From 539dae20cdcd9dbd6996678d79d2782ee14cefb1 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 5 Sep 2023 10:53:28 +0200
Subject: [PATCH 1/9] Support deployment on Sepolia
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The Görli testnet currently used by Threshold/Keep for development purposes is
planned to become deprecated with the end of year 2023. The testnet that is
planned to replace it is called
[Holešky](https://github.com/eth-clients/holesky), however it's not yet
available - it's planned it will become widely accessible on Oct 1, 2023
([source](https://everstake.one/blog/new-ethereum-testnet-holesky-all-you-need-to-know-now)).
Switching our infrastructure to support new testnet is quite time consuming, so
moving directly from Görli to Holešky may be quite risky, especially if there
would be some delays in the date of Holešky genesis (not meeting the planned
timelines is not a rare occurrence in the Ethereum space). As a solution, we
decided to switch first to another testnet that is currently live - Sepolia.
This testnet's EOL is planned for 2026, which gives us plenty of time to move to
Holešky before Sepolia gets deprecated.
---
 .github/workflows/contracts-ecdsa.yml         | 44 ++++++++++++++++---
 .github/workflows/contracts-random-beacon.yml | 44 ++++++++++++++++---
 .../09_deploy_wallet_registry_governance.ts   |  7 ++-
 solidity/ecdsa/hardhat.config.ts              | 16 +++++++
 solidity/random-beacon/hardhat.config.ts      | 12 +++++
 5 files changed, 107 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index b3cd549f5a..25dfd0bb8b 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -27,7 +27,7 @@ on:
   workflow_dispatch:
     inputs:
       environment:
-        description: "Environment (network) for workflow execution, e.g. `goerli`"
+        description: "Environment (network) for workflow execution, e.g. `sepolia`"
         required: false
       upstream_builds:
         description: "Upstream builds"
@@ -252,9 +252,24 @@ jobs:
 
       - name: Deploy contracts
         env:
-          CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }}
-          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
+          # Use fake ternary expressions to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI...` credentials
+          # are empty, the expressions will be evaluated to the `SEPOLIA...`
+          # ones.
+          CHAIN_API_URL: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_HOSTNAME_HTTP
+              || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
+          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
+          # two below envs?
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -340,9 +355,24 @@ jobs:
       
       - name: Deploy contracts
         env:
-          CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }}
-          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
+          # Use fake ternary expressions to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI...` credentials
+          # are empty, the expressions will be evaluated to the `SEPOLIA...`
+          # ones.
+          CHAIN_API_URL: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_HOSTNAME_HTTP
+              || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
+          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
+          # two below envs?
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.DAPP_DEV_SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 17cf44b937..2d2255acb7 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -27,7 +27,7 @@ on:
   workflow_dispatch:
     inputs:
       environment:
-        description: "Environment (network) for workflow execution, e.g. `goerli`"
+        description: "Environment (network) for workflow execution, e.g. `sepolia`"
         required: false
       upstream_builds:
         description: "Upstream builds"
@@ -248,9 +248,24 @@ jobs:
 
       - name: Deploy contracts
         env:
-          CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }}
-          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
+          # Use fake ternary expressions to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI...` credentials
+          # are empty, the expressions will be evaluated to the `SEPOLIA...`
+          # ones.
+          CHAIN_API_URL: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_HOSTNAME_HTTP
+              || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
+          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
+          # two below envs?
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -334,9 +349,24 @@ jobs:
       
       - name: Deploy contracts
         env:
-          CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }}
-          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
+          # Use fake ternary expressions to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI...` credentials
+          # are empty, the expressions will be evaluated to the `SEPOLIA...`
+          # ones.
+          CHAIN_API_URL: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_ETH_HOSTNAME_HTTP
+              || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
+          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
+          # two below envs?
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.DAPP_DEV_SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
+            ${{ inputs.github.event.inputs.environment == 'goerli'
+              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
diff --git a/solidity/ecdsa/deploy/09_deploy_wallet_registry_governance.ts b/solidity/ecdsa/deploy/09_deploy_wallet_registry_governance.ts
index 90ebc50acb..965e04ad0a 100644
--- a/solidity/ecdsa/deploy/09_deploy_wallet_registry_governance.ts
+++ b/solidity/ecdsa/deploy/09_deploy_wallet_registry_governance.ts
@@ -7,8 +7,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
 
   const WalletRegistry = await deployments.get("WalletRegistry")
 
