0
I'm a paranoid newb, I bought a hardware wallet (Ledger nanos) and have transferred funds to it. I noticed that it generates P2SH addresses, so how could I know if the script hashed is spendable by my own wallet only?
The wallet could very well generate P2SH multisig addresses that could be spendable remotely by the wallet manufacturer.
I understand I could transfer these funds to myself and check the ScriptSig, but that would be too late.
1The question title is a bit misleading because you really want to know how to know that your ledger wallet is secured, not really about the address or why it is or is not 'spendable'. – PW Kad – 2019-02-21T22:13:06.503
This is why it is better to create your own addresses using a good source of entropy. I don't know if they release the source for the key generation, but you could check here: https://github.com/LedgerHQ
– JBaczuk – 2019-02-21T22:35:27.890