Arbitrum freezes $71M after exploit
- Arbitrum’s Security Council said April 21 it froze 30,765.67 ether tied to the KelpDAO exploiter on Arbitrum One after the rsETH bridge attack. - The council used an emergency inbox-contract upgrade to impersonate the attacker’s address, move the ether to a locked wallet, and require governance. - Aave Labs, KelpDAO and LayerZero now want DAO approval to release the frozen ether into recovery for rsETH holders. (forum.arbitrum.foundation)
Arbitrum’s Security Council said on April 21 it froze 30,765.6675 ETH tied to the KelpDAO exploiter on Arbitrum One. (forum.arbitrum.foundation) The council said it acted at 11:26 p.m. Eastern Time and moved the funds to a locked address ending in DA0. (forum.arbitrum.foundation) Arbitrum said the freeze used an atomic emergency action on Ethereum: upgrade the inbox contract, send an override transaction that impersonated the exploiter, then restore the original code. (forum.arbitrum.foundation) That means the council did not pause the whole chain or seize unrelated balances. It moved one traced pool of ether into a wallet that now needs another governance action before it can move again. (forum.arbitrum.foundation) The frozen ether came from the KelpDAO rsETH exploit, which an April 25 Arbitrum proposal said released 116,500 rsETH on Ethereum without a matching burn on the source chain. (forum.arbitrum.foundation) That proposal, filed by Aave Labs with KelpDAO, LayerZero, EtherFi and Compound, said only 40,373 rsETH remained as confirmed backing for 152,577 rsETH of remote-chain claims. (forum.arbitrum.foundation) The same filing said the shortfall was about 76,127 rsETH, and that the 30,765.67 ETH frozen on Arbitrum would make a “material contribution” to restoring backing. (forum.arbitrum.foundation) Aave’s service providers said the exploiter had supplied 89,567 rsETH to Aave and borrowed 82,650 WETH plus 821 wstETH against those positions across Ethereum Core and Arbitrum markets. (forum.arbitrum.foundation) Arbitrum’s own governance docs say emergency actions exist for security emergencies on DAO-governed chains, while constitutional proposals face a delay so users have time to withdraw before core changes take effect. (docs.arbitrum.foundation) That structure is now at the center of the next step. The April 25 proposal asks Arbitrum governance to approve releasing the immobilized ETH into a coordinated remediation effort for affected rsETH holders. (forum.arbitrum.foundation) For now, the money is frozen, not returned. Arbitrum said any release must come through a subsequent governance action coordinated with relevant parties. (forum.arbitrum.foundation)
