E2EE with a high entropy key as is the case with 1P will save you in the case of a compromise of your vaults stored externally and don't have weird limitations on what your passwords can be.

Also sync'ing is handy for multi-device setup.

I've always wondered if it's stateless how do I rotate a password? Either due to leaking or just periodically.

It seems particularly important since this doesn't defend against compromised local environment.

This is a lot of cryptography, but how is it better than the hundred previous attempts, that simply hashed the input?

FYI: Bastion assumes a trusted local execution environment and a strong master secret. It does not defend against a compromised OS or browser runtime. The system trades convenience (sync, cloud recovery) for deterministic, stateless, and cryptographically verifiable password generation.