Yep you got it… the app basically did not complete the write and the dynamic lock bits are still active. The DNFC app itself is too dumb to fix this as it is right now… so you will need to manually send commands to your chip to fix this.
First read this thread and install the NFC Shell app linked within it; https://forum.dangerousthings.com/t/can-my-xnt-be-easily-set-to-read-only (you will probably have to sideload it from the local APK uploaded to this forum)
You will use the NFC Shell app to send custom commands to the chip to complete the setup. The primary thing you are going to do is update page E2… I have no idea why this happened, but it appears that page E2 was not updated, but page E3, the password, and the pack value were all updated… so it will mean you will need to authenticate with the password you used, then update page E2 to disable those dynamic lock bits.
On the other hand, at this point it appears nobody can update the dynamic lock bits in page E2 without first authenticating, because the AUTH byte in page E3 is set to E2, meaning page E2 through page E6 are all protected by password against writing… so if you left it as-is, you would be fairly safe in my opinion.
Ok, assuming you have loaded NFC Shell on to your phone, you will want to send the following commands:
1B h1 h2 h3 h4
A2 E2 00 00 7F BD
The first line starting with 1B is the PWD_AUTH command, and the h1 h2 h3 h4 values need to be replaced with the HEX value of the password you set for your xNT. So, if your password was 1234 then the HEX values of the ASCII characters 1, 2, 3, and 4 are 31 32 33 34. Check ye’ olde ASCII chart for a reference.
The second line, starting with A2, updates the dynamic lock byte in page E3 to lock themselves from any further changes.