Authors: Aave Labs, KelpDAO, LayerZero, EtherFi, Compound
Proposal Type: Constitutional AIP
Date: April 25, 2026

Abstract

Aave service providers are working with the KelpDAO team, LayerZero team, EtherFi, Compound, and other ecosystem parties on a recovery effort, with the goal of making affected rsETH holders whole. This proposal asks Arbitrum Governance to approve the release of the 30,765.67 ETH immobilized by the Arbitrum Security Council into that coordinated remediation effort. Those funds are intended to be applied toward making affected rsETH holders whole, with the goal of restoring rsETH’s backing.

This is proposed as a one-time measure given that the funds are already immobilized, the release destination is the sole remaining governance question, and releasing them to the ongoing coordinated recovery effort could make a significant positive impact.

Motivation

On April 21, 2026, the Arbitrum Security Council froze 30,765.667501709008927568 ETH held by the exploiter on Arbitrum One and moved the funds to 0x0000000000000000000000000000000000000DA0. It was also stated publicly that a subsequent governance action is required to release those funds. Aave service providers are working with the KelpDAO team, LayerZero team, Compound team and other ecosystem parties on a recovery effort for rsETH holders. This proposal is intended to route already-secured funds into that coordinated recovery process.

This exploit has led to a deficit in rsETH’s backing. LlamaRisk’s April 20 incident report states that the KelpDAO rsETH Unichain-to-Ethereum route released 116,500 rsETH on Ethereum without a corresponding source-side burn, breaking the bridge invariant that Ethereum-side locked rsETH should cover remote-chain minted supply. At the time of the report, only 40,373 rsETH remained in the adapter as confirmed backing for 152,577 rsETH of remote-chain claims. The resulting backing shortfall is approximately 76,127 rsETH. The 30,765.67 ETH on Arbitrum represents a material contribution toward restoring that backing.

Across Aave’s Ethereum Core and Arbitrum markets, the exploiter supplied 89,567 rsETH to Aave and borrowed 82,650 WETH plus 821 wstETH against those positions. Note: Aave’s smart contracts were not compromised and the incident originated outside the protocol. Returning the frozen ETH to the recovery effort would directly reduce the outstanding impairment to rsETH’s backing, which in turn would reduce the impairment on the Aave V3 Arbitrum market and its users.

Increasing rsETH’s backing helps restore normal conditions for Arbitrum users, along with users across DeFi more broadly.

Rationale

Arbitrum has publicly stated that a governance action is required to release the immobilized funds. The Arbitrum community and its users are directly affected by the rsETH incident, as are users across the broader DeFi ecosystem.

In line with this, our proposal asks Arbitrum DAO to release the recovered ETH into an ongoing, coordinated recovery effort involving the parties listed above and many others with the goal restoring the economic backing of rsETH.

Releasing the immobilized funds into this coordinated recovery effort is the best way to support affected users and provides a clear destination for the funds.

Key Terms

• Frozen ETH: The 30,765.667501709008927568 ETH frozen by the Arbitrum Security Council on April 21, 2026 and moved to 0x0000000000000000000000000000000000000DA0.

• Designated recovery address: A 3-of-4 Gnosis Safe (SAFE) with signers from Aave Labs, KelpDAO, and Certora, and EtherFi, designated for the rsETH incident recovery effort and used solely to receive and apply recovered ETH toward that effort.

• Recovery address: 0xf228130ce4fAB082C7D5522c90833cec83A9C15e

• Recovered amount: The amount of ETH that Arbitrum governance authorizes for release under this proposal.

• Final release amount: 30,765.67 ETH

Specifications

This Constitutional AIP proposes the release of 30,765.67 ETH, the full frozen balance currently held at 0x0000000000000000000000000000000000000DA0, to 0xf228130ce4fAB082C7D5522c90833cec83A9C15e.

The recipient address will be a 3-of-4 Gnosis Safe with signers from Aave, KelpDAO, EtherFi, and Certora.

The released ETH is intended to be used solely for the remediation of losses arising from the exploit. If the coordinated recovery effort does not proceed as planned, the parties will return to Arbitrum Governance for further direction on the preferred use of funds.

Before onchain submission, authors of this proposal will update it with the final recipient address, the final ETH amount requested for release, and a short reconciliation appendix showing how the requested amount maps to the Arbitrum-side frozen balance and the intended remediation path.

