNotarySupport)
-
-	wrap, err := nmClient.NewFromMorph(c.cfgMorph.client, c.cfgNetmap.scriptHash, 0)
+	wrap, err := nmClient.NewFromMorph(c.cfgMorph.client, c.cfgNetmap.scriptHash, 0, nmClient.TryNotary())
 	fatalOnErr(err)

 	var netmapSource netmap.Source
@ -96,7 +100,7 @@ func initMorphClient(ctx context.Context, c *cfg) {
 	if err != nil {
 		c.log.Info(ctx, logs.FrostFSNodeFailedToCreateNeoRPCClient,
 			zap.Any("endpoints", addresses),
-			zap.Error(err),
+			zap.String("error", err.Error()),
 		)

 		fatalOnErr(err)
@ -112,9 +116,15 @@ func initMorphClient(ctx context.Context, c *cfg) {
 	}

 	c.cfgMorph.client = cli
+	c.cfgMorph.notaryEnabled = cli.ProbeNotary()
 }

 func makeAndWaitNotaryDeposit(ctx context.Context, c *cfg) {
+	// skip notary deposit in non-notary environments
+	if !c.cfgMorph.notaryEnabled {
+		return
+	}
+
 	tx, vub, err := makeNotaryDeposit(ctx, c)
 	fatalOnErr(err)

@ -151,7 +161,7 @@ func makeNotaryDeposit(ctx context.Context, c *cfg) (util.Uint256, uint32, error
 }

 func waitNotaryDeposit(ctx context.Context, c *cfg, tx util.Uint256, vub uint32) error {
-	if err := c.cfgMorph.client.WaitTxHalt(ctx, vub, tx); err != nil {
+	if err := c.cfgMorph.client.WaitTxHalt(ctx, client.InvokeRes{Hash: tx, VUB: vub}); err != nil {
 		return err
 	}

@ -168,7 +178,7 @@ func listenMorphNotifications(ctx context.Context, c *cfg) {
 	fromSideChainBlock, err := c.persistate.UInt32(persistateSideChainLastBlockKey)
 	if err != nil {
 		fromSideChainBlock = 0
-		c.log.Warn(ctx, logs.FrostFSNodeCantGetLastProcessedSideChainBlockNumber, zap.Error(err))
+		c.log.Warn(ctx, logs.FrostFSNodeCantGetLastProcessedSideChainBlockNumber, zap.String("error", err.Error()))
 	}

 	subs, err = subscriber.New(ctx, &subscriber.Params{
@ -223,17 +233,27 @@ func registerNotificationHandlers(scHash util.Uint160, lis event.Listener, parse
 	subs map[event.Type][]event.Handler,
 ) {
 	for typ, handlers := range subs {
+		pi := event.NotificationParserInfo{}
+		pi.SetType(typ)
+		pi.SetScriptHash(scHash)
+
 		p, ok := parsers[typ]
 		if !ok {
 			panic(fmt.Sprintf("missing parser for event %s", typ))
 		}

-		lis.RegisterNotificationHandler(event.NotificationHandlerInfo{
-			Contract: scHash,
-			Type:     typ,
-			Parser:   p,
-			Handlers: handlers,
-		})
+		pi.SetParser(p)
+
+		lis.SetNotificationParser(pi)
+
+		for _, h := range handlers {
+			hi := event.NotificationHandlerInfo{}
+			hi.SetType(typ)
+			hi.SetScriptHash(scHash)
+			hi.SetHandler(h)
+
+			lis.RegisterNotificationHandler(hi)
+		}
 	}
 }

@ -262,6 +282,10 @@ func lookupScriptHashesInNNS(c *cfg) {
 	)

 	for _, t := range targets {
+		if t.nnsName == client.NNSProxyContractName && !c.cfgMorph.notaryEnabled {
+			continue // ignore proxy contract if notary disabled
+		}
+
 		if emptyHash.Equals(*t.h) {
 			*t.h, err = c.cfgMorph.client.NNSContractAddress(t.nnsName)
 			fatalOnErrDetails(fmt.Sprintf("can't resolve %s in NNS", t.nnsName), err)
--- a/cmd/frostfs-node/netmap.go
+++ b/cmd/frostfs-node/netmap.go
@ -86,7 +86,7 @@ func (s *networkState) setNodeInfo(ni *netmapSDK.NodeInfo) {
 		}
 	}

