You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
## **Description**
1. What is the reason for the change?
- This fix addresses a user facing bug in production
- When a user locks the wallet and goes through the forget password
flow, the wallet is not accessible with the new password. Instead the
user must use the old password to unlock the wallet.
- This is a bug in the keyring controller because the encryptionKey gets
generated with the old password and is not reset when the user locks the
wallet and generates a new password.
2. What is the improvement/solution?
- This fix upgrades the keyring controller to version
[17.1.1](https://github.com/MetaMask/core/blob/main/packages/keyring-controller/CHANGELOG.md#1711)
which fixes this bug by clearing the encryption key/salt when the user
locks the wallet as well as when they submit their password. This
ensures that the encryption key is always in sync with the latest
password.
- The keyring controller pr for this fix can be found
[here](MetaMask/core#4514)
- This change involved a major version bump for the keyring controller
from 16 to 17.
[Here](https://github.com/MetaMask/core/blob/main/packages/keyring-controller/CHANGELOG.md#1711)
is the changelog for this bump.
[](https://codespaces.new/MetaMask/metamask-extension/pull/25847?quickstart=1)
## **Related issues**
Fixes: #25696
## **Manual testing steps**
- Open the extension
- Proceed to Forget password flow
- Paste your secret recovery phrase
- Set a new different password
- Proceed to Restore your Wallet
- After entering the account, lock it and try to login with the new
password
- You should be able to log in with your new password
## **Screenshots/Recordings**
<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->
### **Before**
https://github.com/MetaMask/metamask-extension/assets/82837486/0de00905-ee01-4241-a90e-da60c5eb0976
### **After**
https://github.com/user-attachments/assets/f1f091c4-8974-415d-af28-d7b0b46184cb
## **Pre-merge author checklist**
- [x] I've followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask
Extension Coding
Standards](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-extension/blob/develop/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.
## **Pre-merge reviewer checklist**
- [x] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [x] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.
---------
Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
](https://codespaces.new/MetaMask/metamask-extension/pull/25847?quickstart=1){kind=link}
0 commit comments