Ethereumjs-utils – Getting an Address Using ethereumjs-utils ecrecover

Geth adds prefix to the message before siginig it in web3.eth.sign (see JSON-PRC spec). Without this it can be possible to trick user to sign transaction (more here).

So, the correct code to sign message with web3.eth.sign and recover address with ethereumjs-util.ecrecover or (Solidity's ecrecover) should add the prefix explicitly.

const util = require('ethereumjs-util')

const msg = new Buffer('hello');
const sig = web3.eth.sign(web3.eth.accounts[0], '0x' + msg.toString('hex'));
const res = util.fromRpcSig(sig);

const prefix = new Buffer("\x19Ethereum Signed Message:\n");
const prefixedMsg = util.sha3(
  Buffer.concat([prefix, new Buffer(String(msg.length)), msg])
);

const pubKey  = util.ecrecover(prefixedMsg, res.v, res.r, res.s);
const addrBuf = util.pubToAddress(pubKey);
const addr    = util.bufferToHex(addrBuf);

console.log(web3.eth.accounts[0],  addr);

There is misleading inconsistency with ethereumjs-testrpc as it does not prefix message before signing it in web3.eth.sign.

Since you mention it's an ECDSA key, I assume you're talking about using the same crypto that Ethereum uses for signatures. If you want to do this in Solidity, the simplest and most efficient thing will still be to use ecrecover.

As you say ecrecover returns an address, not a public key. But an Ethereum address is derived from the public key, so if you want to check the signed data was signed with a given public key inside the contract, you can recreate the address from the public key, then use ecrecover to get the address, and make sure they match. This answer tells you how you could derive an address from a public key in Solidity: https://ethereum.stackexchange.com/a/15190/774

However, addresses are shorter and easier to handle than public keys, so this derivation is more commonly done outside solidity, with a design that only requires the contracts to manage addresses.