My understanding is that the hash list in info should protect the integrity of the downloaded files, but could the files be corrupted? Taken from Torrent Poisoning
A malicious user pollutes the file by converting it into another format that is indistinguishable from uncorrupted files (e.g. it may have similar or same metadata).
How could a file be polluted and still pass the integrity test?
Thanks
I am making an assumption here, but I think you are confusing the terms "data" and "metadata". If a file is corrupted, the data itself is a mess, but the information that a system uses to identify that file could be intact according to the system. For example, I present you a glass full of a clear liquid and tell you it's water. From a glance you can see that it is entirely possible it is water, and so you drink it only to find out it is actually vodka. You are the system, and it is only when you actually "used" the glass of liquid that you found out that its contents are not what you expected.
Now give that glass to an expert on verifying that glasses of clear liquid are filled with water, and they will say to you, "No, this is not what it is meant to be". The "expert" is your checksum comparison tool. A checksum will be generated from the entire file, not just the metadata.