Chris Horn Managing Partner
Avineet Nanjappa Associate

Six weeks after the Kelp DAO exploit, markets are stable while the recovered assets are tied up in United States (U.S.) federal court. This article examines the legal posture of that case and the implications of the resulting precedent for on-chain governance.

Markets are mostly back to normal

By June, the on-chain damage from the April 18 Kelp DAO exploit was mostly priced and absorbed. Aave v3 has been restored to full operation across every supported network, with WETH and rsETH reserves reopened subject to revised risk parameters1. WETH borrow APY, which peaked at approximately 8.7% at the height of the run, declined to approximately 1.9% by mid-May as utilization fell below 90%2,3. Deposits of wstETH and WETH, however, remained more than $1 billion below their April 17 level, a deficit that persisted notwithstanding the resumption of normal lending activity3.

Readers unfamiliar with the underlying exploit, the bridge mechanics, or the resulting $13.2 billion drawdown in total value locked may find background in our summary of the incident4. The rest of this article discusses the events following the hack.

DeFi protocols cannot rely on central authorities to bail them out, so community members stepped in instead

In traditional finance, restoring confidence after a significant market downturn is generally the function of a central authority. In 2008, the U.S. federal government committed more than $700 billion in emergency support through the Troubled Asset Relief Program and an array of Federal Reserve liquidity facilities5. Similarly, the unwinding of Archegos Capital in 2021 was absorbed primarily by Credit Suisse and other prime brokers operating under the supervision of national banking regulators6. In both episodes, the resolution required an institution possessing both statutory authority and a balance sheet of sufficient size to function as a lender of last resort.

Decentralized finance has no analogous institution. When the Kelp exploit produced approximately $230 million23 in bad debt on Aave7, no public agency provided support. Instead, a coalition of major Ethereum-aligned protocols and DAOs, DeFi United, committed about $210 million23 in liquidity to the platforms most directly exposed to the impaired collateral8.

While DeFi United was raising funds, the Arbitrum Security Council (the “Council”) recovered approximately $71 million23 in assets directly from the attacker’s wallet. The Council is a 12-member committee, elected by Arbitrum token holders and authorized to act in emergencies upon agreement of 9 of its 12 signers9. On April 20, 2026, it executed a one-time upgrade of one of Arbitrum’s core contracts, used the upgrade to move 30,766 ETH (approximately $71 million) out of the attacker’s wallet into a wallet controlled by Arbitrum DAO, and reverted the upgrade in the same operation10. Council members characterized the action as a social-consensus decision warranted by the scale of the exploit10. The recovery showcases two facts about the protocol: it has governance structures and procedures in place to respond to incidents, and its members are able to act under those procedures and defend their actions publicly.

Technical detail: how the Arbitrum Security Council recovered the funds

Arbitrum is a secondary network that processes Ethereum transactions in bulk and posts the results back to Ethereum, allowing applications built on Ethereum to operate more quickly and cheaply. The Security Council controls a multisignature wallet, or “multisig,” that holds emergency authority over Arbitrum’s core contracts.

On April 20, 2026, the Council made a brief change to the bridge contract that moves assets and messages between Arbitrum and other blockchains. The modified contract gave the Council the ability to issue instructions on the network that would be treated as if they came from any wallet of its choosing, including the attacker’s. The Council used that power once, sending an instruction in the attacker’s name that moved the 30,766 ETH into a wallet controlled by Arbitrum DAO. In the same operation, the modified contract erased the new power and reverted to its original form, so the ability to impersonate a wallet existed only for the moment required to recover the funds.

The operation did not affect any other user balances. Some users nevertheless complained that the action departed from the property guarantees ordinarily associated with Ethereum asset ownership, particularly the principle that assets are controlled exclusively through their private key.

Following the recovery, the Arbitrum token holders, who function similarly to shareholders or a board of directors within a corporation, passed an Arbitrum Improvement Proposal (AIP) with more than 90% support, directing the transfer of the recovered ETH to a separate multisig administered jointly by various protocols for the restitution of affected users11. The passing of the proposal is further evidence of the durability of DAOs and blockchain governance structures. By the end of April, the response to the exploit had proceeded without the participation of any U.S. regulatory or judicial body, until Gerstein Harrow got involved.