-	s.setControlNetmapStatus(ctrlNetSt)
+	s.setControlNetmapStatus(control.NetmapStatus(ctrlNetSt))
 }

 // sets the current node state to the given value. Subsequent cfg.bootstrap
@ -193,14 +193,16 @@ func addNewEpochNotificationHandlers(c *cfg) {
 		}
 	})

-	addNewEpochAsyncNotificationHandler(c, func(ctx context.Context, _ event.Event) {
-		_, _, err := makeNotaryDeposit(ctx, c)
-		if err != nil {
-			c.log.Error(ctx, logs.FrostFSNodeCouldNotMakeNotaryDeposit,
-				zap.Error(err),
-			)
-		}
-	})
+	if c.cfgMorph.notaryEnabled {
+		addNewEpochAsyncNotificationHandler(c, func(ctx context.Context, _ event.Event) {
+			_, _, err := makeNotaryDeposit(ctx, c)
+			if err != nil {
+				c.log.Error(ctx, logs.FrostFSNodeCouldNotMakeNotaryDeposit,
+					zap.String("error", err.Error()),
+				)
+			}
+		})
+	}
 }

 // bootstrapNode adds current node to the Network map.
@ -239,7 +241,7 @@ func setNetmapNotificationParser(c *cfg, sTyp string, p event.NotificationParser
 // initNetmapState inits current Network map state.
 // Must be called after Morph components initialization.
 func initNetmapState(ctx context.Context, c *cfg) {
-	epoch, err := c.cfgNetmap.wrapper.Epoch(ctx)
+	epoch, err := c.cfgNetmap.wrapper.Epoch()
 	fatalOnErrDetails("could not initialize current epoch number", err)

 	var ni *netmapSDK.NodeInfo
@ -278,7 +280,7 @@ func nodeState(ni *netmapSDK.NodeInfo) string {
 }

 func (c *cfg) netmapInitLocalNodeState(ctx context.Context, epoch uint64) (*netmapSDK.NodeInfo, error) {
-	nmNodes, err := c.cfgNetmap.wrapper.GetCandidates(ctx)
+	nmNodes, err := c.cfgNetmap.wrapper.GetCandidates()
 	if err != nil {
 		return nil, err
 	}
@ -291,7 +293,7 @@ func (c *cfg) netmapInitLocalNodeState(ctx context.Context, epoch uint64) (*netm
 		}
 	}

-	node, err := c.netmapLocalNodeState(ctx, epoch)
+	node, err := c.netmapLocalNodeState(epoch)
 	if err != nil {
 		return nil, err
 	}
@ -312,9 +314,9 @@ func (c *cfg) netmapInitLocalNodeState(ctx context.Context, epoch uint64) (*netm
 	return candidate, nil
 }

-func (c *cfg) netmapLocalNodeState(ctx context.Context, epoch uint64) (*netmapSDK.NodeInfo, error) {
+func (c *cfg) netmapLocalNodeState(epoch uint64) (*netmapSDK.NodeInfo, error) {
 	// calculate current network state
-	nm, err := c.cfgNetmap.wrapper.GetNetMapByEpoch(ctx, epoch)
+	nm, err := c.cfgNetmap.wrapper.GetNetMapByEpoch(epoch)
 	if err != nil {
 		return nil, err
 	}
@ -376,8 +378,8 @@ func (c *cfg) SetNetmapStatus(ctx context.Context, st control.NetmapStatus) erro
 	return c.updateNetMapState(ctx, func(*nmClient.UpdatePeerPrm) {})
 }

