diff --git a/cmd/s3-authmate/main.go b/cmd/s3-authmate/main.go
index 56eae3ae..413df66c 100644
--- a/cmd/s3-authmate/main.go
+++ b/cmd/s3-authmate/main.go
@@ -706,5 +706,7 @@ func createNeoFS(ctx context.Context, log *zap.Logger, cfg PoolConfig) (authmate
 		return nil, fmt.Errorf("dial pool: %w", err)
 	}
 
-	return neofs.NewAuthmateNeoFS(p, signer), nil
+	neoFS := neofs.NewNeoFS(p, signer)
+
+	return neofs.NewAuthmateNeoFS(neoFS), nil
 }
diff --git a/cmd/s3-gw/app.go b/cmd/s3-gw/app.go
index d436515f..f6d1e766 100644
--- a/cmd/s3-gw/app.go
+++ b/cmd/s3-gw/app.go
@@ -99,9 +99,10 @@ func newApp(ctx context.Context, log *Logger, v *viper.Viper) *App {
 	conns, key, poolStat := getPool(ctx, log.logger, v)
 
 	signer := user.NewSignerRFC6979(key.PrivateKey)
+	neoFS := neofs.NewNeoFS(conns, signer)
 
 	// prepare auth center
-	ctr := auth.New(neofs.NewAuthmateNeoFS(conns, signer), key, v.GetStringSlice(cfgAllowedAccessKeyIDPrefixes), getAccessBoxCacheConfig(v, log.logger))
+	ctr := auth.New(neofs.NewAuthmateNeoFS(neoFS), key, v.GetStringSlice(cfgAllowedAccessKeyIDPrefixes), getAccessBoxCacheConfig(v, log.logger))
 
 	app := &App{
 		ctr:      ctr,
diff --git a/internal/neofs/neofs.go b/internal/neofs/neofs.go
index 257b5e54..0f49c5c6 100644
--- a/internal/neofs/neofs.go
+++ b/internal/neofs/neofs.go
@@ -442,12 +442,12 @@ func (x *ResolverNeoFS) SystemDNS(ctx context.Context) (string, error) {
 
 // AuthmateNeoFS is a mediator which implements authmate.NeoFS through pool.Pool.
 type AuthmateNeoFS struct {
-	neoFS *NeoFS
+	neoFS layer.NeoFS
 }
 
 // NewAuthmateNeoFS creates new AuthmateNeoFS using provided pool.Pool.
-func NewAuthmateNeoFS(p *pool.Pool, signer user.Signer) *AuthmateNeoFS {
-	return &AuthmateNeoFS{neoFS: NewNeoFS(p, signer)}
+func NewAuthmateNeoFS(neoFS layer.NeoFS) *AuthmateNeoFS {
+	return &AuthmateNeoFS{neoFS: neoFS}
 }
 
 // ContainerExists implements authmate.NeoFS interface method.