I read a lot about certs and watched a WWDC, but should clear for myself and for others next question. When we creating certificates in the developer portal, we see next possibilities:

So, what is the purpose of creating only Sandbox certificate instead of Sandbox&Production one? Also there is two fields in app description for certificates.

Does it is a rudiment and we can use only S&P certificate or we should also implement development cert?

After some investigation, I didn't find cases were needed only Sandbox Certificate. It seems, that it's a rudiment. You can generate only one cert for Sandbox & Production and use only it for both environments.

Well just right now every Samsung phone got a push notification with a title of 1 and body of 1.

https://www.theverge.com/2020/2/20/21145130/samsung-find-my-mobile-app-1-notification-galaxy

Why? I guess because the person was testing how remote notifications work. Just that he was using the production certificate and it got sent to every Samsung user.

So it's certainly safer to be using the sandbox version to test things initially with your debug builds ie build that have used your development certificate.

You won't run into an issue when you're working with a tool that you require a given device token e.g. see Push Notification Mocker. But if you give this production certificate to your QA server and QA server sends tries testing out a 'send to all users' notification then such a cluster mess will happen.