-func (c *cfg) GetNetmapStatus(ctx context.Context) (control.NetmapStatus, uint64, error) {
-	epoch, err := c.netMapSource.Epoch(ctx)
+func (c *cfg) GetNetmapStatus() (control.NetmapStatus, uint64, error) {
+	epoch, err := c.netMapSource.Epoch()
 	if err != nil {
 		return control.NetmapStatus_STATUS_UNDEFINED, 0, fmt.Errorf("failed to get current epoch: %w", err)
 	}
@ -390,7 +392,7 @@ func (c *cfg) ForceMaintenance(ctx context.Context) error {
 }

 func (c *cfg) setMaintenanceStatus(ctx context.Context, force bool) error {
-	netSettings, err := c.cfgNetmap.wrapper.ReadNetworkConfiguration(ctx)
+	netSettings, err := c.cfgNetmap.wrapper.ReadNetworkConfiguration()
 	if err != nil {
 		err = fmt.Errorf("read network settings to check maintenance allowance: %w", err)
 	} else if !netSettings.MaintenanceModeAllowed {
@ -423,7 +425,7 @@ func (c *cfg) updateNetMapState(ctx context.Context, stateSetter func(*nmClient.
 	if err != nil {
 		return err
 	}
-	return c.cfgNetmap.wrapper.Morph().WaitTxHalt(ctx, res.VUB, res.Hash)
+	return c.cfgNetmap.wrapper.Morph().WaitTxHalt(ctx, res)
 }

 type netInfo struct {
@ -438,7 +440,7 @@ type netInfo struct {
 	msPerBlockRdr func() (int64, error)
 }

-func (n *netInfo) Dump(ctx context.Context, ver version.Version) (*netmapSDK.NetworkInfo, error) {
+func (n *netInfo) Dump(ver version.Version) (*netmapSDK.NetworkInfo, error) {
 	magic, err := n.magic.MagicNumber()
 	if err != nil {
 		return nil, err
@ -448,7 +450,7 @@ func (n *netInfo) Dump(ctx context.Context, ver version.Version) (*netmapSDK.Net
 	ni.SetCurrentEpoch(n.netState.CurrentEpoch())
 	ni.SetMagicNumber(magic)

-	netInfoMorph, err := n.morphClientNetMap.ReadNetworkConfiguration(ctx)
+	netInfoMorph, err := n.morphClientNetMap.ReadNetworkConfiguration()
 	if err != nil {
 		return nil, fmt.Errorf("read network configuration using netmap contract client: %w", err)
 	}
--- a/cmd/frostfs-node/object.go
+++ b/cmd/frostfs-node/object.go
@ -13,6 +13,7 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/local_object_storage/engine"
 	morphClient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client"
+	nmClient "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/morph/client/netmap"
 	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network/cache"
 	objectTransportGRPC "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/network/transport/object/grpc"
 	objectService "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object"
@ -54,11 +55,11 @@ type objectSvc struct {
 	patch *patchsvc.Service
 }

-func (c *cfg) MaxObjectSize(ctx context.Context) uint64 {
-	sz, err := c.cfgNetmap.wrapper.MaxObjectSize(ctx)
+func (c *cfg) MaxObjectSize() uint64 {
+	sz, err := c.cfgNetmap.wrapper.MaxObjectSize()
 	if err != nil {
-		c.log.Error(ctx, logs.FrostFSNodeCouldNotGetMaxObjectSizeValue,
-			zap.Error(err),
+		c.log.Error(context.Background(), logs.FrostFSNodeCouldNotGetMaxObjectSizeValue,
+			zap.String("error", err.Error()),
 		)
 	}

@ -122,8 +123,8 @@ type innerRingFetcherWithNotary struct {
 	sidechain *morphClient.Client
 }

-func (fn *innerRingFetcherWithNotary) InnerRingKeys(ctx context.Context) ([][]byte, error) {
-	keys, err := fn.sidechain.NeoFSAlphabetList(ctx)
+func (fn *innerRingFetcherWithNotary) InnerRingKeys() ([][]byte, error) {
+	keys, err := fn.sidechain.NeoFSAlphabetList()
 	if err != nil {
 		return nil, fmt.Errorf("can't get inner ring keys from alphabet role: %w", err)
 	}
@ -136,6 +137,24 @@ func (fn *innerRingFetcherWithNotary) InnerRingKeys(ctx context.Context) ([][]by
 	return result, nil
 }

