A Manhattan federal judge authorized Arbitrum DAO to transfer $71 million in frozen Ether to Aave LLC on Friday, permitting the DeFi protocol to recover funds tied to a North Korea-attributed exploit while preserving legal claims from terrorism victims seeking compensation. Judge Margaret Garnett of the Southern District of New York issued the modification order after Aave filed an emergency motion to lift the asset freeze, balancing DeFi protocol recovery against the competing interests of families with unpaid terrorism judgments against North Korea totaling $877 million.
The Exploit and the Freeze
On April 18, North Korean-linked hackers exploited Kelp DAO and released 116,500 rsETH tokens without corresponding burns, creating a $174.5 million shortfall in backing for the restaked Ether token. Arbitrum DAO, which had frozen 30,765 ETH (approximately $71 million) in response, faced competing legal pressures: Aave needed the liquidity to stabilize its protocol, while terrorism victims’ counsel at Gerstein Harrow LLP argued the funds should remain seized pending recovery efforts. The exploit exposed a critical vulnerability in liquid staking derivatives and raised questions about asset traceability in cross-protocol hacks.
The Court’s Balanced Ruling
Judge Garnett’s order permits the transfer while maintaining the legal claims of terrorism victims, a narrow resolution that satisfied neither side completely. Aave argued that “a thief doesn’t gain lawful ownership of stolen property,” positioning the protocol as the rightful owner recovering its assets. The firm characterized North Korea attribution as “internet speculation,” challenging the forensic basis for victims’ claims. The judge’s decision signals that DeFi recovery mechanisms require judicial flexibility—freezing assets indefinitely could deter protocols from responding to exploits, yet victim compensation rights cannot be erased by court order alone. The actual transfer now requires an onchain governance vote by Arbitrum DAO token holders.
Implications for DeFi and Victim Compensation
This case establishes precedent for how U.S. courts will treat cross-protocol hacks where multiple parties claim legitimate ownership. Terrorism victims have previously pursued similar claims against other protocols; Gerstein Harrow sued Railgun DAO on comparable grounds. The ruling suggests courts will permit asset recovery while preserving victims’ ability to pursue separate judgment enforcement—a model that protects both DeFi liquidity and legal remedies. However, the decision does not resolve whether victims can ultimately recover from frozen assets in cases involving state-sponsored actors, leaving significant uncertainty for future North Korean-attributed exploits like the $1.5 billion Bybit hack.
What Happens Next
Arbitrum DAO must now conduct a governance vote to execute the transfer. Until token holders approve the transaction, the $71 million remains frozen. Terrorism victims retain their legal claim on the funds regardless of the transfer outcome, though enforcement mechanisms remain untested. The case underscores how DeFi protocols navigate U.S. law when exploited by foreign state actors—liability exposure is real, but so is the path to recovery.
