Explodicle- There is no "hashing code" to download. The way it actually works is that the user visits our Paper Vault pages and downloads the source code for these pages according to the instructions at
https://thebankofbitcoin.com/docs/check_for_yourself.php?lang=en. The idea is that if this source remains unchanged then it has not been altered by a hacker, and no malicious code has been injected as you said.
There are many ways to check if this source code remains unchanged. On the page listed above we provide instructions for doing this by using a online md5 hash generator. The md5 hashes of the two pages in question should be 9cd21c1046322458a873a986ab3d6e37 and cd1b9831ea887c88faf25178de0b5f27. I don't know if anyone has actually followed the instructions for checking the source code, but would be interested in their experience and any feedback on the process we have described.
reads this second paragraph. lets it sink in for exactly half a second. searches google for md5cracker.