+type innerRingFetcherWithoutNotary struct {
+	nm *nmClient.Client
+}
+
+func (f *innerRingFetcherWithoutNotary) InnerRingKeys() ([][]byte, error) {
+	keys, err := f.nm.GetInnerRingList()
+	if err != nil {
+		return nil, fmt.Errorf("can't get inner ring keys from netmap contract: %w", err)
+	}
+
+	result := make([][]byte, 0, len(keys))
+	for i := range keys {
+		result = append(result, keys[i].Bytes())
+	}
+
+	return result, nil
+}
+
 func initObjectService(c *cfg) {
 	keyStorage := util.NewKeyStorage(&c.key.PrivateKey, c.privateTokenStore, c.cfgNetmap.state)

@ -168,7 +187,7 @@ func initObjectService(c *cfg) {
 	sPatch := createPatchSvc(sGet, sPut)

 	// build service pipeline
-	// grpc | audit | qos | <metrics> | signature | response | acl | ape | split
+	// grpc | audit | <metrics> | signature | response | acl | ape | split

 	splitSvc := createSplitService(c, sPutV2, sGetV2, sSearchV2, sDeleteV2, sPatch)

@ -191,8 +210,7 @@ func initObjectService(c *cfg) {

 	c.shared.metricsSvc = objectService.NewMetricCollector(
 		signSvc, c.metricsCollector.ObjectService(), metricsconfig.Enabled(c.appCfg))
-	qosService := objectService.NewQoSObjectService(c.shared.metricsSvc, &c.cfgQoSService)
-	auditSvc := objectService.NewAuditService(qosService, c.log, c.audit)
+	auditSvc := objectService.NewAuditService(c.shared.metricsSvc, c.log, c.audit)
 	server := objectTransportGRPC.New(auditSvc)

 	c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) {
@ -216,7 +234,8 @@ func addPolicer(c *cfg, keyStorage *util.KeyStorage, clientConstructor *cache.Cl
 		prm.MarkAsGarbage(addr)
 		prm.WithForceRemoval()

-		return ls.Inhume(ctx, prm)
+		_, err := ls.Inhume(ctx, prm)
+		return err
 	}

 	remoteReader := objectService.NewRemoteReader(keyStorage, clientConstructor)
@ -266,9 +285,10 @@ func addPolicer(c *cfg, keyStorage *util.KeyStorage, clientConstructor *cache.Cl
 			var inhumePrm engine.InhumePrm
 			inhumePrm.MarkAsGarbage(addr)

-			if err := ls.Inhume(ctx, inhumePrm); err != nil {
+			_, err := ls.Inhume(ctx, inhumePrm)
+			if err != nil {
 				c.log.Warn(ctx, logs.FrostFSNodeCouldNotInhumeMarkRedundantCopyAsGarbage,
-					zap.Error(err),
+					zap.String("error", err.Error()),
 				)
 			}
 		}),
@ -285,8 +305,13 @@ func addPolicer(c *cfg, keyStorage *util.KeyStorage, clientConstructor *cache.Cl
 }

 func createInnerRingFetcher(c *cfg) v2.InnerRingFetcher {
-	return &innerRingFetcherWithNotary{
-		sidechain: c.cfgMorph.client,
+	if c.cfgMorph.client.ProbeNotary() {
+		return &innerRingFetcherWithNotary{
+			sidechain: c.cfgMorph.client,
+		}
+	}
+	return &innerRingFetcherWithoutNotary{
+		nm: c.cfgNetmap.wrapper,
 	}
 }

@ -475,7 +500,8 @@ func (e engineWithoutNotifications) Delete(ctx context.Context, tombstone oid.Ad

 	prm.WithTarget(tombstone, addrs...)

