Your website states “Since all of your data is fully encrypted before it ever leaves your device (…)”. Your website also states “Your master password can only be changed from the web vault”. Does this compute?
Hopefully, you saw the twitter reply, but in short - the web vault runs an actual local vault on your machine that handles the heavy lifting. Truly - your data is never sent unencrypted.
I dont really understand how I then can log in to the web vault on a machine where I have not installed my local bitwarden app. Tried to understand from the bitwarden docs.
The web page instantiates a javascript version of the vault in your web browser, and that’s what you’re logging into with your email + master password.