Aave has filed an emergency motion to block creditors from seizing $71 million in frozen ETH recovered from the April 18 Kelp DAO exploit. A restraining order issued by the Southern District of New York on May 1 targets assets that Aave and other DeFi protocols designated for victim restitution. The case pits stolen asset recovery against alleged creditor claims tied to North Korean sanctions judgments, establishing a novel legal test for whether recovered hacked funds become attachable property under US law.
How the Kelp Exploit Triggered the Freeze
On April 18, the Lazarus Group allegedly stole approximately 116,500 rsETH from Kelp DAO through a LayerZero bridge exploit. Three days later, the Arbitrum Security Council used its documented 9-of-12 emergency powers to freeze 30,765 ETH and prevent the attacker from moving the assets further. This action was part of a coordinated recovery effort across the DeFi sector. By April 24, Aave calculated the total backing hole at 163,183 ETH. The frozen assets represented a critical piece of victim compensation, with recovery efforts closing 52.9% of the shortfall through combined protocol commitments.
DeFi United’s $300 Million Recovery Push
DeFi protocols assembled $300 million in commitments through DeFi United to cover remaining losses. Mantle contributed a 30,000 ETH credit facility, while Aave requested 25,000 ETH from its treasury to support the recovery effort. These commitments reflected the sector’s coordinated response to a significant cross-protocol vulnerability. However, the restraining order filed on May 1 directly targets the frozen ETH that these protocols intended to use for victim restitution, creating an immediate legal obstacle to executing their recovery plan.
DAO Legal Status Under Fire
Aave’s emergency motion contests whether the frozen assets—stolen property held by an attacker—can become lawful property subject to creditor attachment simply through possession by a hacking operation. The case also raises questions about whether the Arbitrum DAO qualifies as a juridical entity capable of receiving legal service. US courts have previously treated DAOs as general partnerships or suable collectives in cases involving Lido DAO, bZx, and Compound, but this case is the first to directly test whether a DAO’s emergency governance actions shield recovered assets from external legal claims.
Precedent at Stake for DeFi Recovery
The outcome will determine whether DeFi protocols can safely execute emergency asset freezes and recovery mechanisms without exposing recovered funds to third-party seizure. Aave has scheduled its emergency motion filing for May 4, though no court hearing date or expedited timeline has been confirmed. The restraining order remains in effect until the court rules on Aave’s motion to vacate. This case establishes whether stolen assets recovered through protocol governance retain protected status or become subject to competing creditor claims under US law.