-	return e.engine.Inhume(ctx, prm)
+	_, err := e.engine.Inhume(ctx, prm)
+	return err
 }

 func (e engineWithoutNotifications) Lock(ctx context.Context, locker oid.Address, toLock []oid.ID) error {
--- a/cmd/frostfs-node/qos.go
+++ b/cmd/frostfs-node/qos.go
@ -1,95 +0,0 @@
-package main
-
-import (
-	"bytes"
-	"context"
-
-	qosconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/qos"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/logs"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/internal/qos"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/core/netmap"
-	"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
-	qosTagging "git.frostfs.info/TrueCloudLab/frostfs-qos/tagging"
-	"go.uber.org/zap"
-)
-
-type cfgQoSService struct {
-	netmapSource        netmap.Source
-	logger              *logger.Logger
-	allowedCriticalPubs [][]byte
-	allowedInternalPubs [][]byte
-}
-
-func initQoSService(c *cfg) {
-	criticalPubs := qosconfig.CriticalAuthorizedKeys(c.appCfg)
-	internalPubs := qosconfig.InternalAuthorizedKeys(c.appCfg)
-	rawCriticalPubs := make([][]byte, 0, len(criticalPubs))
-	rawInternalPubs := make([][]byte, 0, len(internalPubs))
-	for i := range criticalPubs {
-		rawCriticalPubs = append(rawCriticalPubs, criticalPubs[i].Bytes())
-	}
-	for i := range internalPubs {
-		rawInternalPubs = append(rawInternalPubs, internalPubs[i].Bytes())
-	}
-
-	c.cfgQoSService = cfgQoSService{
-		netmapSource:        c.netMapSource,
-		logger:              c.log,
-		allowedCriticalPubs: rawCriticalPubs,
-		allowedInternalPubs: rawInternalPubs,
-	}
-}
-
-func (s *cfgQoSService) AdjustIncomingTag(ctx context.Context, requestSignPublicKey []byte) context.Context {
-	rawTag, defined := qosTagging.IOTagFromContext(ctx)
-	if !defined {
-		return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-	}
-	ioTag, err := qos.FromRawString(rawTag)
-	if err != nil {
-		s.logger.Warn(ctx, logs.FailedToParseIncomingIOTag, zap.Error(err))
-		return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-	}
-
-	switch ioTag {
-	case qos.IOTagClient:
-		return ctx
-	case qos.IOTagCritical:
-		for _, pk := range s.allowedCriticalPubs {
-			if bytes.Equal(pk, requestSignPublicKey) {
-				return ctx
-			}
-		}
-		nm, err := s.netmapSource.GetNetMap(ctx, 0)
-		if err != nil {
-			s.logger.Debug(ctx, logs.FailedToGetNetmapToAdjustIOTag, zap.Error(err))
-			return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-		}
-		for _, node := range nm.Nodes() {
-			if bytes.Equal(node.PublicKey(), requestSignPublicKey) {
-				return ctx
-			}
-		}
-		return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-	case qos.IOTagInternal:
-		for _, pk := range s.allowedInternalPubs {
-			if bytes.Equal(pk, requestSignPublicKey) {
-				return ctx
-			}
-		}
-		nm, err := s.netmapSource.GetNetMap(ctx, 0)
-		if err != nil {
-			s.logger.Debug(ctx, logs.FailedToGetNetmapToAdjustIOTag, zap.Error(err))
-			return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-		}
-		for _, node := range nm.Nodes() {
-			if bytes.Equal(node.PublicKey(), requestSignPublicKey) {
-				return ctx
-			}
-		}
-		return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-	default:
-		s.logger.Warn(ctx, logs.NotSupportedIncomingIOTagReplacedWithClient, zap.Stringer("io_tag", ioTag))
-		return qosTagging.ContextWithIOTag(ctx, qos.IOTagClient.String())
-	}
-}
--- a/cmd/frostfs-node/tree.go
+++ b/cmd/frostfs-node/tree.go
@ -29,16 +29,16 @@ type cnrSource struct {
 	cli *containerClient.Client
 }

