The author said that he changed his password and then got a new device and accessed recent iMessages on it. So that rules out the password as the encryption key.
It rules out the password as the encryption key, but it doesn't rule out encrypted backups. Implementations of encrypted volumes, such as in LUKS on Linux, commonly use the password as something that unlocks the real encryption key. So during password change, the new password could be used to re-encrypt the backup encryption key, making it so that as long as Apple doesn't store the passwords, Apple can't have access to the encrypted backups.
However, this is really far into the weeds on a topic that doesn't matter so much, as none of it really relates to Apple's claims about iMessages.
He reset his password using the IForgot service. So either data is encrypted under a key apple has or its encrypted under a key derived from your secret answers( which is unlikely). In the latter case, Apple might as well have your key given the limited entropy
Or it could be encrypted by a random key with high entropy, that Apple does not have, because it is encrypted by a key derived from your password. See, for example, LUKS:
And that key got onto his new device how precisely? Observed behavior was reset password with questions/email, prevision a new device, get old chats on new divice. If the new device had the old encryption key, how did it get there?
