I don't really understand authy: does it not keep your 2FA tokens in "the cloud" behind a password? Therefore, does this not make them equivalent to a password, and negate the whole point of 2FA?
I believe that functionality is opt-in (or a very prominent opt-out process), but yes I would say you no longer "have" the key, but are turning it into "knowing" a password required to retrieve the key.
Still Zero-Knowledge, but no longer really 2FA.
I still us Authy for a lot of my keys because (1) I have that cloud function off and (2) the UI is better than GA IMHO.