diff --git a/nix/lib/assertEnvVarSet.nix b/nix/lib/checkEnvVarSet.nix
similarity index 66%
rename from nix/lib/assertEnvVarSet.nix
rename to nix/lib/checkEnvVarSet.nix
index 0c7aea2b11..0ab5916bca 100644
--- a/nix/lib/assertEnvVarSet.nix
+++ b/nix/lib/checkEnvVarSet.nix
@@ -1,7 +1,6 @@
 # Helper for verifying an environment variable is set
 name: ''
   if [[ -z ''$${name} ]]; then 
-    echo 'Not env var set: ${name}' >&2
-    exit 1
+    echo 'WARNING! Env var not set: ${name}' >&2
   fi
 ''
diff --git a/nix/lib/default.nix b/nix/lib/default.nix
index 841c59a387..a233e716c0 100644
--- a/nix/lib/default.nix
+++ b/nix/lib/default.nix
@@ -4,5 +4,5 @@
   getConfig = import ./getConfig.nix { inherit lib config; };
   mkFilter = import ./mkFilter.nix { inherit lib; };
   mergeSh = import ./mergeSh.nix { inherit lib; };
-  assertEnvVarSet = import ./assertEnvVarSet.nix;
+  checkEnvVarSet = import ./checkEnvVarSet.nix;
 }
diff --git a/nix/mobile/android/jsbundle/default.nix b/nix/mobile/android/jsbundle/default.nix
index 8aaec0a160..2c141bf223 100644
--- a/nix/mobile/android/jsbundle/default.nix
+++ b/nix/mobile/android/jsbundle/default.nix
@@ -47,6 +47,7 @@ stdenv.mkDerivation {
   # For optional INFURA_TOKEN variable
   secretsPhase = if (secretsFile != "") then ''
     source "${secretsFile}"
+    ${lib.checkEnvVarSet "INFURA_TOKEN"}
   '' else ''
     echo "No secrets provided!"
   '';
diff --git a/nix/mobile/android/release.nix b/nix/mobile/android/release.nix
index cd8cb48d0e..89c3465bd4 100644
--- a/nix/mobile/android/release.nix
+++ b/nix/mobile/android/release.nix
@@ -17,7 +17,7 @@ assert (lib.stringLength watchmanSockPath) > 0 -> stdenv.isDarwin;
 let
   inherit (lib)
     toLower optionalString stringLength assertMsg
-    getConfig makeLibraryPath assertEnvVarSet elem;
+    getConfig makeLibraryPath checkEnvVarSet elem;
 
   # Pass secretsFile for INFURA_TOKEN to jsbundle build
   builtJsBundle = jsbundle { inherit secretsFile; };
@@ -87,8 +87,8 @@ in stdenv.mkDerivation rec {
   STATUS_GO_ANDROID_LIBDIR = "${status-go}";
 
   phases = [
-    "unpackPhase" "secretsPhase" "secretsCheckPhase"
-    "keystorePhase" "buildPhase" "checkPhase" "installPhase"
+    "unpackPhase" "secretsPhase" "keystorePhase"
+    "buildPhase" "checkPhase" "installPhase"
   ];
 
   unpackPhase = ''
@@ -119,6 +119,9 @@ in stdenv.mkDerivation rec {
   # if secretsFile is not set we use generate keystore
   secretsPhase = if (secretsFile != "") then ''
     source "${secretsFile}"
+    ${checkEnvVarSet "KEYSTORE_ALIAS"}
+    ${checkEnvVarSet "KEYSTORE_PASSWORD"}
+    ${checkEnvVarSet "KEYSTORE_KEY_PASSWORD"}
   '' else keystore.shellHook;
 