Use of Funds

The ETH is intended to be applied in a neutral and non-discriminatory manner toward restoring rsETH’s backing within the Kelp protocol. Every unit of ETH returned to the recovery effort narrows the backing shortfall and moves rsETH closer to full collateralization.

A full recovery would restore rsETH’s backing entirely, normalizing conditions for all rsETH holders, liquidity providers, and borrowers across Arbitrum and the rest of DeFi. A partial recovery would still meaningfully reduce the shortfall, improving the position of affected users proportionally and increasing the likelihood that the remaining gap can be closed through other contributions to the coordinated effort.

In either case, the outcome for Arbitrum users is better than leaving the funds frozen. The exploit created impairment for users on Arbitrum and across DeFi and every ETH returned to the recovery effort reduces that impairment directly.

Steps to Implement

First, Aave Labs has published this Constitutional AIP on the Arbitrum forum for discussion and feedback.

Second, a Snapshot temperature check may be conducted to gauge delegate sentiment before moving onchain.

Third, if the proposal proceeds, it will be submitted onchain via Tally as a Constitutional AIP, targeting the Arbitrum Core governor, with the final executable action and recipient parameters.

Fourth, if the onchain vote passes, the proposal will proceed through Arbitrum’s Constitutional AIP lifecycle, including the applicable waiting periods, message finalization, and final execution.

Timeline

1. Forum publication: immediate

2. Forum discussion: 1 week

3. Temperature check: 1 week

4. Onchain submission: after forum discussion and any temperature check, through the Arbitrum Core governor. Constitutional proposals are submitted through Arbitrum Core.

5. Voting delay: 3 days after onchain submission before voting begins.

6. Onchain vote: 14 days, extendable to 16 days if quorum is reached in the final 2 days.

7. L2 waiting period: 8 days for a Constitutional AIP.

8. L2-to-L1 message finalization: typically at least 1 week.

9. L1 waiting period: 3 days.

10. Execution: after completion of the Constitutional AIP lifecycle and any additional implementation steps.

11. Total estimated period: approximately 49 days

Overall Cost

No new treasury allocation is requested.

This proposal concerns the release of ETH already frozen on Arbitrum One in connection with the exploit. The direct budgetary cost to Arbitrum DAO is therefore expected to be zero outside of normal governance execution overhead.

Requested Feedback

Aave Labs requests feedback on whether Arbitrum Governance supports release of the frozen ETH into the coordinated rsETH recovery effort.

Conflict of Interest Disclosure

Authors are submitting this proposal because they are affected by this incident, and because the requested release would benefit the ongoing coordinated recovery effort, releasing frozen proceeds to restore rsETH’s backing.

Indemnification

As a condition of the requested release, Aave Labs, together with its affiliates, subsidiaries and successors-in-interest (collectively, “Aave Labs”), jointly and severally agree to unconditionally indemnify, defend, and hold harmless The Arbitrum Foundation, Offchain Labs, Inc., the Arbitrum Security Council and each member thereof and each of their officers, directors, agents, employees, advisors, contractors, representatives, and successors (each, an “Indemnified Party”) from and against any and all claims (including any claims brought by tokenholders, DAO participants, counterparties, or governmental authorities from any jurisdiction), regulatory inquiries, actions, demands, proceedings, losses, damages, fees, lost profit, tax, reduction in value, liabilities, costs, and expenses (including reasonable fees and expenses of lawyers, accountants, auditors, experts and other professionals), known and unknown claims, whether in contract, tort, criminal (to the fullest extent permitted by applicable law), or otherwise, directly or indirectly arising out of, arising from, resulting from or in connection with (1) the Arbitrum Security Council’s action to freeze the 30,766 ETH being held in the address on Arbitrum One that was connected to the KelpDAO exploit at the time of such action and its movement to a new address (“Frozen ETH”), (2) the release and movement of the Frozen ETH to the designated recovery address pursuant to this proposal (the “Delivery”), and (3) any and all actions of an Indemnified Party in furtherance of the actions described in clauses (1) and (2), in each case including enforcement actions, penalties, and reasonable defense costs related thereto (such amounts, collectively, “Indemnifiable Expenses”).

