A federal judge in Manhattan has cleared the way for Aave’s recovery effort to move forward following last month’s North Korea-linked rsETH exploit, allowing $71 million in frozen ether to be transferred out of Arbitrum while preserving North Korean terrorism victims’ legal claim to the funds.
In a two-page order published late Friday US time, Judge Margaret Garnett amended a restriction notice previously served on Arbitrum DAO to allow an on-chain governance vote that transfers the immobilized ETH to a wallet controlled by Aave LLC.
The order also protects participants from liability under the notice, stating that anyone who initiates, votes on, or participates in the transfer would not violate the freeze.
Judge Garnett’s ruling follows a previous off-chain Snapshot temperature check in which Arbitrum delegates overwhelmingly expressed support for the return of frozen ETH as part of Aave’s broader recovery plan. However, any actual transfer still requires a separate binding vote on chain governance.
The ruling resolves an immediate standoff that had threatened to derail a coordinated DeFi recovery effort after attorney Charles Gerstein, who represents families with approximately $877 million in unpaid judgments for terrorism against North Korea, argued that the frozen ETH could be confiscated because the exploit has been widely attributed to the Pyongyang-backed Lazarus Group.
Beyond the Arbitrum dispute
Gerstein’s action against Arbitrum fits into a broader legal strategy to pursue North Korea-linked assets as they emerge in decentralized finance (DeFi) infrastructure.
In a separate lawsuit in January, many of the same terrorism judgment creditors who sued Arbitrum sued Railgun DAO, alleging that the privacy protocol allowed North Korean actors to move funds that should have been frozen and made available to creditors.
At the time, the plaintiffs claimed that North Korean hackers used Railgun to launder funds from previous cyberattacks, including the $1.5 billion Bybit exploit, and argued that the protocol should have frozen those assets instead of allowing them to move forward.
Once DPRK-controlled wallets moved funds through the protocol, those assets became potential collection targets, they argued.
In March, they asked a federal court clerk in Washington to declare a breach against Railgun DAO after alleging that the protocol failed to respond to the complaint despite being notified. Their complaint also names Digital Currency Group, alleging that the crypto investment firm’s $10 million purchase of Railgun governance tokens in 2022 made it a participant in the governance and economy of the DAO.
And in February, the plaintiffs moved to secure USDT that the US government had sought to seize through a forfeiture motion.
