fix: confusing error message when using wrong password (#5627)

mikesposito · web-flow · commit 5dab9caf6088 · 2025-04-15T15:29:12.000Z
## Explanation  When calling `submitPassword` with the wrong password, a confusing error is shown instead of `Incorrect password`. This is due to the recently added metadata length check in `#restoreSerializedKeyrings`, which doesn't match the correct behavior when `isUnlocked = true`. We can move the metadata length check to `#unlockKeyrings`, so that it will be skipped everytime the controller is locked ## References  * Related to MetaMask/metamask-extension#31436 ## Changelog  Changelog updated in the PR ## Checklist - [ ] I've updated the test suite for new or updated code as appropriate - [ ] I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate - [ ] I've communicated my changes to consumers by [updating changelogs for packages I've changed](https://github.com/MetaMask/core/tree/main/docs/contributing.md#updating-changelogs), highlighting breaking changes as necessary - [ ] I've prepared draft pull requests for clients and consumer packages to resolve any breaking changes
diff --git a/packages/keyring-controller/CHANGELOG.md b/packages/keyring-controller/CHANGELOG.md
@@ -12,6 +12,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `ExportableKeyEncryptor` is now a generic type with a type parameter `EncryptionKey` ([#5395](https://github.com/MetaMask/core/pull/5395))
   - The type parameter defaults to `unknown`
 
+### Fixed
+
+- Fixed wrong error message thrown when using the wrong password ([#5627](https://github.com/MetaMask/core/pull/5627))
+
 ## [21.0.2]
 
 ### Changed
diff --git a/packages/keyring-controller/src/KeyringController.test.ts b/packages/keyring-controller/src/KeyringController.test.ts
@@ -2734,6 +2734,21 @@ describe('KeyringController', () => {
               expect(controller.state.encryptionSalt).toBeDefined();
             });
           });
+
+        it('should throw error when using the wrong password', async () => {
+          await withController(
+            {
+              skipVaultCreation: true,
+              cacheEncryptionKey,
+              state: { vault: 'my vault' },
+            },
+            async ({ controller }) => {
+              await expect(
+                controller.submitPassword('wrong password'),
+              ).rejects.toThrow('Incorrect password.');
+            },
+          );
+        });
       }),
     );
   });
diff --git a/packages/keyring-controller/src/KeyringController.ts b/packages/keyring-controller/src/KeyringController.ts
@@ -2159,10 +2159,6 @@ export class KeyringController extends BaseController<
     for (const serializedKeyring of serializedKeyrings) {
       await this.#restoreKeyring(serializedKeyring);
     }
-
-    if (this.#keyrings.length !== this.#keyringsMetadata.length) {
-      throw new Error(KeyringControllerError.KeyringMetadataLengthMismatch);
-    }
   }
 
   /**
@@ -2240,6 +2236,13 @@ export class KeyringController extends BaseController<
       }
 
       await this.#restoreSerializedKeyrings(vault);
+
+      // The keyrings array and the keyringsMetadata array should
+      // always have the same length while the controller is unlocked.
+      if (this.#keyrings.length !== this.#keyringsMetadata.length) {
+        throw new Error(KeyringControllerError.KeyringMetadataLengthMismatch);
+      }
+
       const updatedKeyrings = await this.#getUpdatedKeyrings();
 
       this.update((state) => {
