If you are developing an Android Open Source Project ( AOSP ) custom ROM, an app package to install in /system/priv-app/ , or a firmware update, you must sign your archive manually.
: In older enthusiast communities (such as for the Samsung Galaxy Mini or ZTE Blade), files with this name were often used to gain root access or "debrand" carrier-locked devices. update-signed.zip
Understanding update-signed.zip: The Core of Android Flashing and Recovery If you are developing an Android Open Source
Upon ingestion of update-signed.zip , the system initiates a forensic scan. This is not a simple checksum comparison; it is a full cryptographic proof-of-work. or a firmware update