I'm not sure why sharing would undermine the security principle? Instead of only the intended user having access, now it is the intended users .
There are times when there is a need to have a shared login to an account, whether with family members or with co-workers. If one would like to add 2FA to those accounts, they would need a way of sharing the 2FA code. Currently, the options that I know of is for one person to get the code and sharing it via email, sms, phone call or the like. This is definitely a security concern, as no one should get in the habit of sharing codes on the manner. The other option would be to add the 2FA to a password manager that supports it. That leads to an issue of "putting all your eggs in one basket". One could share the secret key which each person can add to their auth app, however, this creates an issue if access needs to be revoked or changed.
I believe having the option to share the secret with other users within Ente is the perfect solution. This way only legitimate and intended users get access, and the code does not need to be shared each time. Access can then revoked as needed and any changes get propagated to all users immediately.

Is there an option to share through a self-hosted server? Currently, the sharing is done through auth.ente.io even when sharing from a self-hosted instance.

In the current implementation, as every data that is required to display the the codes is part of the URL, we didn't consider self-hosting use-case separately. The current implementation also works for offline mode.

In the future, if we decide to increase the time to share the codes, we will probably reconsider the implementation, and add support for self-hosting during that iteration.