-  // 60 seconds for Goerli. 1 week otherwise.
-  const GOVERNANCE_DELAY = hre.network.name === "goerli" ? 60 : 604800
+  // 60 seconds for Goerli/Sepolia. 1 week otherwise.
+  const GOVERNANCE_DELAY =
+    hre.network.name === "goerli" || hre.network.name === "sepolia"
+      ? 60
+      : 604800
 
   const WalletRegistryGovernance = await deployments.deploy(
     "WalletRegistryGovernance",
diff --git a/solidity/ecdsa/hardhat.config.ts b/solidity/ecdsa/hardhat.config.ts
index 52bad239db..b9e160bf6e 100644
--- a/solidity/ecdsa/hardhat.config.ts
+++ b/solidity/ecdsa/hardhat.config.ts
@@ -121,6 +121,14 @@ const config: HardhatUserConfig = {
         : undefined,
       tags: ["etherscan", "tenderly", "useRandomBeaconChaosnet"],
     },
+    sepolia: {
+      url: process.env.CHAIN_API_URL || "",
+      chainId: 11155111,
+      accounts: process.env.ACCOUNTS_PRIVATE_KEYS
+        ? process.env.ACCOUNTS_PRIVATE_KEYS.split(",")
+        : undefined,
+      tags: ["etherscan", "tenderly", "useRandomBeaconChaosnet"],
+    },
     mainnet: {
       url: process.env.CHAIN_API_URL || "",
       chainId: 1,
@@ -143,21 +151,25 @@ const config: HardhatUserConfig = {
     deployer: {
       default: 1, // take the second account
       goerli: 0,
+      sepolia: 0,
       mainnet: 0, // "0x123694886DBf5Ac94DDA07135349534536D14cAf"
     },
     governance: {
       default: 2,
       goerli: 0,
+      sepolia: 0,
       mainnet: "0x9f6e831c8f8939dc0c830c6e492e7cef4f9c2f5f", // Threshold Council
     },
     chaosnetOwner: {
       default: 3,
       goerli: 0,
+      sepolia: 0,
       mainnet: "0x9f6e831c8f8939dc0c830c6e492e7cef4f9c2f5f", // Threshold Council
     },
     esdm: {
       default: 4,
       goerli: 0,
+      sepolia: 0,
       mainnet: "0x9f6e831c8f8939dc0c830c6e492e7cef4f9c2f5f", // Threshold Council
     },
   },
@@ -192,6 +204,10 @@ const config: HardhatUserConfig = {
         "node_modules/@threshold-network/solidity-contracts/artifacts",
         "node_modules/@keep-network/random-beacon/artifacts",
       ],
+      sepolia: [
+        "node_modules/@threshold-network/solidity-contracts/artifacts",
+        "node_modules/@keep-network/random-beacon/artifacts",
+      ],
       mainnet: ["./external/mainnet"],
     },
   },
diff --git a/solidity/random-beacon/hardhat.config.ts b/solidity/random-beacon/hardhat.config.ts
index a4a4092bfb..020c0ce0d9 100644
--- a/solidity/random-beacon/hardhat.config.ts
+++ b/solidity/random-beacon/hardhat.config.ts
@@ -109,6 +109,14 @@ const config: HardhatUserConfig = {
         : undefined,
       tags: ["etherscan", "tenderly"],
     },
+    sepolia: {
+      url: process.env.CHAIN_API_URL || "",
+      chainId: 11155111,
+      accounts: process.env.ACCOUNTS_PRIVATE_KEYS
+        ? process.env.ACCOUNTS_PRIVATE_KEYS.split(",")
+        : undefined,
+      tags: ["etherscan", "tenderly"],
+    },
     mainnet: {
       url: process.env.CHAIN_API_URL || "",
       chainId: 1,
@@ -131,16 +139,19 @@ const config: HardhatUserConfig = {
     deployer: {
       default: 1,
       goerli: 0,
+      sepolia: 0,
       mainnet: 0, // "0x123694886DBf5Ac94DDA07135349534536D14cAf"
     },
     governance: {
       default: 2,
       goerli: 0,
+      sepolia: 0,
       mainnet: "0x9f6e831c8f8939dc0c830c6e492e7cef4f9c2f5f", // Threshold Council
     },
     chaosnetOwner: {
       default: 3,
       goerli: 0,
+      sepolia: 0,
       mainnet: "0x9f6e831c8f8939dc0c830c6e492e7cef4f9c2f5f", // Threshold Council
     },
   },
@@ -166,6 +177,7 @@ const config: HardhatUserConfig = {
         "node_modules/@threshold-network/solidity-contracts/deployments/development",
       ],
       goerli: ["node_modules/@threshold-network/solidity-contracts/artifacts"],
+      sepolia: ["node_modules/@threshold-network/solidity-contracts/artifacts"],
       mainnet: ["./external/mainnet"],
     },
   },

