Completely untrue. The OTP is not used for any kind of FIRM encryption at all. Rather, the OTP is used in FIRM
decryption.
The OTP is used to calculate keys that are used in arm9loader to decrypt FIRM0 & FIRM1. The FIRMs are signed by Nintendo, which obviously we can't change and still have signed. However, what we do is add a payload to the end of FIRM0. Because FIRM0 isn't signed, the bootrom does not jump to it and reads the backup FIRM1, which is smaller, and thus our payload isn't unloaded when the valid FIRM1 is read and prepared to jump to. Now here's where the OTP comes into play. Simplified to an extreme, the FIRM1 is signed by Nintendo, but that doesn't mean it has to be read correctly, thanks to the unsigned keystore flaw. Because the keys are derived from the OTP, we obtain our OTP to mathematically determine a very special key. This key, when used by the bootrom to decrypt FIRM1, will decrypt FIRM1 to, at the point where ARM9 jumps in, have an instruction to jump to our payload, still loaded in at the end of memory. Rekt.
I hope this answered any questions, and wasn't too confusing. Tell me if there's something I didn't cover, or doesn't make sense
Something else to mention: FIRM0 is the only integrity check that's failed. The arm9loader does not check the keystore, which unknowingly leads itself to its doom.