Promptly following the passage of this proposal, if applicable, and prior to initiating the Delivery, Aave Labs shall promptly enter into a customary Indemnification Agreement with each of the Arbitrum Foundation, Offchain Labs, Inc., and each member of the Arbitrum Security Council, which shall memorialize the terms set forth herein and shall further provide: (1) for advancement of all Indemnifiable Expenses within five business days of upon written request, (2) for contribution in the event that indemnification is unavailable to an Indemnified Party for any reason whatsoever, (3) that Aave Labs is the indemnitor of first resort (i.e., its obligations to the Indemnified Party are primary and any obligation of a third party to advance expenses or to provide indemnification for the Indemnifiable Expenses are secondary), (4) that each Indemnified Party shall have the right in its sole discretion to conduct the defense of and to settle or resolve any such claim, which shall be included as Indemnifiable Expenses; however, (i) Aave Labs shall have the right to initial notice from and reasonable consultation with the Indemnified Party on the status of any such claim, and (ii) Aave Labs shall have the right to advance notice of, and consent to, any resolution of such claim, which consent shall not be unreasonably withheld, (5) that this indemnification shall survive indefinitely and shall not be limited by the completion of the actions contemplated herein, the termination of this proposal, or the resignation or removal of any Indemnified Party, (6) that the indemnification obligations shall not be subject to any cap, basket, deductible, or limitation (either individually or in the aggregate with respect to the Indemnified Parties), (7) that indemnification shall apply to the fullest extent permitted by law, including claims alleging negligence, gross negligence, or breach of fiduciary duty (but excluding willful misconduct or fraud), (8) all amounts payable by Aave Labs under or in connection with the Indemnification Agreement shall be paid in full without any set-off or counterclaim and free and clear of any deductions or withholdings for any and all present or future taxes, levies, imposts, duties, charges, fees, deductions, or withholdings of any nature imposed by any governmental authority to the maximum extent allowed by applicable law; provided, however that such payments shall include any “gross up” that may be necessary to ensure that the Indemnified Party is economically whole on an after tax basis, (9) the rights of the Indemnified Parties pursuant to the Indemnification Agreement shall apply irrespective of, and shall not be reduced by, any insurance maintained by an Indemnified Party or any third party indemnitor, and (10) that the Indemnification Agreements contemplated herein shall be governed by and construed in accordance with the laws of the State of New York, without regard to conflict of laws principles, and in the case of any dispute resolution relating to this Agreement, Aave Labs hereby submits to the exclusive jurisdiction of the state and federal courts located in New York County, New York for such dispute resolution process, (11) solely with respect to The Arbitrum Foundation’s Indemnification Agreement, that Aave Labs shall reimburse the Arbitrum Foundation for any Indemnifiable Expenses incurred as a result of payment from The Arbitrum Captive Insurance Product (as further detailed at https://docs.arbitrum.foundation/assets/files/ArbitrumFoundationCaptiveInsuranceProduct-c149a557e210f00d0c457b10b367f58c.pdf) to ArbitrumDAO delegates as if such ArbitrumDAO delegate was an Indemnified Party and (12) the Indemnified Parties shall represent and warrant in their appliable Indemnification Agreement that, to their actual knowledge, they have not paid or become obligated to pay any cash amounts constituting Indemnifiable Expenses prior to the date of the first publication of this proposal that they intend to seek indemnification for pursuant to their Indemnification Agreement.

Good proposal in overall. The only things that concerns me is the timeline. It can take up to 49 days to release the frozen ETH. Many parties have open positions on AAVE that might run into problem if they have to wait 49 days. Is it possible to speed up this proces of unfreezing the ETH. I’ve got the feeling there is a broad consensus the frozen ETH should be used to resolve the situation.

As a member of the Security Council and as a delegate, I want to be clear that I am speaking here only in my role as a delegate. My role as a Security Council member in this matter is complete.

I agree with @Nicksta & strongly support expediting this process. We should move to a Snapshot vote as soon as possible to validate the community’s intent and avoid unnecessary delays in unlocking these funds.

That said, before progressing to the on-chain vote, there are still critical open questions that need clear answers:

• What is the expected outcome for Arbitrum users of Aave affected by this situation?
• What happens to Arbitrum users who were holding rsETH before the exploit?
• In the case of partial recovery, how will losses be socialized, and across which groups?

These funds were secured on Arbitrum, and it’s important to understand how the outcomes will impact users within the Arbitrum ecosystem specifically. Clarity here is essential for informed governance.

