Arbitrum delegates signaled their support, in a non-binding sentiment check, for a plan to release $71 million in frozen ether after the Lazarus-linked rsETH exploit last month, amid an active court fight in the US over ownership of the funds.
The so-called phase one of the temperature control, which closed on Friday afternoon Hong Kong time with more than 90% support, favors the release of 30,765 ETH frozen by the Arbitrum Security Council after the April 18 exploit, when attackers used unbacked rsETH tokens as collateral on Aave to borrow approximately $230 million in ETH from the protocol.
Voting took place on an off-chain polling platform commonly used by crypto governance communities to gauge delegate sentiment before initiating formal steps. Under Arbitrum’s governance process, the outcome itself does not move funds or change the rules of the protocol. Think of it as a referendum of the population before a law is passed.
Any actual transfer would require a separate on-chain Constitutional Arbitration Improvement Protocol (AIP), a formal governance proposal that can execute binding actions if approved by token holders. The strong support shown in the sentiment check suggests that delegates may be in favor of moving forward with a formal AIP on the proposal.
The frozen ether is intended for a coordinated industry recovery effort led by Aave, KelpDAO, LayerZero, EtherFi and Compound, which aims to recover affected users.
But the same funds are also at the center of a growing legal dispute in Manhattan federal court.
Last week, attorney Charles Gerstein, who represents families holding approximately $877 million in unpaid terrorism judgments against North Korea, served a restraining notice on Arbitrum DAO alleging that the frozen ETH constitutes property of North Korea because the exploit has been widely attributed to Pyongyang’s Lazarus Group.
That triggered an emergency legal fight.
Aave moved earlier this week to overturn the restriction notice, arguing that the assets belong to innocent users, not North Korea, and warning that continued delays risk “cascading liquidations” and broader instability in decentralized financial markets.
Gerstein responded on Tuesday, arguing that the exploit was not a theft but a fraud, meaning that the attackers obtained legal title to ETH by deceiving Aave lending markets with worthless collateral.
Friday’s governance vote does not mean funds will move immediately.
Furthermore, even if it were later approved on-chain, the proposed transfer would face the standard Arbitrum withdrawal delay of approximately eight days from L2 to L1 before any ETH could be moved, potentially giving the Manhattan court time to intervene.
Nor did Arbitrum delegates vote blindly on legal risk. The draft instant proposal included indemnification protections for the Arbitrum Foundation, Offchain Labs, Security Council members, and governance delegates against certain claims arising from the freezing or release of ETH, although those protections would only come into effect if later adopted through a successful on-chain constitutional AIP. Still, the inclusion of the language underscored how unusual the risks around the vote had already become.
Speaking at Consensus Miami this week, Linda Jeng, chief legal and policy officer at Aave Labs, said the exploit had already forced the protocol to rethink its risk framework, expanding collateral standards beyond financial metrics to include cybersecurity, interoperability and technical architecture reviews.
Jeng, who worked as a regulator during the 2008 financial crisis, drew a contrast with traditional taxpayer-backed financial bailouts.
“In the financial crisis, we had to bail out the banks,” he said. “Here we come together as an ecosystem to rescue ourselves.”
CORRECTION (May 9, 2026, 02:00 UTC): Corrects that the measure was a snapshot, not a binding arbitration improvement proposal.
