It's basically E2EE (where the encryption key is your master password + secret key, which looks similar to a guid), with the caveat being that 1password is still accessible via the browser so you do have to trust they're not compromising you by saving your secret key + master password separately (that is, unless you're auditing the login page every time you open it).
It's basically E2EE (where the encryption key is your master password + secret key, which looks similar to a guid), with the caveat being that 1password is still accessible via the browser so you do have to trust they're not compromising you by saving your secret key + master password separately (that is, unless you're auditing the login page every time you open it).