Can a third-party attacker extract public key?

Question

Can a third-party attacker extract the public key in the signed firmware(.zip) generated by nrfutil through decompile hex or bin file?

Roger Clark · Accepted Answer

AFIK. 
 The firmware (binary) is signed but not encrypted by nrfutil 
 Hence they public key can be extracted. 
 However Nordic uses public key encryption, so that even if the public key is discovered, its not possible to create signed firmware unless you know the Private key - 
 If you want you firmware binary to be encrypted so that it can be reverse engineered, you'll need to encrypt the firmware and use a bootloader that decrypts as well as just checking that signature. 
 @RK. You pipped me to the post.