Before any on-chain execution, the DAO should clearly communicate:

• Both recovery scenarios: full & partial
• The distribution plan under each scenario
• How affected users are prioritized or treated

I’m supportive of moving quickly, but we need transparency around outcomes before the final transaction so delegates and the broader community can make a well-informed decision.

A few quick observations from a governance standpoint:

Supportive of the intent frozen exploit funds being returned to affected users is the right outcome, and the indemnification from Aave Labs meaningfully reduces risk for the Arbitrum Foundation.

Two questions I’d like clarity on before Temperature Check:

Will there be an on-chain or public report after recovery detailing how funds were distributed and to whom?

If recovery is only partial, what’s the concrete plan beyond “return to Arbitrum Governance for further direction”?

The 2-of-3 Safe structure is reasonable, but accountability doesn’t end at fund release it ends at verified distribution.

@AaveLabs

Thanks to the authors for putting this together. Routing the 30,765.67 ETH into the coordinated recovery effort is the right destination in principle; leaving the funds frozen indefinitely helps no one. That said, before this moves to Snapshot, two conditions should be made explicit in the final spec:

1. Arbitrum users must be made whole, with no haircut and no pro-rata socialization with non-Arbitrum claimants on these specific funds.

2. Delegates voting on this proposal must be properly protected, not just nominally referenced.

My reasoning on the no-haircut condition:

1. The funds were on Arbitrum, frozen by the Arbitrum Security Council, and would be released by Arbitrum governance. Arbitrum DAO is the only entity with discretion over their destination. That discretion should not be exercised in a way that worsens the relative position of Arbitrum users versus rsETH holders on other chains who had no equivalent recovery mechanism available.
2. The current spec is silent on allocation methodology. The proposal says funds will be applied “in a neutral and non-discriminatory manner toward restoring rsETH’s backing within the Kelp protocol.” Neutral across whom? A flat pro-rata distribution across all 76,127 rsETH of shortfall would mean Arbitrum-sourced ETH subsidizes losses on chains where no funds were ever recoverable. That’s not neutral from Arbitrum’s standpoint, it’s a transfer.
3. The indemnification language protects the Foundation, Offchain Labs, and the Security Council, not retail users. The Section 1–12 indemnity is appropriately broad for the parties signing it, but it does nothing for the actual Arbitrum users who took losses. A no-haircut commitment for those users is the user-facing analogue and should be a precondition, not a hope.

On delegate indemnification, item (11) is not enough.

DAO delegates are not named Indemnified Parties anywhere in the clause. The defined set is the Arbitrum Foundation, Offchain Labs, the Security Council and its members, and their officers, directors, agents, employees, advisors, contractors, representatives, and successors. Delegates appear only in item (11), and only indirectly: Aave Labs reimburses the Foundation if the Captive Insurance Product pays out to a delegate, treating that delegate “as if” they were an Indemnified Party for the limited purpose of that reimbursement.

That structure has real gaps:

• Delegates have no direct claim against Aave Labs. If the Captive Insurance denies a claim, excludes a category of loss, or runs into a coverage cap, item (11) is silent.
• Delegates don’t get advancement of defense costs. Item (1) of the agreement provides advancement within five business days for Indemnified Parties but delegates don’t qualify, so they’d have to fund their own defense and seek reimbursement through the Captive Insurance afterward.
• The “as if” framing means delegates inherit none of the substantive protections in items (2)–(10), including the no-cap provision in item (6), the gross-up in item (8), and the no-set-off protections in item (8).

For a Constitutional AIP touching frozen funds linked to a major exploit (exactly the kind of vote most likely to attract litigation or regulatory inquiry) this is the wrong threshold of protection. Delegates should not have to weigh personal legal exposure against governance participation on a vote the authors themselves benefit from.

Concrete asks before onchain submission:

• Add a section to the spec specifying the waterfall: Arbitrum-side affected users (Aave V3 Arbitrum positions impaired by this incident) made whole at 100%, with residual ETH flowing to the broader rsETH backing restoration.
• Publish a reconciliation showing the Arbitrum-side claim amount in ETH terms, so delegates can verify the 30,765.67 ETH comfortably covers it before any cross-chain allocation.
• Add ArbitrumDAO delegates voting on this AIP as direct Indemnified Parties, or at minimum extend item (11) to include direct advancement of defense costs and a backstop where the Captive Insurance Product does not provide coverage.

Thanks for putting this together. Returning stolen property to its rightful owners is the right move.

