The installation guide for MacOS starts with a recommendation that a T2 chip will keep you safe, so you don't need to worry about an unencrypted volume, but this chip was recently compromised, so maybe that is no longer the best advice to lead with.

Regarding docs, I think this shouldn't be the first piece of advice to give. I also grepped for "t2" in the repo and there is a reference to it in the code, but I am in no position to comment on the assumptions there.