-func (c cnrSource) Get(ctx context.Context, id cid.ID) (*container.Container, error) {
-	return c.src.Get(ctx, id)
+func (c cnrSource) Get(id cid.ID) (*container.Container, error) {
+	return c.src.Get(id)
 }

-func (c cnrSource) DeletionInfo(ctx context.Context, cid cid.ID) (*container.DelInfo, error) {
-	return c.src.DeletionInfo(ctx, cid)
+func (c cnrSource) DeletionInfo(cid cid.ID) (*container.DelInfo, error) {
+	return c.src.DeletionInfo(cid)
 }

-func (c cnrSource) List(ctx context.Context) ([]cid.ID, error) {
-	return c.cli.ContainersOf(ctx, nil)
+func (c cnrSource) List() ([]cid.ID, error) {
+	return c.cli.ContainersOf(nil)
 }

 func initTreeService(c *cfg) {
@ -72,7 +72,7 @@ func initTreeService(c *cfg) {
 	)

 	c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) {
-		tree.RegisterTreeServiceServer(s, tree.NewIOTagAdjustServer(c.treeService, &c.cfgQoSService))
+		tree.RegisterTreeServiceServer(s, c.treeService)
 	})

 	c.workers = append(c.workers, newWorkerFromFunc(func(ctx context.Context) {
@ -113,7 +113,7 @@ func initTreeService(c *cfg) {
 			// Ignore pilorama.ErrTreeNotFound but other errors, including shard.ErrReadOnly, should be logged.
 			c.log.Error(ctx, logs.FrostFSNodeContainerRemovalEventReceivedButTreesWerentRemoved,
 				zap.Stringer("cid", ev.ID),
-				zap.Error(err))
+				zap.String("error", err.Error()))
 		}
 	})

--- a/cmd/internal/common/ape/flags.go
+++ b/cmd/internal/common/ape/flags.go
@ -2,6 +2,7 @@ package ape

 const (
 	RuleFlag           = "rule"
+	RuleFlagDesc       = "Rule statement"
 	PathFlag           = "path"
 	PathFlagDesc       = "Path to encoded chain in JSON or binary format"
 	TargetNameFlag     = "target-name"
@ -16,64 +17,3 @@ const (
 	ChainNameFlagDesc  = "Chain name(ingress|s3)"
 	AllFlag            = "all"
 )
-
-const RuleFlagDesc = `Defines an Access Policy Engine (APE) rule in the format:
-    <status>[:status_detail] <action>... <condition>... <resource>...
-
-Status:
-  - allow                   Permits specified actions
-  - deny                    Prohibits specified actions
-  - deny:QuotaLimitReached  Denies access due to quota limits
-
-Actions:
-    Object operations:
-    - Object.Put, Object.Get, etc.
-    - Object.*     (all object operations)
-    Container operations:
-    - Container.Put, Container.Get, etc.
-    - Container.*  (all container operations)
-
-Conditions:
-    ResourceCondition:
-      Format: ResourceCondition:"key"=value, "key"!=value
-        Reserved properties (use '\' before '$'):
-        - $Object:version
-        - $Object:objectID
-        - $Object:containerID
-        - $Object:ownerID
-        - $Object:creationEpoch
-        - $Object:payloadLength
-        - $Object:payloadHash
-        - $Object:objectType
-        - $Object:homomorphicHash
-
-RequestCondition:
-    Format: RequestCondition:"key"=value, "key"!=value
-      Reserved properties (use '\' before '$'):
-        - $Actor:publicKey
-        - $Actor:role
-
-      Example:
-        ResourceCondition:"check_key"!="check_value" RequestCondition:"$Actor:role"=others
-
-Resources:
-    For objects:
-      - namespace/cid/oid    (specific object)
-      - namespace/cid/*      (all objects in container)
-      - namespace/*          (all objects in namespace)
-      - *                    (all objects)
-      - /*                   (all objects in root namespace)
-      - /cid/*               (all objects in root container)
-      - /cid/oid             (specific object in root container)
-
-    For containers:
-      - namespace/cid        (specific container)
-      - namespace/*          (all containers in namespace)
-      - *                    (all containers)
-      - /cid                 (root container)
-      - /*                   (all root containers)
-
-Notes:
-    - Cannot mix object and container operations in one rule
-    - Default behavior is Any=false unless 'any' is specified
-    - Use 'all' keyword to explicitly set Any=false`
--- a/cmd/internal/common/exit.go
+++ b/cmd/internal/common/exit.go
@ -26,15 +26,13 @@ func ExitOnErr(cmd *cobra.Command, errFmt string, err error) {
 		_ = iota
 		internal
 		aclDenied
-		apemanagerDenied
 	)