+1 to everything Griff and 0xDonPepe raised. Arbitrum-side claimants need to be sized clearly inside the waterfall, the math needs to be public before the on-chain vote, and delegates should be added as Indemnified Parties.

As delegates we need to understand what we’re voting on. Collaboration will bring the best possible outcome for everyone, Arbitrum included. But to vote on this in good faith, we need clarity on how Arbitrum users get affected and what KelpDAO is putting in from their treasury alongside the seized ETH.

As Nicksta pointed, 49 days is a long window for the people on the wrong side of those Aave positions. If the disbursement plan can get finalized in parallel with the temperature check rather than after, we save material time without cutting safety steps.

Thanks, it’s a good proposal and I support it in principle. I’ll go through the strengths here, the points that still need to be addressed, and note where this aligns with other comments above.

TLDR - The frozen exploit-linked ETH should be used to reduce user harm and leaving the funds immobilized doesn’t help anyone. The destination is clear, but the distribution logic isn’t clear enough and the proposal isnt ready for on-chain execution in its current form.

Strengths

1. Works for the common-good of logic acting to restore damaged participants
2. Treats the ETH as remediatin capital, not as DAO upside
3. Good to repair affected users
4. Correctly returns the decision to governance because the Security Council acted under emergency conditions and the final release definitely needs DAO approval. This keeps emergency power subordinate to constitutional governance
5. There’s a clear practical benefit since the ETH would materially reduce the rsrETH backing shortfall. Even partial recovery improves conditions for affected users.
6. Arbitrum has a real stake since funds were frozne on Arbitrum, Arbitrum users were affected, and Arbitrum governance must understand the impact on our own users
7. 2-of-3 Safe is better than an undefined recovery destination and signers from Aave, KelpDAO and Certora create some institutional accountability
8. There’s no new treasury spend being allocated
9. The indemnity appears to protect the Foundation, Offchain Labs and Security Council actors, which may reduce legal friction

Clarification needed (and suggestions that might help)

1. There’s no clear distribution waterfal. The proposal says funds will restore rsETH backing ‘neutrally’ but doesn’t say who’s prioritized. Needs to define whether Arbitrum users are made whole first. Covered by Griff, OxDonPepe, and Zeptimus
2. Arbitrum user impact isn’t specified enough. No clear sizing of Arbitrum Aave users’ claims. Treatment of Arbitrum rsETH holders isn’t clear. Full and partial recovery outcomes are unclear. The proposa needs an Arbitrum-specific claim table added. Covered by Griff, OxDonPepe, and Zeptimus
3. Partial recovery plan is too vague. It’s not enough to just say return to Arbitrum Governance. Delegates need to now what happens if recovery is incomplete. So add full recovery, partial recovery, failed recovery, surplus and disputed-claim scenarios. Covered by Griff and MconnectDAO
4. The proposal explains where funds go but doesn’t explain how final distribution will be verified. Needs a pubic-post recovery report and independent attestation. Covered by MconnectDAO, Griff and Zeptimus.
5. Needs a safe charter appendix because safe duties are not detailed enough. Although safe signers are named, I can’t see details on mandate, limits, reporting, signer conflicts and unused-fund handling.
6. The indemnity does seem to protect the Foundation, Offchain Labs and the Security Council but delegates are not clearly direct indemnified parties. So add delegates as direct indemnified parties or explicit defense-cost advancement/backstop.
7. The conflict of interest disclosure isn’t sufficient right now. The authors are affected parties, so although disclosure is good, governance also needs procedural safeguards. Add author exposure table, recovery-role table, and signer conflict disclosures.
8. Timeline is really too slow. It might be normal procedurally, but as alluded to by Nicksta, Griff and Zeptimus, Aave positions may deteriorate during that period. So add parallelize Snapshot, reconciliation, indemnity drafting, and distribution-plan finalization.
9. There’s no general precedent framework. The proposal handles only this incident. It doesn’t create a standing rule for future frozen exploit proceeds. Might be wise to add a precedent appendix stating limits of this action and recommending future emergency asset-handling rules.

In a nutshell, it’s good to move to Snapshot quickly but do not support on-chain execution until the following are added:

• Arbitrum-user impact table.
• Distribution waterfall.
• Full and partial recovery scenarios.
• Public reconciliation of claims and frozen ETH.
• Safe charter.
• Post-distribution reporting.
• Stronger delegate indemnification.
• Accelerated parallel timeline.

