You might first read Bitwarden’s Security Whitepaper. Many of your ideas are already addressed in some fashion.
“Key file” and “Secret Key” are the terms I have seen for this concept. Bitwarden has stated that they have no plans to implement this functionality as they have similar protections that do not increase user-overhead.
If a keyfile is important to you, you could (somewhat inconveniently) simulate one by appending to your typed master password a random string copy/pasted from a file you keep on your device(s).
Turns out that your vault is only ever decrypted on your device, even when using the website. And, your master password never leaves your device. It is never transmitted over the Internet, and it never is given to the Bitwarden servers.
If logged out, the entire vault is removed from your device. A cached encrypted copy is kept if you keep your vault logged in, but locked. When locked, the decryption key is not (directly) on your device. It is either regenerated when you type your master password, or it is retrieved from your hardware security device (the TPM) if you enable unlock with biometrics.
Many people have reported they value the current read-only access to your vault when the cloud storage is under maintenance or you have no connectivity.
In a sense, this “optional feature” exists today in that one can completely protect their vault by setting the timout action to “logout” for maximal security and to “lock” to support offline use.