The issue with their claim, I believe, is that the software isn't really circumventing any protections in place. It is simply using the existing publicly facing API. If the software made clear attempts to prevent this API from detecting or locking it out, then that would be an absolute violation, but I don't believe pulling crypto keys and reimplementing the API after REing it is necessarily a DMCA violation. Certainly it violates some other things, considering it is difficult to prove a clean-room situation when it was all done by one person. Seriously though, Snapchat should be focusing on hardening their API rather than trying to shut down imposter APIs.