You are not submitting your master password to them. It's been a while since I completely understood the login process, but this should be mostly right:
1. The encryption key is a local hash of your email address and master password. This never leaves your computer.
2. Ignoring PBKDF2, Your encryption key and your master password are again hashed locally. That is sent with your login email to LastPass.
3. LastPass hashes Step 2 with a salt and that result is then used to authenticate you. After any additional two factor auth verification, LastPass will send your password file, which is decrypted using the result in Step 1, that has never left your computer.
You're more than welcome to inspect the JavaScript code yourself. They have a simple encryption, decryption page so you can see exactly what LastPass does.
The website and extensions are mostly JavaScript, so you can audit the code yourself if you wish. LastPass does use a proprietary plugin for some features, but they have a binary free version for most, if not all browsers.
1. The encryption key is a local hash of your email address and master password. This never leaves your computer.
2. Ignoring PBKDF2, Your encryption key and your master password are again hashed locally. That is sent with your login email to LastPass.
3. LastPass hashes Step 2 with a salt and that result is then used to authenticate you. After any additional two factor auth verification, LastPass will send your password file, which is decrypted using the result in Step 1, that has never left your computer.
You're more than welcome to inspect the JavaScript code yourself. They have a simple encryption, decryption page so you can see exactly what LastPass does.
https://lastpass.com/js/enc.php