One thing i feel is missing from this post is if the procedure is waiting purely for this release

• who has already sent their ETH
• who has yet
• Therefore, even if Arb releases this ETH, how long after that will the process take.

ARB is contributing the largest amount back, mind you its not a donation, rather a recovery, but i still think the largest amount should be sent last. or at least with clear indication that there will not be more waiting there.

Im am personally affected here, and TBClear, want this done as fast as possible.

Hi, 'd like to reiterate my thoughts on the need to avoid bureaucracy in this urgent situation and move straight to on-chain voting on Thursday.

Following Lido’s example, which allocates funds from its treasury, their vote began last week and ends today.

Also, I have a question about address 0xf228130ce4fAB082C7D5522c90833cec83A9C15e, as I had previously received information that the address was different, namely

Greetings Arbitrum community,

Thank you to all of the delegates and community members who have engaged with this proposal. Across the comments, a set of common questions has emerged. We have grouped the feedback into the themes below and addressed each one directly. The points raised by Nicksta, Griff, MconnectDAO, 0xDonPepe, Zeptimus, and OliverBuilds are reflected in the answers that follow.

Multi-sig Update

Per community feedback, the recovery address multi-sig has been upgraded from a 2/3 multi-sig to a 3/4 multi-sig. EtherFi has been added as the fourth signatory and currently has a proposal in progress to donate 5,000 ETH to the ongoing DeFi United effort.

rsETH Backing Technical Implementation Plan Update

DeFi United, a coalition of ecosystem participants, has issued the technical implementation plan to restore the KelpDAO rsETH backing following the April 18 incident. The plan covers the technical details on how rsETH’s backing will be restored, how the exploiter’s positions will be cleared up across Aave and Compound, and all other technical steps required to make rsETH whole and resume normal market operations. Find it here.

Can the timeline be expedited?

Attendees at the Arbitrum governance call, commenters on this forum post, and DAO participants in direct conversation have expressed interest in moving faster where the framework allows. Given the urgency of the situation, we are prepared to support an expedited pathway if delegates so choose and we welcome guidance on what that would look like. If the DAO prefers to proceed through the standard Constitutional AIP process, we respect that decision as well and hope to stay aligned with the Arbitrum DAO on best next steps.

What happens in a full recovery versus a partial recovery, and is there a distribution waterfall?

The recovery effort has been sized against the full backing shortfall, funded in advance through a combination of capital commitments from participating parties, ongoing treasury proposals, and other contributions sourced across DeFi United.

Arbitrum users who held rsETH prior to the exploit benefit through the same mechanism as all other rsETH holders, which is restoration of backing at the asset level. Because the recovery is funded to close the shortfall in full, no shortfall analysis or user-level distribution calculation is required.

For that reason, the proposal does not include a distribution waterfall. A waterfall mechanism is designed to prioritize one group of users over another in a partial recovery scenario, which is precisely the outcome this coordinated effort has been structured to prevent.

How are Arbitrum users being impacted?

With rsETH backing set to be restored in full, Arbitrum users and protocols can expect the shortfall to be closed. On Aave’s Arbitrum market, that means rsETH-collateralized positions are not expected to face incident-driven liquidations tied to the backing shortfall, and the market is not expected to absorb bad debt from this incident. WETH suppliers to the Arbitrum market benefit accordingly.

Will there be post-recovery reporting and verification?

Once the recovery is complete, we will publish a full account of how rsETH backing was restored, how affected markets (including Aave and Compound) were managed, what steps were taken by KelpDAO and LayerZero, and confirmation that funds were applied solely toward making rsETH users whole.

Aave Labs

I also wanted to swing by and say thanks to the DAO for having us on today’s governance call. We are really grateful for the feedback, support, and guidance so far.

Thanks @AaveLabs for the proposal and the update, and more generally for taking initiative in this situation. I am in support of the proposal to release the frozen funds to Defi United’s effort without any waterfall distribution conditions.