From 074739e858aa1eb7a2897097bbe4cc9b7ac51da4 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 11:18:17 +0200
Subject: [PATCH 2/9] Make `environment` input required

There is no scenario were we wouldn't need to provide an `environment` when
manually triggering the workflow run.
---
 .github/workflows/contracts-ecdsa.yml         | 2 +-
 .github/workflows/contracts-random-beacon.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index 25dfd0bb8b..26af4ea2e6 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -28,7 +28,7 @@ on:
     inputs:
       environment:
         description: "Environment (network) for workflow execution, e.g. `sepolia`"
-        required: false
+        required: true
       upstream_builds:
         description: "Upstream builds"
         required: false
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 2d2255acb7..55a8b50880 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -28,7 +28,7 @@ on:
     inputs:
       environment:
         description: "Environment (network) for workflow execution, e.g. `sepolia`"
-        required: false
+        required: true
       upstream_builds:
         description: "Upstream builds"
         required: false

From 63d086d5394e83ba014bcddfbd083580de4183a8 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 11:29:07 +0200
Subject: [PATCH 3/9] Rename common testnet GH secrets

We don't need to differenciate between Sepolia and Goerli secrets storing
private keys of the deployers - in both cases we're using the same deployer
address.
---
 .github/workflows/contracts-ecdsa.yml         | 40 ++++++-------------
 .github/workflows/contracts-random-beacon.yml | 40 ++++++-------------
 2 files changed, 24 insertions(+), 56 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index 26af4ea2e6..ddfbc217f6 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -252,24 +252,16 @@ jobs:
 
       - name: Deploy contracts
         env:
-          # Use fake ternary expressions to decide which credentials to use,
-          # depending on chosen environment. Note: if `GOERLI...` credentials
-          # are empty, the expressions will be evaluated to the `SEPOLIA...`
-          # ones.
+          # Using fake ternary expression to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI_ETH_HOSTNAME_HTTP`
+          # is empty, the expression will be evaluated to
+          # `SEPOLIA_ETH_HOSTNAME_HTTP`'s value.
           CHAIN_API_URL: |
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
-          # two below envs?
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -355,24 +347,16 @@ jobs:
       
       - name: Deploy contracts
         env:
-          # Use fake ternary expressions to decide which credentials to use,
-          # depending on chosen environment. Note: if `GOERLI...` credentials
-          # are empty, the expressions will be evaluated to the `SEPOLIA...`
-          # ones.
+          # Using fake ternary expression to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI_ETH_HOSTNAME_HTTP`
+          # is empty, the expression will be evaluated to
+          # `SEPOLIA_ETH_HOSTNAME_HTTP`'s value.
           CHAIN_API_URL: |
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
-          # two below envs?
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.DAPP_DEV_SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 55a8b50880..4edef8cebd 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -248,24 +248,16 @@ jobs:
 
       - name: Deploy contracts
         env:
-          # Use fake ternary expressions to decide which credentials to use,
-          # depending on chosen environment. Note: if `GOERLI...` credentials
-          # are empty, the expressions will be evaluated to the `SEPOLIA...`
-          # ones.
+          # Using fake ternary expression to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI_ETH_HOSTNAME_HTTP`
+          # is empty, the expression will be evaluated to
+          # `SEPOLIA_ETH_HOSTNAME_HTTP`'s value.
           CHAIN_API_URL: |
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
-          # two below envs?
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -349,24 +341,16 @@ jobs:
       
       - name: Deploy contracts
         env:
-          # Use fake ternary expressions to decide which credentials to use,
-          # depending on chosen environment. Note: if `GOERLI...` credentials
-          # are empty, the expressions will be evaluated to the `SEPOLIA...`
-          # ones.
+          # Using fake ternary expression to decide which credentials to use,
+          # depending on chosen environment. Note: if `GOERLI_ETH_HOSTNAME_HTTP`
+          # is empty, the expression will be evaluated to
+          # `SEPOLIA_ETH_HOSTNAME_HTTP`'s value.
           CHAIN_API_URL: |
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          # TODO: Shouldn't we use `ACCOUNTS_PRIVATE_KEYS` here instead of the
-          # two below envs?
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.DAPP_DEV_SEPOLIA_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: |
-            ${{ inputs.github.event.inputs.environment == 'goerli'
-              && secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
-              || secrets.SEPOLIA_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version

From a0216f9bb12b5d0a68352da26bfb18bf925188b1 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 11:38:54 +0200
Subject: [PATCH 4/9] Update values of environment variables