   # if keystorePath is set copy it into build directory
@@ -128,11 +131,6 @@ in stdenv.mkDerivation rec {
     export KEYSTORE_PATH="$PWD/status-im.keystore"
     cp -a --no-preserve=ownership "${keystorePath}" "$KEYSTORE_PATH"
   '';
-  secretsCheckPhase = ''
-    ${assertEnvVarSet "KEYSTORE_ALIAS"}
-    ${assertEnvVarSet "KEYSTORE_PASSWORD"}
-    ${assertEnvVarSet "KEYSTORE_KEY_PASSWORD"}
-  '';
   buildPhase = let
     adhocEnvVars = optionalString stdenv.isLinux
       "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${makeLibraryPath [ pkgs.zlib ]}";
diff --git a/scripts/release-android.sh b/scripts/release-android.sh
index 863d4a4c07..ba0d740776 100755
--- a/scripts/release-android.sh
+++ b/scripts/release-android.sh
@@ -7,20 +7,19 @@ GIT_ROOT=$(cd "${BASH_SOURCE%/*}" && git rev-parse --show-toplevel)
 source "${GIT_ROOT}/scripts/colors.sh"
 
 function must_get_env() {
-  declare -n VAR_NAME="$1"
-  if [[ -n "${VAR_NAME}" ]]; then
-      echo "${VAR_NAME}"
+  declare -n VAR_VALUE="$1"
+  if [[ -n "${VAR_VALUE}" ]]; then
+      echo "${VAR_VALUE}"
       return
   fi
-  echo -e "${RED}No required env variable:${RST} ${BLD}${!VAR_NAME}${RST}" 1>&2
+  echo -e "${RED}No required env variable:${RST} ${BLD}${!VAR_VALUE}${RST}" 1>&2
   exit 1
 }
 
 function append_env_export() {
-  ENV_VAR_NAME=${1}
-  if [[ -n "${!ENV_VAR_NAME}" ]]; then
-    echo "export ${ENV_VAR_NAME}=\"${!ENV_VAR_NAME}\";" >> "${SECRETS_FILE_PATH}"
-  fi
+  VAR_NAME=${1}
+  VAR_VALUE=$(must_get_env "${VAR_NAME}")
+  echo "export ${VAR_NAME}=\"${VAR_VALUE}\";" >> "${SECRETS_FILE_PATH}"
 }
 
 config=''
@@ -38,15 +37,23 @@ config+="status-im.android.abi-split=\"$(must_get_env ANDROID_ABI_SPLIT)\";"
 config+="status-im.android.abi-include=\"$(must_get_env ANDROID_ABI_INCLUDE)\";"
 nixOpts=()
 
-# If no secrets were passed there's no need to pass the 'secretsFile'
+# We create if now so the trap knows its location
+export SECRETS_FILE_PATH=$(mktemp)
+chmod 644 ${SECRETS_FILE_PATH}
+# If secrets file was created we want to remove it.
+trap "rm -vf ${SECRETS_FILE_PATH}" EXIT ERR INT QUIT
+# Secrets like this can't be passed via args or they end up in derivation.
 if [[ -n "${KEYSTORE_ALIAS}${KEYSTORE_ALIAS}${KEYSTORE_ALIAS}" ]]; then
-  # Secrets like this can't be passed via args or they end up in derivation
-  SECRETS_FILE_PATH=$(mktemp)
-  trap "rm -f ${SECRETS_FILE_PATH}" EXIT ERR INT QUIT
-  chmod 644 ${SECRETS_FILE_PATH}
+  # WARNING: All three have to be set!
   append_env_export 'KEYSTORE_PASSWORD'
   append_env_export 'KEYSTORE_ALIAS'
   append_env_export 'KEYSTORE_KEY_PASSWORD'
+fi
+if [[ -n "${INFURA_TOKEN}" ]]; then
+  append_env_export 'INFURA_TOKEN'
+fi
+# If no secrets were passed there's no need to pass the 'secretsFile'.
+if [[ -s "${SECRETS_FILE_PATH}" ]]; then
   nixOpts+=("--argstr" "secretsFile" "${SECRETS_FILE_PATH}")
 fi