Much is unusual and unprecedented about this situation, including the wide range of the affected parties and the fact that Security Council took action in an exploit unrelated to any vulnerability in the Arbitrum Protocol itself. It isn’t self-evident to me that the affected parties on Arbitrum should be given priority to funds that the Security Council was able to freeze in an industry-wide recovery process like this, and I don’t see anything in the Arbitrum DAO Constitution indicating that such a policy should necessarily be the one followed. In the already remarkable recovery effort that AAVE has been leading, we’ve seen many parties step forward and donate large sums of ETH to help make users whole, and they (as far as I know) have done so without any conditions of prioritizing specific users. Many of the biggest donors are projects and individuals who weren’t at all responsible for the exploit and who aren’t directly affected by it. Given that, and adding to that the fact that’s what’s being considered here isn’t a donation of any funds from the Arbitrum DAO’s reserves, but rather recovery of a pool of entirely stolen funds, I think it would be most fitting and appropriate for the DAO to follow suit in this collective effort.

In their post, @AaveLabs seems confident that they will likely be able to restore rsETH to its full backing, in which case discussion about the distribution would be (happily) moot anyway. That said, while I’m glad to see AAVE’s optimism, I think it would be helpful to have some more concrete details about the risks of falling short. The language in the update seems to suggest that so long as the public proposals like this one pass, and barring and operational errors, full restoration is likely. An updated breakdown of the numbers as they stand, and the specific scenarios that would lead to losses (and their estimated likelihood etc.) would probably help other delegates gain confidence in this decision (though given the urgency to move things along, I encourage delegates not to wait for further updates before participating in the discussion). My hope is that given the uptick in contributions to Defi United even in the past few days, the update will be a positive one.

As for expediting the process by, say, shortening or skipping the snapshot phase for this proposal, I would support this, though this would only really make sense when/if more delegates publicly weigh in. (There are other means of expediting the process that I imagine may be under consideration, but I suggest holding off on that discussion for now for the sake of keeping this thread focused).

Thank you Arbitrum for seizing the stolen tokens, now do the right thing and return the stolen goods. The multi project initiative DEFI United is completely trusted as is Aave, everyone already knows this. Please don’t drag this on.

Thanks in advance from by seized/held WETH bags on AAVE.

Not super happy with the 49 day timeline… I would like to see it sped up some how, but for a temp check, I am overall very supportive.

Again I am speaking as a delegate, not as a Security Council member.

Shortening the forum discussion and/or temperature check phases (phases 2 and 3) still leaves a minimum of 35 days; the on-chain proposal itself has no technical way of bypassing that.

Thus, AFAICT, there are essentially three possible ways to speed up the process further:

1. Go forward with the on-chain proposal and in parallel find a large ETH holder to temporarily loan Defi United the ETH (to be paid back with the frozen ETH when it unlocks).

2. Another Security Council Emergency action.

3. A Security Council non-emergency action (minimum 18 days after action is initiated before funds are unfrozen).

I would personally be very strongly opposed to 2, as it would seem to me to violate the constitution (I don’t think the speed of the fund recovery can be classified as a security emergency) and IMO would set a very bad precedent.

I’m currently also opposed to 3 but would be more open to the discussion, though I would note that it’s not clear much time would be gained here, since presumably some sort of on-chain vote would still take place prior to the action (time gained would be 17 days minus the decided voting period.) I’d also note that this would still seem to me to be out of line with the constitution, which specifies this power should only be used for “routine software upgrades, routine maintenance and other parameter adjustments.”

1 would seem to be ideal if possible. It does of course require finding a lender, tho given the number of parties who have already been willing to not merely lend but donate ETH into this effort, it certainly doesn’t seem impossible.

(Note that I’m speaking only as a delegate and from my knowledge of Arbitrum’s governance system; I am unaware of any consideration or discussion of any of the above three possibilities that’s already taken place.)

I agree that I’d be opposed to #2, security council action.

Maybe a long-shot, but in the essence of moving fast, I wonder if there’s a well-capitalized actor that would be willing to give Aave a loan backed by the ETH held by the DAO?

I support releasing the frozen ETH to DeFi United’s effort without any waterfall distribution conditions.

That said, this situation also exposes a real governance gap Arbitrum DAO currently has no formal framework for how Security Council-frozen assets should be handled when the exploit is external to the Arbitrum Protocol itself. Solving this ad hoc every time sets unclear precedents and adds unnecessary urgency pressure on delegates.

