The hash is called the ‘read only hash’. It is there to ensure that the client cannot change a read only attribute. Mendix calculates this hash at the server and sends it to the client. When the client sends data back, the hash has to match with the data. Since the client cannot calculate the hash, it cannot change attributes – or it can change the data, but that change will be rejected by the server, since the hash does not match.
Your email attribute does not have a hash, because you have write rights to that attribute.
The hash calculation is secret, and it probably contains data that is only accessible on the server: if it was known, you could avoid the read only restriction on attributes.
You can read more about this in this blog.
A final remark: you are not required to calculate the hash to perform automated testing. You receive the hash from the server, and you must return it. Most UI automated test tooling has no issue with this (LoadRunner / Ranorex to name two I have experience with).