The Lazarus attribution drew Arbitrum DAO into U.S. federal court

On May 1, Gerstein Harrow LLP served Arbitrum DAO with a restraining notice freezing the $71 million in recovered ETH and raising questions about the DAO’s legal status. LayerZero, the cross-chain messaging protocol underlying the exploited bridge, attributed the attack to the Lazarus Group, a state-sponsored actor linked to North Korea12. The notice was filed on behalf of judgment creditors holding three unsatisfied federal terrorism judgments against North Korea, with a combined unpaid balance of approximately $877 million13, and orders Arbitrum DAO to preserve the recovered ETH pending resolution of those claims. Arbitrum DAO did not have to participate in the exploit; it is enough that the DAO holds property traceable to North Korea and that the petitioning creditors hold senior claims under the relevant federal terrorism-judgment statutes.

Legal detail: how the Lazarus attribution triggers FSIA and TRIA

North Korea has been a U.S.-designated state sponsor of terrorism since 201714, so assets attributable to its instrumentalities are treated as blocked property under the OFAC sanctions regime15.

On the petitioning firm’s theory, the Lazarus attribution renders the 30,766 ETH attachable under two statutes. The Foreign Sovereign Immunities Act (FSIA) permits attachment of a foreign state’s property to satisfy terrorism judgments16. The Terrorism Risk Insurance Act (TRIA) extends that reach to blocked property held by the state sponsor’s instrumentalities17.

Together, these provisions are the statutory bases that elevate the terrorism-judgment creditors’ priority over other claimants to the recovered ETH.

On May 8, Judge Garnett modified the restraining notice to permit the transfer of the recovered ETH to an Aave-controlled wallet as originally directed by the AIP11. The modification shielded the Council members who voted to authorize the recovery from personal liability and lent further legal credence to Arbitrum’s governance procedures.

The May 8 order is the first instance in which a United States federal court has treated an on-chain DAO governance vote as a legally binding mechanism of asset transfer18; a prior federal proceeding addressing DAO legal status reached the question only on materially different facts19. By analogizing the AIP to a corporate board resolution, Judge Garnett extended to DAO governance the basic doctrinal posture of corporate law: the entity is treated as the source of legally operative decisions, and the personal liability of its participants is correspondingly isolated, in a manner analogous to the corporate veil that separates a corporation’s obligations from those of its shareholders.

The same doctrinal posture, however, operates in both directions. The corporate form limits the liability of participants in an entity precisely because the entity itself is amenable to suit and to legally binding orders. A DAO whose governance votes are recognized as effective transfers of property is, by the same recognition, a DAO whose property may be made the subject of court orders directed to those votes. The May 8 order, in that sense, marks the formal entry of decentralized governance into the ordinary jurisdictional architecture of United States courts.

The results of the court case are yet to be seen

On May 13, Judge Garnett denied Aave LLC’s emergency motion to vacate the restraining notice, finding that the alleged near-term harms to Aave Protocol users were too speculative to warrant emergency relief, while acknowledging the “risk of potential near-term harm to Aave LLC and Aave Protocol users”20. The court directed both parties to file supplemental briefs on six questions addressing the application of New York articles to the case and clarifying legal definitions to be applied to the case.

The six questions in detail

The questions below are reproduced in summary form from the May 13 order; the operative language is in the order itself20. The parties’ supplemental briefs are due May 22, any responses by May 29, and a conference is scheduled for June 5 in Courtroom 906 of the Thurgood Marshall U.S. Courthouse.

1. UCC Article 12 and the shelter principle

To what extent do the April 18 exploit transactions fall under N.Y. U.C.C. § 12-104, which governs transfers of controllable electronic records? And does § 12-104(d)’s shelter principle apply to those transactions in light of the UCC’s overarching “obligation of good faith in its performance and enforcement” under § 1-304? The question goes to whether downstream recipients of the recovered ETH take a sheltered title and, if so, on what terms.

