ethereumjs-wallet can be used to get public key from private key:
> const hdkey = require('ethereumjs-wallet/hdkey')
> const privateKey = hdkey.fromMasterSeed('random')._hdkey._privateKey
> const Wallet = require('ethereumjs-wallet')
> const wallet = Wallet.fromPrivateKey(privateKey)
> wallet.getPublicKeyString()
'0x11f2b30c9479ccaa639962e943ca7cfd3498705258ddb49dfe25bba00a555e48cb35a79f3d084ce26dbac0e6bb887463774817cb80e89b20c0990bc47f9075d5'
> wallet.getPublicKey()
<Buffer 11 f2 b3 0c 94 79 cc aa 63 99 62 e9 43 ca 7c fd 34 98 70 52 58 dd b4 9d fe 25 bb a0 0a 55 5e 48 cb 35 a7 9f 3d 08 4c e2 6d ba c0 e6 bb 88 74 63 77 48 ... >
Another option is to use ethereumjs-util (which is used by ethereumjs-wallet internally):
> const util = require('ethereumjs-util')
> util.privateToPublic(privateKey)
<Buffer 11 f2 b3 0c 94 79 cc aa 63 99 62 e9 43 ca 7c fd 34 98 70 52 58 dd b4 9d fe 25 bb a0 0a 55 5e 48 cb 35 a7 9f 3d 08 4c e2 6d ba c0 e6 bb 88 74 63 77 48 ... >
Yet another option is secp256k1:
> const secp256k1 = require('secp256k1')
> secp256k1.publicKeyCreate(privateKey, false).slice(1)
<Buffer 11 f2 b3 0c 94 79 cc aa 63 99 62 e9 43 ca 7c fd 34 98 70 52 58 dd b4 9d fe 25 bb a0 0a 55 5e 48 cb 35 a7 9f 3d 08 4c e2 6d ba c0 e6 bb 88 74 63 77 48 ... >
slice(1)
is to drop type byte which is hardcoded as 04
ethereum.
Everything in a contract is public so it is not a good idea to store the private keys inside a contract to decode messages. A hacker can determine your private key and create fake messages.
Also not a good idea to have a hardcoded private key in your mobile app. It is possible that a hacker can do a reverse engineering and find your keys.
It is hard to recommend something without more details. Probably I'd create a new pair private/public key on installation and store them in secure storage of the OS, and register the public key with your contract.
Now your app can sign transaction with its private key and send the signed message to the contract. The contract can use the ecrecover trick to recover the public key of the message signature and verify it is one of the registered in the contract.
Best Answer
The eth-accounts module in web3.js is in memory operation, the account was created in memory, and you can signed transaction by account.
If you want to create account in memory, web3.php doesn't support this now.
If you want to create account in your geth/parity node, you can use personal module.
Also I'm working on this ethereum-wallet (https://github.com/web3p/ethereum-wallet), it might help you when I finish.