Aave Files Emergency Motion to Unfreeze $71M in Recovered Kelp DAO Exploit Funds

Aave has asked a federal court in New York to vacate a restraining order that froze approximately $71 million in ETH recovered from a North Korean-linked exploit of Kelp DAO, arguing the funds belong to hack victims and not to judgment creditors pursuing decades-old terrorism claims against Pyongyang.

The emergency motion, filed earlier this month, challenges a court order that redirected the recovered crypto toward satisfying civil terrorism judgments held by relatives of a slain minister. A federal judge issued the restraining order after the funds, recovered by Aave following the April 2026 Kelp DAO hack, landed on-chain. An emergency hearing was scheduled for May 8 to determine the assets' fate.

The Legal Argument

Aave's core legal position is blunt: stolen property cannot be owned by the thief, and therefore cannot be claimed by the thief's creditors. The protocol's filing invokes the principle that "a thief does not own what he steals," arguing that because North Korean state-sponsored actors took the funds through an exploit, those actors never held legitimate title to the assets. If no legitimate title existed, the reasoning goes, no U.S. court can transfer that title to third-party judgment holders, regardless of how valid those underlying terrorism judgments may be.

That argument will face real scrutiny. The terrorism judgment creditors are legally distinct from the hackers themselves. Their claims are rooted in decades of U.S. civil litigation against North Korea, and courts have previously allowed judgment creditors to attach assets connected to Pyongyang even when the chain of custody is complicated. Aave's framing is legally intuitive but not settled law when applied to judgment enforcement in this context. The protocol is essentially asking the court to treat DeFi asset recovery as a protected return mechanism, insulated from third-party legal claims.

What the Kelp DAO Hack Involved

Kelp DAO, a liquid restaking protocol built on Ethereum and deployed across Arbitrum, suffered the exploit in April 2026. North Korean threat actors, consistent with the pattern of state-sponsored DeFi attacks that U.S. agencies including CISA and the FBI have warned about repeatedly, drained the protocol before Aave's security infrastructure flagged and recovered a significant portion of the stolen ETH. The recovered sum, now frozen, sits at roughly $71 to $73 million depending on ETH's price at the time of measurement.

The recovery itself was notable. DeFi protocols have clawed back hacked funds before, including Poly Network's $610 million recovery in 2021 and partial recoveries following the Ronin Bridge attack in 2022. Those cases involved negotiated returns or on-chain mechanics that did not trigger third-party legal intervention. This appears to be the first instance where a U.S. court has moved to seize DeFi-recovered assets to satisfy an entirely unrelated judgment.

Systemic Stakes for DeFi

The case carries implications well beyond Aave's balance sheet. Aave has grown into one of the largest decentralized lending protocols by total value locked, and Messari research has described it as "too important to fail" within DeFi's broader credit infrastructure. If courts can intercept recovered exploit funds before they reach victims, it creates a perverse incentive structure: protocols may become reluctant to publicize or on-chain-settle recoveries, fearing that visible asset pools attract legal attachment.

There is also a custody question the case forces into the open. When a DeFi protocol recovers stolen funds, who controls them in the interim? Aave's position implies the protocol acts as a fiduciary for exploit victims. Courts may view that custodial role differently, particularly if large sums sit in identifiable smart contracts or multisig wallets that can be frozen via restraining order. The outcome of the May 8 hearing will signal whether U.S. federal courts treat DeFi recovery mechanisms as legally protected restitution pipelines or as attachable asset pools like any other.

What Comes Next

If the court vacates the restraining order, Aave can proceed with returning funds to Kelp DAO victims through whatever distribution mechanism the protocol has established. If the court upholds the freeze, Aave faces a harder path: appeal, negotiate with the judgment creditors, or watch $71 million in victim restitution funds diverted to satisfy claims the victims have no connection to.

The terrorism judgment creditors have a sympathetic position on the merits, and courts have shown willingness to enforce civil judgments against North Korea aggressively. The collateral damage to DeFi's recovery infrastructure could nonetheless be substantial. Aave's emergency filing describes the restraining order as "catastrophic," and the protocol's legal team appears to be treating this as an existential precedent fight, not a routine dispute over asset custody.

A ruling is expected in the coming weeks, landing at a moment when U.S. regulators and courts are still writing the rules for how decentralized protocols interact with the American legal system.