A message can be signed and its signing public key recovered given the signature and message hash…
signature = web3.personal.sign(<account>,<message hash>)
pubKey = web3.personal.ecRecover(<message hash>, <signature>)
Is there a way of recovering the message hash given a signature and public key?
Best Answer
No, you cannot recover the message hash from an ECDSA signature. The siagnture is calculated by generating
(x, y) = kG
wherek
is the secret nonce andG
is the generator for the curve. Thenr = x
ands = k^(-1)(z + rd)
wherez
is the message andd
is the private key. We can retrieve the public keydG
by seeing thatr^(-1) (kGs - zG) = dG
. But trying to do the same forz
will only ever result inzG
, since we do not knowk
, onlykG
. Findingz
givenzG
is exactly the DLP on the elliptic curve and is not feasible to compute.Edit 2: It should be noted that while computing the message hash is infeasible, it is possible to check guesses, if the message was not salted before hashing (which it usually isn't). So if the message comes from a small set of possibilities then it can be recovered.
Edit: links for further reading
https://en.m.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm
https://crypto.stackexchange.com/questions/18105/how-does-recovering-the-public-key-from-an-ecdsa-signature-work