Aave asks court to unfreeze $71M in Arbitrum ETH

Aave asked a U.S. federal court on May 4, 2026 to lift a restraining order that froze roughly 30,766 ETH held on the Arbitrum network. The protocol told the court the tokens belong to users and that the freeze is preventing the return of assets recovered after an April exploit of Kelp DAO’s rsETH token.

The April breach targeted a cross-chain bridge used by Kelp DAO, a liquid restaking protocol on Ethereum. Court papers say the attacker used stolen assets as collateral to borrow about $230 million in ETH from Aave. Arbitrum later seized the 30,766 ETH and set the funds aside for recovery.

In its filing, Aave argued the restrained ETH came from protocol users and should be returned to victims of the Kelp DAO incident. The protocol asked the court to lift the restraining order immediately. If the court declines, Aave requested that the plaintiffs post at least a $300 million bond to maintain the freeze.

Aave also challenged whether Arbitrum DAO can be treated as a legal entity for purposes of service and rejected the plaintiffs’ method of service. The filing said panic withdrawals after the exploit already drained key lending pools and left some users unable to access deposits, increasing the urgency of returning recovered tokens.

Aave described coordinated recovery work by an emergency coalition called DeFi United, which includes Aave, Lido and EtherFi. The group formed to restore rsETH backing after what protocol filings characterize as a $292 million exploit of Kelp DAO and to return assets recovered in the aftermath.

The plaintiffs in the case hold unpaid judgments against North Korea and contend the attacker is likely linked to the Lazarus Group. They asked the court to treat the frozen ETH as property of North Korea and to seize the funds to satisfy those judgments. In their filings the plaintiffs acknowledged the Lazarus link was plausible but maintained seizure was appropriate to enforce creditors’ rights.

Aave disputed that view, saying the funds were taken directly from user accounts and are not property of any alleged wrongdoer. The founder and CEO, Stani Kulechov, wrote in a public statement: “A thief does not own what he steals. These funds belong to the affected users they were stolen from — end of story.”

Attorneys for the plaintiffs countered that the restraining notice against Arbitrum DAO was not intended to assist Aave Protocol victims and said the notice served a different enforcement purpose. The dispute highlights tensions between decentralized finance recovery efforts and creditors seeking to enforce court judgments against states accused of sponsoring cybercrime.

Separately, negotiators working on stablecoin rules reported a bipartisan breakthrough on proposed limits for yield. Lawmakers are drafting language that would allow some crypto rewards tied to user activity while restricting interest-like payments on idle balances, changes that could affect how protocols manage user rewards and liabilities going forward.