Aave filed an emergency motion last week to release millions of frozen ETH from a restraining order issued against the Arbitrum DAO, turning what started as a coordinated exploit recovery into a legal dispute.
Aave LLC said the cease-and-desist notice was served on Arbitrum DAO on May 1 and seeks to seize approximately $71 million in ETH that Aave claims belongs to victims of the April 18 exploit. The company asked the court for an expedited hearing and temporary vacancy, arguing that the recovered assets were intended for return by the user and should not be frozen for outside claims.
ETH was frozen by the Arbitrum Security Council on April 21, as the Lazarus Group stole approximately 116,500 rsETH from Kelp DAO’s LayerZero bridge three days earlier.
The board used its 9 of 12 emergency powers to move 30,765 ETH without the attacker’s key, effectively designating them for a recovery pool.
Aave’s April 24 funding update valued the initial support hole at 163,183 ETH. Between the Kelp freeze, Arbitrum’s action and the expected liquidations on Aave, the coalition has made up approximately 52.9% of this difference.
DeFi United has raised over $300 million in commitments for the remainder, with Mantle providing a credit facility of up to 30,000 ETH and Aave requesting 25,000 ETH from the Treasury.
The restraining notice, approved by a court in the Southern District of New York, targeted these frozen funds.
The plaintiffs’ theory appears to be based on the alleged attribution of the exploit to the Lazarus Group, the North Korean hacking operation, and previous rulings related to North Korea. Aave’s motion challenges the shift from an attacker’s alleged control to legal ownership, arguing that stolen property does not become seizable property simply because a thief briefly held it.
The service plan called for posting on the Arbitrum Governance Forum and sending copies to the legal entities behind the Arbitrum DAO, Security Council members, and large ARB holders, with a warning that non-compliance could result in legal consequences for governance actors.
Governance of the legal surface created
The first argument in Aave’s motion is that stolen assets do not become the legal property of a thief because the thief held them briefly, and the second is that Arbitrum DAO is not a legal entity capable of providing services.
This second argument rests on already contested legal ground, as U.S. courts have been willing to treat DAOs as general partnerships or sued collectives. Lido DAO faced this treatment, building on previous cases involving bZx and compound litigation.
Travers Smith’s analysis of the Kelp episode noted that accessibility focuses on governance structure and demonstrated control, with Arbitrum’s exposure anchored in its documented and exercised emergency action mechanism.
Arbitrum forum delegates were already asking questions about compensation points, advancing defense costs and litigation exposure before Aave filed the motion.
This concern predates the filing in court and highlights that each protocol that establishes and uses emergency recovery powers also creates a documented control file that outside requesters can read.
DeFi United’s response proved that major protocols will trump immutability when losses are large enough, and that this capability has helped users while exposing governance levers that courts can attempt to reach.
Once a governance body freezes, segregates, and publicly labels assets as recoverable, they become an identifiable pool that independent creditors can target, particularly where the attacker has documented ties to a sanctioned state or judgment debtor.
The multisig and Snapshot voting infrastructure that enabled the response to the Kelp exploit has no built-in mechanism to address a competing legal claim, a notice of personal liability to a Security Council member, or an argument from a creditor that recovery assets are seizable.
| Governance functionality | What he did in this case | Why it helped victims | Why this created legal exposure |
|---|---|---|---|
| Arbitrum on emergency powers of the Security Council | Frozen and moved 30,765 ETH without the attacker’s key | Preserved portion of stolen value for recovery | Demonstrated a real point of control that courts can target |
| Portfolio/pool designated for recovery | Separate funds for recovery efforts | Make the recovery plan readable and usable | Made assets identifiable and easier to designate for outside applicants |
| DAO Governance Forum | Becomes part of the service plan | Ensure public transparency around corrective actions | Transforming governance channels into a place where legal processes can be published |
| Security Council members/governance actors | Becomes an integral part of the notification and service scope | Allowed a rapid response to the crisis | Issues Raised Regarding Personal Liability and Litigation Exposure |
| Multisig + Snapshot type coordination | Allowed DeFi United-style response to scale quickly | Helped coordinate a cross-protocol rescue | Offers no integrated response to competing legal claims or creditor restrictions |
Potential outcomes of the motion
The Bull case forces the court to quickly accept Aave’s victim-first logic and abandon coercion.
In this case, governance-controlled recoveries gain judicial validation because emergency intervention can override immutability in a crisis without automatically converting each recovery portfolio into the creditor’s seizable assets, provided the protocol clearly documents title and destination up front.
Protocols that invest in predefined claim cascades, compensation policies, and entity wrappers around emergency remediation can evolve more quickly and with more legal confidence during future crises.
Aave’s position as the largest DeFi lending protocol, with nearly $15 billion in total value locked and $12.1 billion in active loans, means a favorable ruling would carry weight across the entire DeFi lending category, which totals approximately $42.7 billion.
The bear’s case plays out if restraint lasts long enough that Security Council members and protocol delegates are hesitant to intervene in future exploits.
Each successful recovery creates a documented audit record, and each legal challenge to that record raises issues of personal liability for voting participants in governance.
If delegates conclude that participating in a relief proposal exposes them to litigation or forum service, emergency governance becomes more cautious, even when the technical capacity to freeze remains intact.
Kelp’s response covered more than half of the initial deficit through governance action and coordinated capital. A world where this coordination becomes legally dangerous leaves the consequences unresolved and the DeFi United model without a viable successor.
DefiLlama’s hack dashboard tracks approximately $16.5 billion worth of hacks in total, including approximately $7.7 billion in DeFi.
Travers Smith noted that the Drift and Kelp incidents were among the biggest DeFi exploits of 2026, occurring 18 days apart and revealing governance weaknesses. This model makes recovery design a recurring infrastructure problem.
DeFi now has a precise contradiction in which users want emergency intervention at the time of an exploit, and each successful intervention makes governance more legally accessible.
Aave’s motion asks a court to hold both simultaneously, allowing victims’ assets to remain protected while treating the governance infrastructure that protected them as legally invisible.
The outcome decides whether the next DeFi crisis will get a coordinated response or a court battle.