2. Fraud versus theft

Given that a theft can be accomplished through deception (see United States v. Finnerty, 533 F.3d 143, 148 (2d Cir. 2008)), is the legal distinction between fraud and theft significant with respect to the claims of potential creditors of the restrained assets, or to the priority of those claims? Characterizing the exploit on one side or the other of that line affects whether title cleanly transferred to subsequent holders.

3. The judgment debtor’s interest under CPLR § 5222(b)

A restraining notice served on a third party under N.Y. C.P.L.R. § 5222(b) is effective only if that third party holds property in which the judgment debtor has an interest. The Second Circuit has explained that the law recognizes only a thief’s “possessory interest” in a stolen item, but not any “ownership interest” (United States v. Haqq, 278 F.3d 44, 50–51 (2d Cir. 2002)). If the exploit transactions are characterized as theft, what interest do the hackers currently have in the restrained ETH, given that the ETH was no longer in the hackers’ possession when the restraining notice was served on Arbitrum DAO?

4. Choice of law on creditor priority

Which law (or laws) controls the priority of creditors of the restrained assets, and what is the Plaintiffs’ legal basis for asserting priority over the individual users whose assets were implicated in the exploit transactions?

5. Constructive trust

Would imposing a constructive trust on the assets be an appropriate remedy? A constructive trust is an equitable mechanism that treats specific property as held for the benefit of a particular claimant when, in the court’s view, it would be unjust for the holder to retain it. Its availability here would affect whether the recovered ETH is treated as the general property of Arbitrum DAO, and thus reachable by terrorism-judgment creditors, or as property held in trust for the original victims, and thus insulated from those creditors.

6. Identification of users and pro rata return

Directed specifically to Aave LLC: to what extent are Aave LLC or Arbitrum able to identify the individual users or wallets that engaged in transactions with the hackers? Could either return the assets on a pro rata basis to those users? Does Aave LLC’s current proposal contemplate returning the assets directly and exclusively to the individuals who transacted with the hackers, and if not, what will be done with the restrained assets if the order is lifted?

Legal commentators have flagged two open questions. First, the federal circuits have not settled whether good-faith recipients of digital assets hold them free of claims that arose before they received them. Second, ranking the competing creditor claims here will turn on federal terrorism-judgment case law built largely around traditional banking21. The order itself acknowledged that the court “recognizes the risk of potential near-term harm to Aave LLC and Aave Protocol users,” but declined to act on that risk without a fuller record22.

Downstream impacts of the court case may extend risk

For funds running on-chain strategies, the risk profile of a pool of liquidity has widened. The pool can now be frozen by a court order directed at the DAO that governs it, even when the protocol’s borrowers are solvent and the underlying smart contracts are working as designed. Provenance becomes a related concern: if a meaningful share of a pool’s funds ever passed through a wallet linked to a sanctioned actor, the entire pool may be exposed to a creditor’s claim. Until the federal courts resolve whether good-faith recipients of digital assets hold them free of upstream claims, that exposure cannot be fully ruled out. Holdings of governance tokens carry a separate concern. CFTC v. Ooki DAO already established that DAO members can be held jointly liable for the DAO’s actions19; now that DAO votes are recognized as legally binding, a token holder’s vote can itself become the subject of a court order directed at the DAO.

For individual holders of on-chain assets, the same precedent operates differently. Open access to a shared lending pool does not protect a depositor from a freeze triggered by another participant’s history. Wallet identity, which most users rely on remaining private in practice, is harder to keep private once a court is involved: the sixth question in the May 13 order asks whether Aave and Arbitrum can identify the individual users who transacted with the hackers, and on-chain records make that question technically answerable20. The Arbitrum Security Council’s recovery of the 30,766 ETH already showed that a DAO can move assets out of a user-controlled wallet through a governance vote. Now that the court has recognized such a vote as legally binding, an action that was a one-time community choice becomes a tool that future courts can call on.

Essentially, DAOs gain legal personhood enough to act and shield their participants like a corporate body protecting its members. In the same vein, they gain personhood enough to be served, ordered, and bound, and the assets they custody fall within the jurisdiction of U.S. courts. More broadly, events like the Kelp DAO hack aren’t uncommon, but with each event, the digital finance ecosystem adapts and evolves. Additionally, as more DeFi actors participate in litigation, their efforts provide further credence to the legitimacy of digital finance and legal clarity for others.

