Arbitrum has frozen 30,766 ether, valued at roughly $71.1 million, tied to a major cross-chain exploit. The intervention signals active coordination between blockchain governance and law enforcement in containing large-scale DeFi breaches.
The Arbitrum Security Council executed the freeze on funds held within an address on Arbitrum One linked to the $292 million Kelp DAO exploit over the weekend. According to a statement posted Tuesday, the assets were moved into an intermediary wallet without affecting broader network operations or user activity. The funds remain immobilized pending governance approval for further action.
The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times,…
— Arbitrum (@arbitrum) April 21, 2026
Can Governance Mechanisms Contain Cross-Chain Risk?
The incident highlights growing reliance on governance frameworks to respond to security failures in decentralized finance (DeFi). Data from DeFiLlama shows total value locked (TVL) across DeFi stands near $90 billion, making coordinated responses increasingly critical as exploit sizes scale. But, cross-chain infrastructure continues to present concentrated risk vectors compared to single-chain protocols.
Arbitrum stated the decision followed input from law enforcement regarding the exploiter’s identity, emphasizing a balance between intervention and network neutrality.
“The Security Council acted with input from law enforcement… and weighed its commitment to the security and integrity of the Arbitrum community without impacting any users or applications,” the team said.
The freeze follows the loss of 116,500 rsETH tokens, worth approximately $292 million, in an exploit involving Kelp DAO’s LayerZero-powered bridge. Preliminary analysis from LayerZero linked the attack to the Lazarus Group, a North Korea-affiliated hacking entity. LayerZero also criticized Kelp DAO’s use of a 1-of-1 decentralized verified network configuration, citing a single point of failure.
Still, Kelp DAO disputed that claim, stating the configuration was deployed as a default within LayerZero’s system. The next catalyst will be whether Arbitrum governance authorizes recovery actions or coordinates asset restitution across jurisdictions.
