Ask Anvil

Answers to questions about automating PDFs, e-signatures, Webforms, and other paperwork problems.
E-signatures
Categories

Why does editing a PDF after it's signed break the e-signature?

You signed a PDF, everything looked fine, and then someone opened it in a PDF editor, added a field, or re-saved it. Now the signing tool or PDF reader reports that the signature is invalid or that the document has been modified since signing. Nothing is corrupted. This is the system working as designed.

Why a signed PDF cannot be edited

An electronic signature does not sit on top of a document like a sticker. At the moment of signing, the platform computes a cryptographic hash (a fingerprint) of the exact bytes of the file and binds the signature to that hash. eIDAS Article 26 spells this out directly: an advanced electronic signature must be linked to the signed data so that any subsequent change is detectable. A defensible audit trail stores both the pre-sign and post-sign document hashes for exactly this reason. Change a single byte and the recomputed hash no longer matches the signed one, so validators conclude the file was altered after signing.

Common edits that silently invalidate it

The trap is that many routine actions rewrite the file even when the visible content looks untouched. The usual culprits are flattening the PDF, opening and re-saving it in a PDF editor, merging or appending pages, adding annotations or stamps, and passing the signed file through a PDF library that rewrites its structure on export. Any of these produces new bytes, and new bytes mean a broken signature.

How to fix it

Finalize everything before the document goes out for signature: fill every field, lock the formatting, and confirm the content is final. Treat the completed, signed PDF as read-only. Keep the sealed original and its audit trail as your system of record, and distribute copies rather than editing the source. If something genuinely needs to change after signing, do not patch the signed file. Issue a new version and collect signatures again, so the new document carries its own valid hash and audit trail.

This is also how Anvil's Etch e-sign behaves: once a packet is completed it is sealed, with the document hashes recorded in the audit trail, so later changes are detectable rather than silent. To change a signed document, you send a new signature packet instead of editing the original.

Back to All Questions

The fastest way to build software for documents

Anvil Document SDK is a comprehensive toolbox for product teams launching document flows where PDF filling, signing, and complex conditional scenarios are necessary.
Explore Anvil
Anvil Webforms