The Arbitrum DAO voted on April 20 to freeze approximately $71 million in ETH sitting in two wallets linked to the KelpDAO exploit that occurred on April 3. The emergency governance proposal passed with 87% approval, triggering Arbitrum’s security council to blacklist the addresses at the bridge level – preventing the funds from being withdrawn to Ethereum mainnet.
The decision was swift, decisive, and controversial. It stopped the stolen funds from moving, but it also demonstrated that a Layer 2 network’s governance can unilaterally freeze assets – a power that raises uncomfortable questions about decentralization, censorship resistance, and who really controls the money on a rollup.
The KelpDAO Exploit Recap
KelpDAO, an Ethereum liquid restaking protocol, was exploited on April 3 for approximately $71 million through a vulnerability in its cross-chain vault system. The attacker manipulated the verification mechanism that KelpDAO used to validate restaking deposits across chains, creating phantom deposits that were then withdrawn as real assets.
The stolen funds were initially moved through Ethereum mainnet, then bridged to Arbitrum – likely because the attacker planned to swap them through Arbitrum’s deep DEX liquidity (particularly on GMX and Camelot) before exiting through a privacy-preserving path.
Once on-chain investigators traced the funds to Arbitrum, the KelpDAO team contacted Arbitrum’s security council and requested an emergency freeze. The council convened within hours and put the proposal to an expedited governance vote.
The Freeze Mechanism
Arbitrum’s bridge architecture includes a security council with the power to set up emergency actions, including transaction censorship and asset freezes, subject to DAO ratification within 48 hours. The council is a 12-member multisig requiring 9-of-12 signatures for emergency actions.
In this case, the council added the two suspect wallets to a blacklist at the bridge’s withdrawal contract level. The ETH is still on Arbitrum – the wallets can interact with Arbitrum-native protocols – but they can’t bridge back to Ethereum mainnet. Since most exit liquidity requires bridging to mainnet, this effectively traps the funds.
The DAO ratification vote was conducted through Snapshot with a 24-hour voting period, significantly shorter than the usual 7-day governance cycle. The proposal cited the “emergency security provisions” in Arbitrum’s constitution, which allow expedited voting when the security council identifies an active threat.
The Decentralization Debate
The crypto community’s reaction was split almost exactly down the middle.
Supporters argue that freezing stolen funds is common sense. The money was taken through an exploit, the attacker has no legitimate claim to it, and the technology exists to stop the theft from being completed. Not using that power would be negligent.
“If a bank robber is running through your lobby with bags of cash, you don’t stand aside because of ‘freedom of movement,'” wrote Arbitrum contributor Mitch Amador. “You stop them. That’s what the security council did.”
Critics counter that the ability to freeze arbitrary wallets through governance is exactly what decentralized systems are supposed to prevent. If Arbitrum can freeze $71 million from a hacker today, it can freeze $71 million from a political dissident tomorrow – or comply with a government order to freeze funds from a sanctioned entity.
“The moment a governance vote can censor your transactions, you’re using a permissioned system,” said Bitcoin maximalist Jameson Lopp. “Call it a DAO, call it a security council – it’s a committee that decides whose money moves. That’s a bank with extra steps.”
The Layer 2 Trust Spectrum
The Arbitrum freeze highlights a reality that the Layer 2 system has been slow to acknowledge: rollups aren’t as decentralized as their marketing suggests. Every major L2 – Arbitrum, Optimism, Base, zkSync – has some form of upgrade key, security council, or admin function that can intervene in the network’s operation.
Arbitrum is actually among the more decentralized L2s, with its elected security council and DAO governance. Base, by contrast, is operated by Coinbase with no governance mechanism. Optimism has a security council with broad powers. zkSync has an upgrade key controlled by Matter Labs.
Ethereum researcher Justin Drake framed the spectrum this way: “L2s exist on a continuum from ‘smart contract multisig’ to ‘sovereign rollup.’ Most are currently closer to the multisig end. That’s fine as a transitional stage, but users should understand the trust assumptions.”
The KelpDAO freeze demonstrates that during this transitional period, L2 governance has powers that mainnet Ethereum doesn’t. No one can freeze funds on Ethereum L1 – not the Foundation, not the core developers, not any governance vote. The immutability is absolute. On L2s, it’s conditional.
Legal Implications
The freeze also creates a legal precedent that lawyers on both sides of the crypto regulatory debate are studying. If a DAO can freeze stolen funds through governance, does it have a legal obligation to do so in future cases? If it freezes funds in one case but not another, does it face liability for inconsistent enforcement?
These questions are untested in court. But the Arbitrum precedent makes it harder for L2 governance bodies to claim they lack the technical ability to intervene – which has been a common defense against regulatory demands for asset freezing.
What Happens to the $71 Million
The frozen funds sit in legal limbo. KelpDAO has filed a recovery claim through Arbitrum’s governance, requesting that the funds be returned to the protocol’s insurance fund. The attacker hasn’t responded to an on-chain message offering a 10% white-hat bounty in exchange for returning the remaining 90%.
If no resolution is reached within 30 days, Arbitrum’s constitution provides for a DAO vote on fund disposition. The most likely outcome is that the funds are returned to KelpDAO’s affected users, minus a fee to cover the governance and legal costs of the recovery process.
The broader outcome is harder to predict. The Arbitrum freeze will be cited in every future debate about L2 governance, bridge security, and the limits of decentralization. It’s a case study that cuts both ways – a win for theft recovery, and a reminder that Layer 2 sovereignty has limits that Layer 1 doesn’t.
