I essentially didn't have a private key prior to Keybase, and I think it's still the only place I use it, so I'll end up rolling a new one if Keybase becomes fundamentally untrustworthy.
That’s Zoom. Post acquisition Keybase is tied to some of those, but not all. Their dev team is not going to move to China (at least not immediately) and past security issues in Zoom are no indication of Keybase safety.
I signed up so long ago that I'm not quite sure what you mean. I remember posting a bunch of public keys (like on my profile here). I think the keybase app generated them along with a private key but it has been like three years.
I don't remember at all uploading one or where to find it if I did, can you explain the issue you have in mind a little more?
You can optionally have Keybase (generate and) store your private key for you.
It's designed to lower the barrier to entry, but is obviously less secure than managing it yourself outside of Keybase (e.g. in GPG keyring, or a physical OpenPGP smartcard such as a Yubikey) - and some consequently wish the storage had never even been offered.
That optional GPG/PGP private key storage was also re-hidden (and almost but not quite removed) functionality by Keybase over the course of the application's life as they moved away from using traditional GPG/PGP-style keys to a more complicated but more secure system based on device-specific keys (and chains/webs of those keys and their derivatives), around when you needed another device to onboard the next device rather than just needing to sign in with username/password.