While the results of the court case may expand protocol and counterparty risks, a critical part of evaluating that risk is understanding what protections are built into the protocol and where they’re located. At Gadget Capital, our managing partners have extensive experience in vetting and underwriting these risks in smart contracts as we’ve been operating in the space since 2022, so our risk management procedures have been pressure tested with each black swan event encountered. If you’re interested in learning more about our risk management methods, we welcome you to reach out.

References

  1. Aave Governance, “rsETH and WETH Reserve Reactivation,” June 1, 2026. Link
  2. Aave, “Aave v3 Markets Dashboard,” accessed June 4, 2026. Link
  3. Dune Analytics, “Aave v3 Ethereum Supply and Borrow Metrics,” accessed June 4, 2026.
  4. Gadget Capital, “The $10B Bank Run That Rattled DeFi,” April 30, 2026. Link
  5. U.S. Department of the Treasury, “TARP Programs,” Office of Financial Stability, accessed June 4, 2026. Link
  6. Group of Thirty, “Lessons from the Failure of Archegos Capital Management,” Working Group Report, July 2021.
  7. CoinDesk, “Aave Could Face Up to $230M in Losses After Kelp DAO Bridge Exploit Triggers DeFi Chaos,” April 20, 2026. Link
  8. DeFi United, “Joint Liquidity Backstop for Kelp-Affected Protocols,” public statement, April 24, 2026. Link
  9. Arbitrum Foundation, “Security Council: A Conceptual Overview,” Arbitrum DAO Governance Documentation, accessed June 4, 2026. Link
  10. Arbitrum Security Council, “Post-Incident Report: Recovery of Lazarus-Attributed ETH on Arbitrum One,” April 22, 2026. Link
  11. Arbitrum DAO Governance Forum, “Constitutional AIP: Approve Release of Frozen ETH,” Snapshot vote closed May 8, 2026 (90.5% in favor). Link
  12. Decrypt, “LayerZero Pins $292M KelpDAO Bridge Hack on North Korea’s Lazarus Group,” April 20, 2026. Link
  13. Gerstein Harrow LLP, “Restraining Notice Served on Arbitrum DAO,” public filing, May 1, 2026. Link
  14. U.S. Department of State, “State Sponsors of Terrorism: Democratic People’s Republic of Korea,” Bureau of Counterterrorism, accessed June 4, 2026. Link
  15. U.S. Department of the Treasury, Office of Foreign Assets Control, “North Korea Sanctions Program,” 31 C.F.R. Part 510. Link
  16. Foreign Sovereign Immunities Act, 28 U.S.C. § 1610(g). Link
  17. Terrorism Risk Insurance Act of 2002, Pub. L. No. 107-297, § 201. Link
  18. Han Kim v. Democratic People’s Republic of Korea, No. 1:25-mc-00527 (MMG), Order Modifying Restraining Notice to Permit Transfer of Immobilized Assets to Aave LLC (S.D.N.Y. May 8, 2026), ECF No. 52. Link
  19. CFTC v. Ooki DAO, 2022 U.S. Dist. LEXIS 235702 (N.D. Cal. Dec. 22, 2022). Link
  20. Han Kim v. Democratic People’s Republic of Korea, No. 26-mc-00094 (MMG), Order Denying Aave LLC’s Emergency Motion and Setting Supplemental Briefing (S.D.N.Y. May 13, 2026), ECF No. 7. Link
  21. Helen Pugh, “Crypto Fraud and the Bona Fide Purchaser for Value Defence,” Outer Temple Chambers, 2023. Link
  22. Cointelegraph, “New York Judge Pushes Back Hearing for Aave’s Bid to Unfreeze $71M in ETH,” May 15, 2026. Link
  23. Note on currency conversion. USD-equivalent figures attached to ETH-denominated quantities reflect the prevailing spot exchange rate at the date of the underlying event. Other published coverage may report different USD amounts for the same on-chain quantity depending on the reference date used.