 	var (
 		code int

-		internalErr   = new(sdkstatus.ServerInternal)
-		accessErr     = new(sdkstatus.ObjectAccessDenied)
-		apemanagerErr = new(sdkstatus.APEManagerAccessDenied)
+		internalErr = new(sdkstatus.ServerInternal)
+		accessErr   = new(sdkstatus.ObjectAccessDenied)
 	)

 	switch {
@ -43,9 +41,6 @@ func ExitOnErr(cmd *cobra.Command, errFmt string, err error) {
 	case errors.As(err, &accessErr):
 		code = aclDenied
 		err = fmt.Errorf("%w: %s", err, accessErr.Reason())
-	case errors.As(err, &apemanagerErr):
-		code = apemanagerDenied
-		err = fmt.Errorf("%w: %s", err, apemanagerErr.Reason())
 	default:
 		code = internal
 	}
--- a/Show more
+++ b/Show more
Author	SHA1	Message	Date
Evgenii Stratonikov	e82f79b0a8	adm: Allow to use --local-dump everywhere --rpc-endpoint is present Some checks failed Tests and linters / Run gofumpt (pull_request) Successful in 3m21s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 4m10s Details Tests and linters / Tests (pull_request) Successful in 4m16s Details DCO action / DCO (pull_request) Failing after 4m29s Details Vulncheck / Vulncheck (pull_request) Successful in 5m44s Details Tests and linters / Tests with -race (pull_request) Successful in 6m13s Details Build / Build Components (pull_request) Successful in 6m23s Details Tests and linters / Staticcheck (pull_request) Successful in 6m25s Details Tests and linters / gopls check (pull_request) Successful in 6m27s Details Tests and linters / Lint (pull_request) Successful in 7m27s Details Currently, we allow using `--local-dump` in `morph init` command. We also have this flag in other commands, but no `--protocol` which is also needed. And in new command we do not have the ability to use local dump at all. This commit makes it possible to work either with an RPC or with local-dump in every command. Refs #1035. Refs TrueCloudLab/frostfs-dev-env#42. Writing gopatch this time was really satisfying, btw: ``` @@ var flags expression @@ -flags.StringP(commonflags.EndpointFlag, ...) +commonflags.InitRPC(flags) @@ var flags expression @@ -_ = viper.BindPFlag(commonflags.EndpointFlag, flags.Lookup(...)) +commonflags.BindRPC(flags) ``` Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-11-20 14:38:26 +03:00
Evgenii Stratonikov	70f77a53d9	adm: Move ProtoConfigPath from `constants` to `commonflags` package Some checks failed Tests and linters / Run gofumpt (pull_request) Successful in 1m48s Details DCO action / DCO (pull_request) Failing after 2m14s Details Vulncheck / Vulncheck (pull_request) Successful in 2m34s Details Pre-commit hooks / Pre-commit (pull_request) Successful in 2m44s Details Build / Build Components (pull_request) Successful in 3m8s Details Tests and linters / gopls check (pull_request) Successful in 3m13s Details Tests and linters / Staticcheck (pull_request) Successful in 3m33s Details Tests and linters / Lint (pull_request) Successful in 4m17s Details Tests and linters / Tests (pull_request) Successful in 4m57s Details Tests and linters / Tests with -race (pull_request) Successful in 6m36s Details Refs #932 Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>	2024-11-20 14:16:34 +03:00