fix(sdk): change password should work with ofc multi-user key

alextse-bg · alextse-bg · commit b504d95832ec · 2026-01-15T13:17:47.000-05:00
TICKET: WP-7461
diff --git a/modules/bitgo/test/v2/unit/keychains.ts b/modules/bitgo/test/v2/unit/keychains.ts
@@ -341,6 +341,37 @@ describe('V2 Keychains', function () {
         const keys = await keychains.updatePassword({ oldPassword: oldPassword, newPassword: newPassword });
         validateKeys(keys, newPassword, 1);
       });
+
+      it('should update multi-user-ofc keys', async function () {
+        nock(bgUrl)
+          .get('/api/v2/tltc/key')
+          .query(true)
+          .reply(200, {
+            keys: [
+              {
+                id: 'randomid1',
+                encryptedPrv: bitgo.encrypt({ input: 'xprv1', password: oldPassword }),
+                coinSpecific: {
+                  ofc: {
+                    features: ['multi-user-key'],
+                  },
+                },
+              },
+              {
+                id: 'randomid2',
+                encryptedPrv: bitgo.encrypt({ input: 'xprv2', password: otherPassword }),
+                coinSpecific: {
+                  ofc: {
+                    features: ['multi-user-key'],
+                  },
+                },
+              },
+            ],
+          });
+
+        const keys = await keychains.updatePassword({ oldPassword: oldPassword, newPassword: newPassword });
+        validateKeys(keys, newPassword, 1);
+      });
     });
 
     describe('Create TSS Keychains', function () {
diff --git a/modules/sdk-core/src/bitgo/keychain/keychains.ts b/modules/sdk-core/src/bitgo/keychain/keychains.ts
@@ -119,7 +119,11 @@ export class Keychains implements IKeychains {
             newPassword: params.newPassword,
           });
           if (updatedKeychain.encryptedPrv) {
-            const changedKeyIdentifier = updatedKeychain.type === 'tss' ? updatedKeychain.id : updatedKeychain.pub;
+            // Both TSS and multi-user-ofc keys have multiple public keys in their key document and thus need to use objectID
+            const changedKeyIdentifier =
+              updatedKeychain.type === 'tss' || Keychains.isMultiUserKey(updatedKeychain)
+                ? updatedKeychain.id
+                : updatedKeychain.pub;
             if (changedKeyIdentifier) {
               changedKeys[changedKeyIdentifier] = updatedKeychain.encryptedPrv;
             }
