I am also annoyed by the switch to a SaaS-model, but I don‘t think this hurt security in any way, and for most people (i.e. those that used to sync their vault via cloud storage) probably improved it quite a bit.
If you store the secret key locally and only locally, the threat model should be the same as before.
If you store the secret key locally and only locally, the threat model should be the same as before.