We've been using the same account to deploy Keep and Threshold contracts
(both on Goerli and Sepolia).
---
 .github/workflows/contracts-ecdsa.yml         | 4 ++--
 .github/workflows/contracts-random-beacon.yml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index ddfbc217f6..563d0a75d1 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -261,7 +261,7 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -356,7 +356,7 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 4edef8cebd..54ecd8f97b 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -257,7 +257,7 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -350,7 +350,7 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version

From e02470c8bddad46afa17fbe711ef820a51b93775 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 17:28:40 +0200
Subject: [PATCH 5/9] Add accidentally removed `ETHERSCAN_API_KEY` environment
 variable

---
 .github/workflows/contracts-ecdsa.yml         | 2 ++
 .github/workflows/contracts-random-beacon.yml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index 563d0a75d1..ebf15402e1 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -262,6 +262,7 @@ jobs:
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -357,6 +358,7 @@ jobs:
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 54ecd8f97b..a6ce0fbe19 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -258,6 +258,7 @@ jobs:
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version
@@ -351,6 +352,7 @@ jobs:
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
       - name: Bump up package version

From 8de530a6b8fb06bbd0ce129b84db6cdfe9a07cb7 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 17:32:39 +0200
Subject: [PATCH 6/9] Add missing `${{ }}` markers

---
 .github/workflows/contracts-ecdsa.yml         | 8 ++++----
 .github/workflows/contracts-random-beacon.yml | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index ebf15402e1..3cf673d8c4 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -260,8 +260,8 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
@@ -356,8 +356,8 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index a6ce0fbe19..7e38aaeb53 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -256,8 +256,8 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
@@ -350,8 +350,8 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY
+          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 

From 3bcc32c638bf5d7e73cdf602f9e8ad29c3174925 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 18:29:30 +0200
Subject: [PATCH 7/9] Wait 2 confirmations before verifying contracts on
 Etherscan

Without the waiting, the verification of contracts on Etherscan was sometimes
failing with errors like these:
```
NomicLabsHardhatPluginError: Failed to send contract verification request.
Endpoint URL: https://api-sepolia.etherscan.io/api
Reason: The Etherscan API responded that the address
0xAdF78eb37FDE0F3CbF59d11F0DF54b1170a3937b does not have bytecode.
This can happen if the contract was recently deployed and this fact hasn't
propagated to the backend yet.
Try waiting for a minute before verifying your contract. If you are invoking
this from a script, try to wait for five confirmations of your contract
deployment transaction before running the verification subtask.
```
Despite the suggestion to wait 5 confirmation, it seems 2 are enough for us (we
can always increase that number if we find cases where it isn't enough).
---
 .../random-beacon/deploy/01_deploy_reimbursement_pool.ts     | 5 +++++
 .../random-beacon/deploy/02_deploy_beacon_sortition_pool.ts  | 5 +++++
 .../random-beacon/deploy/03_deploy_beacon_dkg_validator.ts   | 5 +++++
 solidity/random-beacon/deploy/04_deploy_random_beacon.ts     | 5 +++++
 .../deploy/07_deploy_random_beacon_governance.ts             | 5 +++++
 .../random-beacon/deploy/09_deploy_random_beacon_chaosnet.ts | 5 +++++
 6 files changed, 30 insertions(+)

diff --git a/solidity/random-beacon/deploy/01_deploy_reimbursement_pool.ts b/solidity/random-beacon/deploy/01_deploy_reimbursement_pool.ts
index 5e1990076f..9832d42288 100644
--- a/solidity/random-beacon/deploy/01_deploy_reimbursement_pool.ts
+++ b/solidity/random-beacon/deploy/01_deploy_reimbursement_pool.ts
@@ -16,6 +16,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   })
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      ReimbursementPool.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(ReimbursementPool)
   }
 
diff --git a/solidity/random-beacon/deploy/02_deploy_beacon_sortition_pool.ts b/solidity/random-beacon/deploy/02_deploy_beacon_sortition_pool.ts
index 7b8dbcce0c..12ce503e42 100644
--- a/solidity/random-beacon/deploy/02_deploy_beacon_sortition_pool.ts
+++ b/solidity/random-beacon/deploy/02_deploy_beacon_sortition_pool.ts
@@ -27,6 +27,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   )
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      BeaconSortitionPool.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(BeaconSortitionPool)
   }
 
diff --git a/solidity/random-beacon/deploy/03_deploy_beacon_dkg_validator.ts b/solidity/random-beacon/deploy/03_deploy_beacon_dkg_validator.ts
index 84f69c1f21..ae34ed752a 100644
--- a/solidity/random-beacon/deploy/03_deploy_beacon_dkg_validator.ts
+++ b/solidity/random-beacon/deploy/03_deploy_beacon_dkg_validator.ts
@@ -15,6 +15,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   })
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      BeaconDkgValidator.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(BeaconDkgValidator)
   }
 
