From 2ed790394b6e08ab354c0a228efc4b3f403b77d2 Mon Sep 17 00:00:00 2001
From: arkadiuszos4chain <arkadiusz.osowski@4chain.studio>
Date: Thu, 14 Mar 2024 16:15:30 +0100
Subject: [PATCH] fix(BUX-644): handle new paymail pub key

---
 transports/authentication.go | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/transports/authentication.go b/transports/authentication.go
index 110c76f..e11ee43 100644
--- a/transports/authentication.go
+++ b/transports/authentication.go
@@ -44,11 +44,12 @@ func SignInputs(dt *models.DraftTransaction, xPriv *bip32.ExtendedKey) (signedHe
 
 	// Sign the inputs
 	for index, input := range dt.Configuration.Inputs {
+		dst := input.Destination
 
 		// Get the locking script
 		var ls *bscript.Script
 		if ls, err = bscript.NewFromHexString(
-			input.Destination.LockingScript,
+			dst.LockingScript,
 		); err != nil {
 			resError = WrapError(err)
 			return
@@ -59,7 +60,7 @@ func SignInputs(dt *models.DraftTransaction, xPriv *bip32.ExtendedKey) (signedHe
 		// Derive the child key (chain)
 		var chainKey *bip32.ExtendedKey
 		if chainKey, err = xPriv.Child(
-			input.Destination.Chain,
+			dst.Chain,
 		); err != nil {
 			resError = WrapError(err)
 			return
@@ -68,12 +69,22 @@ func SignInputs(dt *models.DraftTransaction, xPriv *bip32.ExtendedKey) (signedHe
 		// Derive the child key (num)
 		var numKey *bip32.ExtendedKey
 		if numKey, err = chainKey.Child(
-			input.Destination.Num,
+			dst.Num,
 		); err != nil {
 			resError = WrapError(err)
 			return
 		}
 
+		// Derive key for paymail destination
+		if dst.PaymailExternalDerivationNum != nil {
+			if numKey, err = chainKey.Child(
+				*dst.PaymailExternalDerivationNum,
+			); err != nil {
+				resError = WrapError(err)
+				return
+			}
+		}
+
 		// Get the private key
 		var privateKey *bec.PrivateKey
 		if privateKey, err = bitcoin.GetPrivateKeyFromHDKey(