How to unlock notes on iCloud after forgetting password?

I just needed someone to discuss that occurred to me problem to, because I am a little bit lost. So, I wanted to hear your opinion on recovering the dropped notes password (password that I had reset through settings) on notes from iCloud — and back then I tried to put a new one and lock a few new notes with it in hoping that, maybe, app will ask me if I wanted to update my password for another notes, back then I didn’t know it wouldn’t ever work. It was just the first impulsive thing that came up to my mind, now I am indeed regretting it, but there’s nothing to change about it now. The confusing me thing is that the Notes that had been secured with that old password (I am looking just for one) now have zcryptoiterationcount setted to 0 in NoteStore.sqlite db. They have different zcryptosalts in 16 bytes and different zwrappedkeys in 16 bytes, even though it is still the same password. Znotedata is encrypted, they have tags, initialisation vector in there as well, they have no crypto verifier, but I don’t know how had the wrapped key been gotten — it’s like a mystery. I have a lack of acknowledgment to the whole process, I know that they do PBKDF2-SHA256 to a password with a salt and 20000 iterations, with that they get KEK. Then they wrap key with AES key wrap algorithm and, I guess, that’s how they get 24-byte key (by adding an extra 8-bytes on to the key material during wrapping), I have read all available information in the docs. If I am not right about it — pls, correct me with the explanation about steps in wrapping key. I have all, literally all the variants of that password (I just don’t know the things like order of upper and lower cases), and I have had a thought that

1) maybe the wrapped 16-bytes (32 symbols in blob/hex) key I saw in NoteStore.sqlite is the result of one-time PBKDF2-SHA256, maybe it was used just once. And I tried to do PBKDF2-SHA256 with only one salt on my passwords as well and tried to look for coincidences with that wrapped key I have, the right one from db (to make it clear, i mentioned earlier that notes that have been protected with that one password, they have different pairs of salt and wrapped key, so I used one salt and one wrapped key from one row to that, to see the coincidences) — but all of that didn’t bring me the result I wanted, bc there is no match, so it isn’t the right answer.

2) And the second thought was that the wrapped key I saw in db NoteStore.sqlite was just somehow gotten out of salt? Or it’s just indeed the KEK? I can’t see other explanations, but maybe you’ve got something in mind. I haven’t found anything applicable to case in which you did the reset of iCloud Notes password.

3) In the long run, I have read that if your backup is done after changing the password, the original key is gone. Meaning that — to change the passphrase on a secure note, the user must enter the current passphrase, as Touch ID and Face ID aren’t available when changing the passphrase. After choosing a new passphrase, the Notes app rewraps the keys of all existing notes in the same account that are encrypted by the previous passphrase.

But due to this information I can not understand one particular thing — Then how that I suddenly remembered my old password will give me the access to Note? I’m sorry if I didn’t understand that properly, but for me it’s becoming extremely confusing. If original key is gone after that, then where is it stored if not in NoteStore.sqlite?

I would really appreciate any suggestions and I would be more than grateful if you know something and can share it or explain it to me. Cause, guys, these notes, they are life-needing. Please, shine some light on my mind, even if there no solution it would be just fine to make it at least clear to be able to understand mechanisms.

[Re-Titled by Moderator]