DAO delegates on Arbitrum approved releasing 30,765 ETH ($71 million) frozen after a Lazarus-linked rsETH exploit, with over 90% support in an on-chain vote. The funds are intended for a recovery effort led by Aave, KelpDAO, LayerZero, EtherFi, and Compound to make affected users whole after attackers borrowed $230 million in ETH using unbacked rsETH collateral. The vote authorizes the Security Council to unlock the assets, which were frozen following the April 18 incident. The frozen ETH is also at the center of a legal dispute in Manhattan federal court, where families holding terrorism judgments against North Korea claim the funds are North Korean property due to Lazarus Group's involvement. Aave moved to vacate a restraining notice, warning of cascading liquidations. The legal clash underscores tensions between decentralized governance and court orders, with the outcome potentially setting a precedent for handling stolen crypto assets. For wallet and key holders, the delay of at least eight days due to governance rules highlights the slow, transparent nature of DAO decisions. No immediate action is needed, but users should monitor the legal case and potential court orders. The incident emphasizes the importance of robust collateral standards and the risks of cross-protocol exploits, as Aave plans to expand risk assessments beyond financial metrics. The ecosystem's self-rescue contrasts with traditional bailouts, reinforcing the need for decentralized risk management.

Key facts

• Arbitrum DAO approved releasing 30,765 ETH ($71M) frozen after a Lazarus-linked exploit.
• The exploit involved unbacked rsETH collateral on Aave, leading to $230M in borrowed ETH.
• Funds are designated for a recovery effort by Aave, KelpDAO, LayerZero, EtherFi, and Compound.
• A Manhattan court is involved due to restraining notice from North Korea terrorism judgment holders.
• Transfer is delayed at least eight days due to Constitutional AIP governance rules.

KeyAudit data perspective