It may be worth the community considering a clear “Frozen Asset Release Policy” for future incidents defining distribution logic, SC scope boundaries, and emergency thresholds so the DAO isn’t caught reactive each time. @AaveLabs @OliverBuilds @dzack23

Generally very much in favor of this proposal given its importance to the DeFi ecosystem, and happy to speed it up, but as others have noted there is an asymmetry to the indemnification clause:

I appreciate that the CIP provides baseline coverage for delegate governance activities, and that Items 1–10 layer on top of pre-existing corporate protections for the other Indemnified Parties. The remaining concern is structural rather than categorical: the AIP-specific indemnification operates as a primary, insurance-independent upgrade for parties with pre-existing corporate D&O, while operating only as a back-end reimbursement to the Foundation for amounts the CIP actually pays to delegates. This means delegate protection is fully bounded by CIP coverage (retention, $10M aggregate, exclusions, claim handling discretion) with no fallback if CIP doesn’t pay. It would appreciated if Item 11 be expanded to provide direct indemnification to delegates in cases where CIP coverage is denied, capped, or exhausted — bringing delegate protection into structural parity with the insurance-independent posture other Indemnified Parties enjoy under Item 9.

TL;DR

After a careful review of the proposal and the structure of the Security Council action, Entropy Advisors is voting FOR this proposal.

We believe releasing the frozen ETH into the coordinated recovery effort is the right outcome for affected users, for Arbitrum, and for DeFi more broadly. We also believe delegates have legitimate, well-founded concerns about the ambiguity surrounding this vote, and we want to share how we worked through them, because the decision each delegate makes here, including the decision of whether to participate at all, has direct consequences for users currently bearing the cost of the exploit.

Context

The April 18 exploit on the rsETH LayerZero bridge released 116,500 rsETH on Ethereum without a corresponding burn on Unichain. A material portion of that supply was used as collateral on Aave V3 across Ethereum and Arbitrum. The downstream impact is real: impairment in those markets, frozen WETH and rsETH reserves across Aave’s Ethereum, Arbitrum, Base, Mantle, and Linea deployments, and innocent users with positions they cannot close.

On April 21, the Arbitrum Security Council executed an emergency action freezing 30,765.67 ETH of exploiter funds on Arbitrum One. The proposal before us asks Arbitrum DAO to release those funds to a 2-of-3 Gnosis Safe with signers from Aave, KelpDAO, and Certora, scoped solely to the recovery effort.

The dilemma for delegates

There is uncertainty regarding how this all plays out. A vote of this size and scale has never happened before and comes with potential risks for delegates. We take that ambiguity seriously, and we don’t think delegates weighing it carefully are wrong to do so.

At the same time, there is a real cost to delay. Users on Aave with stuck borrow positions are accruing interest they cannot escape. Reserves remain frozen across multiple markets. Each day this drags, more of the cost of the exploit gets transferred onto users who had nothing to do with it. Holding out for full regulatory clarity, which is unlikely to arrive on any near-term timeline, is itself a choice with consequences.

We’d also like to flag a procedural point that may not be obvious to all readers. Under Arbitrum governance, abstain votes count toward quorum. A delegate who wishes to fully sit out this proposal must not cast a vote at all, which is a statement in itself. We mention this because the question of “whether to participate” is meaningfully different from the question of “how to vote,” and we think it deserves to be discussed openly rather than being left unclear.

On the structure of the proposal

A few specific points where we think the proposal is well-constructed:

• Scoped recipient. The 2-of-3 Gnosis Safe with signers from Aave, KelpDAO, and Certora is purpose-built for this recovery and gives the funds a clear, accountable destination.
• Defined fallback. If the coordinated recovery effort does not proceed as planned, the authors have committed to returning to Arbitrum Governance for further direction. The release is not treated as final.
• No new treasury allocation. The funds in question were never Arbitrum’s. They are exploiter proceeds, frozen by the Security Council. The proposal is about routing them into a remediation path, not committing DAO resources.

A note to fellow delegates

This vote will be remembered, not because of its size, but because of what it asks delegates to do: weigh real ambiguity against real harm to real users, and engage anyway.

We’d encourage other delegates to engage with the substance, share their reasoning publicly on this thread, and vote. Whether that vote is FOR, AGAINST, or ABSTAIN, a clear, early collective signal matters here. Quorum matters. And the users currently bearing the cost of the exploit deserve to see governance treat their situation with the urgency it warrants.

Entropy Advisors is voting FOR.

Thanks Entropy for the breakdown and sharing your view. Slight correction to the information you shared about the structure of the proposal: Aave shared in their comment that based on community feedback, they have upgraded the 2/3 multisig to a 3/4 multisig, adding EtherFi as a signer.