Aave filed an emergency motion last week to free millions in frozen ETH from a restraining order issued against the Arbitrum DAO, turning what began as a coordinated exploit recovery into a court dispute.
Aave LLC said the restraining notice was served on Arbitrum DAO on May 1 and seeks to seize approximately $71 million in ETH that Aave argues belongs to victims of the April 18 exploit. The company asked the court for an expedited hearing and a temporary vacatur, arguing that the recovered assets were designated for user restitution and should not be frozen for outside claims.
The ETH was frozen by Arbitrum’s Security Council on Apr. 21, as Lazarus Group stole approximately 116,500 rsETH from Kelp DAO’s LayerZero bridge three days earlier.
The council used its 9-of-12 emergency powers to move 30,765 ETH without the attacker’s key, designating it for a recovery pool.
Aave’s Apr. 24 funding update sized the original backing hole at 163,183 ETH. Between Kelp’s own freeze, Arbitrum’s action, and expected liquidations on Aave, the coalition closed about 52.9% of that difference.
DeFi United assembled over $300 million in commitments for the rest, with Mantle contributing a credit facility of up to 30,000 ETH and Aave requesting 25,000 ETH from the treasury.
The restraining notice, approved by a court in the Southern District of New York, targeted those frozen funds.
The plaintiffs’ theory appears to rest on the alleged attribution of the exploit to Lazarus Group, the North Korean hacking operation, and on prior judgments tied to North Korea. Aave’s motion challenges the leap from alleged attacker control to lawful ownership, arguing that stolen assets do not become attachable property simply because a thief briefly held them.
The service plan included posting on Arbitrum’s governance forum and mailing copies to the legal entities behind the Arbitrum DAO, Security Council members, and large ARB holders, with a warning that noncompliance could result in legal consequences for governance actors.
The legal surface governance created
The first argument in Aave’s motion is that stolen assets do not become a thief’s lawful property because the thief held them briefly, and the second is that Arbitrum DAO is not a juridical entity capable of service.
That second argument lands on already-contested legal ground, as US courts have shown willingness to treat DAOs as general partnerships or suable collectives. Lido DAO faced that treatment, building on earlier cases involving bZx and Compound-related litigation.
Travers Smith’s analysis of the Kelp episode noted that reachability centers on governance structure and demonstrated control, with Arbitrum’s exposure rooted in its documented, exercised emergency-action mechanism.
Arbitrum’s forum delegates were already asking about indemnification spots, defense-cost advancement, and litigation exposure before Aave filed the motion.
That anxiety predates the court filing and points out that every protocol that establishes and uses emergency recovery powers also builds a documented control record that outside claimants can read.
DeFi United’s response proved that major protocols will override immutability when losses are large enough, and that capacity helped users while exposing governance levers that courts can try to reach.
Once a governance body freezes, segregates, and publicly labels assets as recoverable, they become an identifiable pool that unrelated creditors can target, particularly where the attacker has documented links to a sanctioned state or judgment debtor.
The multisig and Snapshot vote infrastructure that enabled the response to the Kelp exploit has no built-in mechanism for handling a competing court claim, a personal liability notice to a Security Council member, or a creditor’s argument that recovery assets are attachable.
| Governance feature | What it did in this case | Why it helped victims | Why it created legal exposure |
|---|---|---|---|
| Arbitrum Security Council emergency powers | Froze and moved 30,765 ETH without the attacker’s key | Preserved part of the stolen value for recovery | Demonstrated a real control point that courts can target |
| Recovery-designated wallet / pool | Segregated funds for make-whole efforts | Made the recovery plan legible and actionable | Made the assets identifiable and easier for outside claimants to point to |
| DAO governance forum | Became part of the service plan | Provided public transparency around remediation | Turned governance channels into a place where legal process could be posted |
| Security Council members / governance actors | Became part of the notice and service perimeter | Enabled rapid crisis response | Raised personal-liability and litigation-exposure concerns |
| Multisig + Snapshot-style coordination | Allowed DeFi United-style response to move quickly | Helped coordinate a cross-protocol rescue | Offers no built-in answer to competing court claims or creditor restraints |
Potential outcomes for the motion
The bull case requires the court to accept Aave’s victim-first logic quickly and vacate the restraint.
In that outcome, governance-controlled recoveries gain judicial validation, as emergency intervention can override immutability in a crisis without automatically converting every recovery wallet into attachable creditor property, provided the protocol clearly documents title and destination from the start.
Protocols that invest in pre-baked claims waterfalls, indemnification policies, and entity wrappers around emergency remediation can move faster and with more legal confidence in future crises.
Aave’s position as DeFi’s largest lending protocol, with nearly $15 billion in total value locked and $12.1 billion in active loans, means a favorable ruling would carry weight across the DeFi lending category, which totals roughly $42.7 billion.
The bear case plays out if the restraint holds long enough that Security Council members and protocol delegates grow hesitant to intervene in future exploits.
Each successful recovery creates a documented control record, and each court challenge to that record raises the personal liability stakes for the voting governance participants.
If delegates conclude that participating in a recovery proposal exposes them to litigation or forum service, emergency governance grows more cautious even where the technical ability to freeze stays intact.
The Kelp response covered over half of the original shortfall through governance action and coordinated capital. A world where that coordination grows legally hazardous leaves the aftermath unclosed and the DeFi United model without a viable successor.
DefiLlama’s hacks dashboard tracks roughly $16.5 billion in total hacks, including about $7.7 billion in DeFi.
Travers Smith noted that the Drift and Kelp incidents ranked among the largest DeFi exploits of 2026, occurring within 18 days of each other and exposing governance weaknesses. That pattern makes recovery design a recurring infrastructure problem.
DeFi now carries a precise contradiction in which users want emergency intervention at the moment of an exploit, and every successful intervention makes governance look more legally reachable.
Aave’s motion asks a court to hold both simultaneously, allowing victim-earmarked assets to stay protected while treating the governance infrastructure that protected them as legally invisible.
The outcome decides if the next DeFi crisis gets a coordinated response or a courtroom battle.
