The ECRECOVER function allows to infer from a hash and an associated ECDSA signature a list of public keys whose associated private keys may have generated the signature. From those candidate keys and some additional information, for example a bitcoin or Ethereum address, one can identify the correct public key whose companion private key signed the hash.

The function takes as input a parameter map with the following elements:

curveThe name of the ECC curve used by the key to recover.
hashByte array of the hash which was signed.
sigByte array of the signature, as generated by ECSIGN.
coordsOptional boolean flag indicating whether or not to return the coordinates of the R point.
ECRECOVER is available since version 2.8.0.

See also



{ 'curve' 'secp256r1' 'Q' '04e68f43c270c5cd8e3e164270719a71b048c7e354a304368089bb34ddc2649ea609e1a2ecb1410339cb441aa8bde6645c696324bbb31ca7976bd02eb49a0ce1e5' } ECPUBLIC { 'curve' 'secp256r1' 'd' '9221312265881102193994061677412966522579075775587981843061690509718891533767' } ECPRIVATE [ 'pub' 'priv' ] STORE 'Vires in numeris' 'ASCII' ->BYTES 'message' STORE $message 'SHA256withECDSA' $priv ECSIGN 'sig' STORE $message SHA256 'hash' STORE { 'curve' 'secp256r1' 'sig' $sig 'hash' $hash } ECRECOVER