The ECDSA code warns us here: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol#L46
IMPORTANT: hash
must be the result of a hash operation for the verification to be secure: it is possible to craft signatures that recover to arbitrary addresses for non-hashed data.
Can someone explain this attack to me? Presumably, we sign the hash, so why can't the attacker just hash a different message and then craft a signature for the new hash?
I'm genuinely curious how this attack would be pulled off. Are there any academic papers on the topic?