DeFi lender Aave and other stakeholders affected by the Kelp DAO hack last month have launched a binding Arbitrum governance vote to transfer $71 million in disputed ether to an address controlled by Aave LLC.
A Constitutional Arbitration Enhancement Proposal, or AIP, is the DAO’s formal on-chain governance mechanism for approving binding protocol actions. This amended proposal implements Judge Margaret Garnett’s recent court order, which authorizes an on-chain Arbitrum DAO vote to transfer frozen ETH from its current immobilized address to a wallet controlled by Aave LLC, provided that the cease-and-desist notice requested by creditors of the North Korean terror judgment is complied with.
If approved, the proposal would move 30,765 ETH from the wallet in which the Arbitrum Security Council has locked the funds to an address controlled by Aave LLC, as required by the court order. However, the assets would remain subject to strict legal restrictions and could not be freely used, transferred or deployed by Aave LLC unless authorized by the court.
The legal battle over frozen assets has taken an unusual turn after blockchain forensics companies widely attributed the exploit to North Korea’s Lazarus Group. This attribution comes from blockchain analysis firms and external forensic research, and has not been established as a legal conclusion either through the Arbitrum governance process or in ongoing legal proceedings.
Yet that attribution has been cited alongside broader legal arguments by lawyers representing families holding about $877 million in unpaid U.S. judgments against North Korea for terrorism, who argue that if the assets are ultimately deemed linked to North Korea for enforcement purposes, they could potentially be used to satisfy those long-standing court awards.
Aave disputes this premise, arguing that the ether belongs to the users harmed by the exploit, not the attackers who briefly controlled it, turning the matter into a fight over whether the funds should go to DeFi victims or terrorism creditors.
In a separate lawsuit, many of the same creditors of the terrorism judgment sued the Railgun DAO privacy protocol, alleging that it allowed funds linked to North Korea to flow through its infrastructure rather than freezing them, as part of a broader strategy to pursue crypto allegedly linked to Pyongyang through decentralized finance.
Voting on the AIP is expected to begin on May 15.
