The CGST Rules require all invoices (including credit notes/debit notes) to be physically signed by an authorised representative of the entity issuing the invoice. However, such a person may also place his digital signature if it is affixed as per the provisions of the Information Technology Act, 2000.
The e-invoicing system requires a supplier to upload the JSON of the invoice onto the Invoice Registration Portal (IRP). The JSON will have to follow specific mandatory and optional parameters while reporting the invoices. The digital signature is one of the optional parameters in this case. The IRP will generate the hash (Invoice Registration Number or IRN), and then digitally sign the JSON if it is deemed to be valid, using its private key. If the signed JSON is tampered with, then e-invoice will become invalid and the digital signature will fail.
Once the e-invoice is signed by the IRP, it will be a valid e-invoice to be used by the seller for his business transactions. The IRP will also forward this digitally signed e-invoice to the GSTN and the e-way bill system.