Hykem wouldn't claim his work as an IOSU exploit if that's the case.
I doubt it uses anything from the eShop.
You often need to have a userspace exploit as stepping stone to a kernel (or IOSU) exploit. That is probably the case here too. But yep, I do not see why it should need something from the eShop, when we have the webbrowser and known vulnerabilities in it. Smea that developed ninjhax has made a nice blogpost describing what steps he needed to hack the 3DS - it used 4 vulnerabilities from different applications (can be seen here http://smealum.net/)