Is there an encrypted DFU example

There is no DFU example where the Hex file itself is encrypted. However from SDK 8 and up it is possible to share bond information between your application and the bootloader so you can transfer the firmware image over an encrypted link. However you would still have to distribute the firmware to your customers, but I guess you can distribute an encrypted file in your app, and the decrypt it before sending it over the encrypted BLE link.

Any new encrypted hex file example somewhere? Any hint on how to develop this feature, at what layer?

Hex file shoulf be encryped in factory, and decrypted inside the bootloader.

Thanks a lot in advance.

You should take a look at a suggestion from one of our users here.

Thanks a lot!