A federal judge in Manhattan has cleared the way for Aave’s recovery efforts after the North Korea-linked rsETH exploit last month, allowing the transfer of $71 million in frozen ether out of Arbitrum while preserving the legal rights of victims of North Korean terrorism to the funds.
In a two-page order issued Friday evening US time, Judge Margaret Garnett amended a cease-and-desist notice previously served on the Arbitrum DAO to allow an on-chain governance vote transferring the locked-in ETH to a wallet controlled by Aave LLC.
The order also protects participants from liability under the notice, stipulating that any person who initiates, votes or participates in the transfer will not violate the freeze.
Judge Garnett’s decision follows a previous off-chain Snapshot temperature check in which Arbitrum delegates overwhelmingly signaled their support for the return of frozen ETH as part of Aave’s broader recovery plan. However, any actual transfer still requires a separate, binding vote on chain governance.
The ruling ends an immediate standoff that had threatened to derail a coordinated DeFi recovery effort after attorney Charles Gerstein, representing families holding about $877 million in unpaid terrorism judgments against North Korea, argued that frozen ETH could be seized because the exploit was widely attributed to the Pyongyang-backed Lazarus Group.
Beyond the arbitration dispute
Gerstein’s ruling against Arbitrum is part of a broader legal strategy to pursue assets linked to North Korea as they surface on decentralized finance (DeFi) infrastructure.
In another lawsuit in January, many of the same counterterrorism creditors who sued Arbitrum sued Railgun DAO, alleging that the confidentiality protocol allowed North Korean actors to move funds that should have been frozen and made available to creditors.
At the time, the plaintiffs claimed that North Korean hackers were using Railgun to launder funds from past cyberattacks, including the $1.5 billion Bybit exploit, and argued that the protocol should have frozen those assets rather than allowing them to move forward.
Once DPRK-controlled wallets transferred funds through the protocol, those assets became potential collection targets, they argued.
In March, they asked a federal court clerk in Washington to default against Railgun DAO after alleging the memorandum failed to respond to the complaint despite being served with it. Their complaint also names Digital Currency Group, alleging that the crypto investment firm’s purchase of $10 million in Railgun governance tokens in 2022 made it a participant in the governance and economics of the DAO.
And in February, plaintiffs attempted to secure the USDT that the U.S. government had sought to seize through a forfeiture petition.
