If an archive is modified manually without re-signing, or if it utilizes untrusted "test keys", stock recovery logs will throw a fatal failed to verify whole-file signature error. This safeguard protects devices from malicious privilege escalation or bricking from corrupted transfers. How to Flash update-signed.zip Packages
This indicates that the file is intended to modify, patch, or replace the existing software on a device. It is not a full factory image in the traditional sense (though it can be), but rather a package designed for the recovery environment to process. Updates can range from small OTA (Over-The-Air) security patches to full operating system replacements. update-signed.zip