The *.map.json reverse map is the identity it hides — a leaked map is a full disclosure. Add optional encryption-at-rest (passphrase / age / OS keyring) with a flag like --encrypt-map, so the map isn't stored as plaintext. See the security model in README / SECURITY.md.
The
*.map.jsonreverse map is the identity it hides — a leaked map is a full disclosure. Add optional encryption-at-rest (passphrase / age / OS keyring) with a flag like--encrypt-map, so the map isn't stored as plaintext. See the security model in README / SECURITY.md.