diff --git a/solidity/random-beacon/deploy/04_deploy_random_beacon.ts b/solidity/random-beacon/deploy/04_deploy_random_beacon.ts
index 72b0c85c27..9ff3a57b6f 100644
--- a/solidity/random-beacon/deploy/04_deploy_random_beacon.ts
+++ b/solidity/random-beacon/deploy/04_deploy_random_beacon.ts
@@ -59,6 +59,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   )
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      RandomBeacon.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(BLS)
     await helpers.etherscan.verify(BeaconAuthorization)
     await helpers.etherscan.verify(BeaconDkg)
diff --git a/solidity/random-beacon/deploy/07_deploy_random_beacon_governance.ts b/solidity/random-beacon/deploy/07_deploy_random_beacon_governance.ts
index 9a5261c115..95e2b41815 100644
--- a/solidity/random-beacon/deploy/07_deploy_random_beacon_governance.ts
+++ b/solidity/random-beacon/deploy/07_deploy_random_beacon_governance.ts
@@ -20,6 +20,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   )
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      RandomBeaconGovernance.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(RandomBeaconGovernance)
   }
 
diff --git a/solidity/random-beacon/deploy/09_deploy_random_beacon_chaosnet.ts b/solidity/random-beacon/deploy/09_deploy_random_beacon_chaosnet.ts
index 0cf013857e..9828554555 100644
--- a/solidity/random-beacon/deploy/09_deploy_random_beacon_chaosnet.ts
+++ b/solidity/random-beacon/deploy/09_deploy_random_beacon_chaosnet.ts
@@ -19,6 +19,11 @@ const func: DeployFunction = async (hre: HardhatRuntimeEnvironment) => {
   )
 
   if (hre.network.tags.etherscan) {
+    await hre.ethers.provider.waitForTransaction(
+      RandomBeaconChaosnet.transactionHash,
+      2,
+      300000
+    )
     await helpers.etherscan.verify(RandomBeaconChaosnet)
   }
 

From 31367734ef7257213faa88b1aa53b372de27ca20 Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 18:40:28 +0200
Subject: [PATCH 8/9] Restore original name of the variable storing accounts'
 private keys

The name must be in line with the Hardhat config.
---
 .github/workflows/contracts-ecdsa.yml         | 4 ++--
 .github/workflows/contracts-random-beacon.yml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index 3cf673d8c4..26f6e1bcc0 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -260,7 +260,7 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
@@ -356,7 +356,7 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 7e38aaeb53..992c48b5de 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -256,7 +256,7 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
@@ -350,7 +350,7 @@ jobs:
             ${{ inputs.github.event.inputs.environment == 'goerli'
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
-          CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
+          ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}

From ece4f94825a344730123c41b6b55b30036b2474e Mon Sep 17 00:00:00 2001
From: Michalina <michalina.cienciala@akena.co>
Date: Tue, 19 Sep 2023 18:49:29 +0200
Subject: [PATCH 9/9] Remove the `KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY`
 variable

The variable is not needed, it's not used anywhere.
---
 .github/workflows/contracts-ecdsa.yml         | 2 --
 .github/workflows/contracts-random-beacon.yml | 2 --
 2 files changed, 4 deletions(-)

diff --git a/.github/workflows/contracts-ecdsa.yml b/.github/workflows/contracts-ecdsa.yml
index 26f6e1bcc0..484bd37c85 100644
--- a/.github/workflows/contracts-ecdsa.yml
+++ b/.github/workflows/contracts-ecdsa.yml
@@ -261,7 +261,6 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           ACCOUNTS_PRIVATE_KEYS: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
@@ -357,7 +356,6 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
diff --git a/.github/workflows/contracts-random-beacon.yml b/.github/workflows/contracts-random-beacon.yml
index 992c48b5de..12e6007283 100644
--- a/.github/workflows/contracts-random-beacon.yml
+++ b/.github/workflows/contracts-random-beacon.yml
@@ -257,7 +257,6 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           ACCOUNTS_PRIVATE_KEYS: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}
 
@@ -351,7 +350,6 @@ jobs:
               && secrets.GOERLI_ETH_HOSTNAME_HTTP
               || secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
           ACCOUNTS_PRIVATE_KEYS: ${{ secrets.DAPP_DEV_TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
-          KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.TESTNET_ETH_CONTRACT_OWNER_PRIVATE_KEY }}
           ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }}
         run: yarn deploy --network ${{ github.event.inputs.environment }}