Arbitrum DAO Votes 90% to Unlock $71M in Frozen Kelp DAO Exploit ETH
Arbitrum DAO delegates have voted overwhelmingly — by roughly 90% — to release $71 million in Ether frozen in the aftermath of the Kelp DAO exploit, directing the funds toward an Aave-led recovery effort. The vote marks a significant moment in decentralized governance’s ability to respond to one of the largest DeFi security incidents of the year.
The resolution came after weeks of deliberation that involved not just on-chain governance but an active legal dispute with U.S. authorities over who has the right to those funds.
Background: The Kelp DAO Exploit
In late April, Kelp DAO’s rsETH restaking protocol was hit by a $292 million exploit — one of the largest DeFi hacks of 2026. Attackers manipulated a vulnerability in the protocol’s request-for-quote proxy mechanism to drain funds across multiple chains.
Arbitrum’s Security Council acted quickly. Within hours of the exploit being confirmed, the council used its emergency powers to freeze 30,766 ETH — roughly $71 million at the time — that had flowed through Arbitrum’s infrastructure. The funds were moved into an intermediary wallet accessible only through further governance action.
“Arbitrum’s Security Council froze 30,766 ETH worth roughly $71 million on Monday night, moving funds linked to Saturday’s $292 million rsETH exploit into an intermediary wallet that can only be accessed through further Arbitrum governance action,” CoinDesk reported in April.
The Governance Vote
What followed was a weeks-long governance process to determine what to do with those frozen funds. The Arbitrum DAO, composed of ARB token holders who delegate voting power to representatives, had to weigh competing interests.
The winning proposal directed the funds to an Aave-led recovery effort that would distribute them back to affected Kelp DAO depositors — or as many as can be identified and verified. The 90% approval margin was decisive and well above the threshold required for the proposal to pass.
However, Arbitrum’s governance rules impose an eight-day delay before any approved transfer can execute. That delay is a built-in security mechanism, giving stakeholders time to challenge a passed proposal if something appears wrong.
The U.S. Seizure Dispute
The governance vote happened despite an active legal question from U.S. authorities, who reportedly have argued that some portion of the frozen funds may be subject to government seizure — potentially linked to North Korean state-sponsored hacking operations that have been tied to parts of the broader Kelp ecosystem.
One report described the situation as “Arbitrum approves $71 million ETH release despite U.S. seizure fight,” underscoring the jurisdictional tension between decentralized governance mechanisms and national law enforcement.
How that tension resolves remains unclear. Even if the governance proposal executes, the legal dispute could complicate the actual distribution of funds to victims. It’s a situation that DeFi governance frameworks haven’t clearly resolved — what happens when an on-chain vote conflicts with an off-chain legal order.
What This Means for DeFi Governance
The Arbitrum vote demonstrates both the power and the limits of on-chain governance. On the power side: a credibly decentralized protocol with an active security council can respond to exploits faster and more decisively than any centralized legal or regulatory process. The funds were frozen within hours and a recovery framework was approved within weeks.
On the limits side: the U.S. seizure dispute shows that decentralized governance doesn’t exist in a legal vacuum. When significant real-world assets are at stake, government authorities will assert jurisdiction — and token holders have no straightforward mechanism to enforce their governance decisions against a court order.
The eight-day delay before execution is also worth noting as a governance design feature. Rather than immediate execution, which could be exploited, the delay creates a window for challenge that adds legitimacy while slowing speed.
DeFi Security Context
The Kelp DAO exploit was part of a broader pattern. TRM Labs reported in 2026 that North Korean state-sponsored hackers accounted for 76% of all crypto thefts in the year, an extraordinary concentration of sophisticated attacks.
For DeFi protocols, the combination of smart contract risk and state-level adversarial actors has pushed security budgets and audit requirements significantly higher. Protocols that skimped on security infrastructure earlier in the cycle are increasingly targeted.
The Arbitrum community’s decisive vote — and the speed of the Security Council’s initial response — may serve as a case study for how other DeFi ecosystems should structure their emergency response and governance frameworks.
FAQ
Q: What was the Kelp DAO exploit?
A: In late April 2026, attackers exploited a vulnerability in Kelp DAO’s rsETH restaking protocol, draining approximately $292 million across multiple chains. Arbitrum’s Security Council froze $71 million of those funds that passed through its infrastructure.
Q: What does Arbitrum DAO’s 90% vote mean for affected users?
A: The vote approves releasing the frozen $71 million ETH to an Aave-led recovery effort aimed at returning funds to affected depositors. However, an eight-day governance delay applies before execution, and a U.S. legal dispute over the funds could further complicate distribution.
Q: Can a U.S. court override a DeFi governance vote?
A: This is an evolving legal question. While on-chain governance decisions can execute autonomously, law enforcement can pursue legal remedies against real-world entities involved in the distribution. The interaction between decentralized governance and national legal systems remains largely uncharted territory.
Sources: CoinDesk, Cryptonomist, BitcoinFoundation.org. This article is for informational purposes only and does not constitute financial or legal advice.
