Arbitrum delegates approved the release of $71 million in frozen ether after the Lazarus-linked rsETH exploit last month, creating a direct clash between decentralized governance and an active fight in US courts over who owns the funds.
The on-chain vote, which closed on Friday afternoon Hong Kong time with over 90% support, authorizes the release of 30,765 ETH frozen by the Arbitrum Security Council following the April 18 exploit, when attackers used unbacked rsETH tokens as collateral on Aave to borrow approximately $230 million in ETH from the protocol.
The funds are intended for a coordinated industry recovery effort led by Aave, KelpDAO, LayerZero, EtherFi and Compound, aimed at recovering affected users.
But the frozen ether is also at the center of a growing legal dispute in Manhattan federal court.
Last week, attorney Charles Gerstein, who represents families holding approximately $877 million in unpaid terrorism judgments against North Korea, served a restraining notice on Arbitrum DAO alleging that the frozen ETH constitutes property of North Korea because the exploit has been widely attributed to Pyongyang’s Lazarus Group.
That triggered an emergency legal fight.
Aave moved earlier this week to overturn the restriction notice, arguing that the assets belong to innocent users, not North Korea, and warning that continued delays risk “cascading liquidations” and broader instability in decentralized financial markets.
Gerstein responded on Tuesday, arguing that the exploit was not a theft but a fraud, meaning that the attackers obtained legal title to ETH by deceiving Aave lending markets with worthless collateral.
Friday’s governance vote does not mean funds will move immediately.
Because the move was structured as a constitutional AIP under the Arbitrum governance framework, the transfer cannot be executed for at least eight days, giving the Manhattan court time to intervene before any ETH moves.
The Arbitrum delegates were not voting blindly in the face of legal risk either. The proposal included indemnification protections for the Arbitrum Foundation, Offchain Labs, Security Council members, and governance delegates against certain claims arising from the freezing or release of ETH, underscoring how unusual the risks around the vote had already become.
Speaking at Consensus Miami this week, Linda Jeng, chief legal and policy officer at Aave Labs, said the exploit had already forced the protocol to rethink its risk framework, expanding collateral standards beyond financial metrics to include cybersecurity, interoperability and technical architecture reviews.
Jeng, who worked as a regulator during the 2008 financial crisis, drew a contrast with traditional taxpayer-backed financial bailouts.
“In the financial crisis, we had to bail out the banks,” he said. “Here we come together as an ecosystem to rescue ourselves.”
