First of all, ChevronWP7 is a cool utility, but I don't understand why did they obfuscate the ripped M$ code. Yes the device communication part which is obfuscated it ripped from the Deployment Developer Tool.
Generally speaking this is what ChevronWP7 does:
- Rewrites the host file to redirect the developerservices.windowsphone.com address to localhost
- Bring up a HTTP server with it's own certificate to support HTTPS
- For the query during unlock operation the HTTP server sends back a baked in answer as a result of a successful unlock.
ChevronWP7 does exactly what the deployment tool do, but bypassing the windows live login.