Arbitrum Security Council Freezes $71.5M in ETH Linked to KelpDAO Exploit
Emergency action follows law enforcement input on exploiter identity; funds moved to intermediary wallet requiring governance approval
Hızlı Bakış
- The Arbitrum Security Council has frozen 30,766 ETH ($71.5 million) allegedly linked to the KelpDAO exploit that stole $292 million on April 18.
- The emergency action, taken after law enforcement provided information about the exploiter's identity, moved the funds to an intermediary wallet accessible only through Arbitrum governance votes.
- The freeze has sparked debate over layer-2 governance trade-offs between rapid security response and decentralization.
Yapay zekâ özeti
Neden Önemli?
KelpDAO is a liquid restaking protocol that was exploited for $292 million on April 18, 2026. The attackers used a sophisticated method compromising RPC nodes in LayerZero's network. LayerZero attributed the attack to North Korea's Lazarus Group. A dispute has emerged between LayerZero and KelpDAO over security configuration responsibilities.
The Arbitrum Security Council has frozen 30,766 ETH worth $71.5 million allegedly linked to the KelpDAO exploit, moving the funds to an intermediary wallet. In a tweet, the council explained the "emergency action" was taken following law enforcement input about the exploiter's identity. Following the move, the funds are "no longer accessible to the address that originally held the funds," the council said, adding that they can only be moved "by further action by Arbitrum governance, which will be coordinated with relevant parties." The Arbitrum Security Council consists of elected signers with emergency powers to protect the layer-2 network during security incidents. When activated, the council can immediately freeze assets and move them to wallets accessible only through subsequent governance votes. The frozen funds from the alleged KelpDAO exploiter now sit in an intermediary address that requires community approval through Arbitrum's governance process to access. The freeze sparked debate regarding layer-2 governance and the resultant trade-offs between rapid security response and decentralization, with Arbitrum's ability to unilaterally freeze funds during emergencies attracting both praise and criticism online. The KelpDAO exploit KelpDAO, a liquid restaking protocol, suffered a $292 million exploit on April 18 when attackers drained 116,500 rsETH tokens. In the wake of the hack, LayerZero attributed the attack to North Korea's Lazarus Group. The attackers allegedly compromised RPC nodes in LayerZero's network, poisoning two nodes while launching DDoS attacks on a third. In the wake of the incident, a dispute emerged between LayerZero and KelpDAO over security configurations, with each party pointing to different documentation standards for the protocol's setup.
Bundan Sonra Ne Olabilir?
Yapay zekâ öngörüsü — kesinlik taşımaz
Arbitrum governance will vote on final disposition of frozen funds within 30-60 days
Muhtemel · Haftalar içinde
Additional disputes between LayerZero and KelpDAO over liability likely to continue
Muhtemel · Haftalar içinde
Açık Sorular
- Will the remaining stolen funds be recovered?
- What specific law enforcement information led to the freeze?
- How will Arbitrum governance handle the final disposition of the frozen funds?
- What security changes will LayerZero implement to prevent similar attacks?






