Rails compiles assets both with and without md5 hash, why?
The reason it does it is so that you can access the files without knowing the MD5 fingerprint (for example in a non-rails application, or a file within the rails app which isn't compiled or run by the rails stack (e.g. a 500/502 status error page). In this case you would have to compile the assets then change the css/js links in the static HTML files each time you updated the code (thus causing a change in the MD5 hash).
So instead rails produces 2 copies of each asset file, one with the fingerprint in the filename, the other without (e.g. application-731bc240b0e8dbe7f2e6783811d2151a.css, and application.css). The fingerprinted version is obviously preferred (see 'what is fingerprinting and why should I care' in the rails asset pipeline guide). But the non-digested version is there as a fallback.
As a final thought on the matter I'd take a read of the following pull request to the rails git repo: https://github.com/rails/rails/pull/5379 where they are discussing the pros and cons of the non-digested filenames, and the possibility of being able to turn off compilation of them.
HTH