If they're building on other GPL software, they have to keep the same license for their own software:
According to
their changelog, they first applied MIT-CC on everything that wasn't under GPL, and then worked to remove all GPL code so everything could be under MIT-CC.
If nvK wants to protect his intellectual property by protecting unique snippets, I don't see a problem with it as long as it's available to the public for scrutiny.
It is of course fine if he wants to do that. But it is equally fine for people like me to point out that doing so means fewer eyes on the code therefore less security, as well as pointing out it is bad for the space in general. Bitcoin is about freedom. If I'm buying a hardware wallet, I'm picking a company who align with that ethos, not Trezor paying blockchain analysis to spy on you, and not Coinkite locking down their code so it cannot be used by anyone else.