OPN Intel
LIVE
BTC$76,620MAYER0.95×200W1.25×PI-CYCLE38%DRAWDOWN-39%PUELL0.81×W-RSI45BMSB0.97×
AS OF 2026-05-24
Threats· May 5, 2026· 6 min read

Aave's $71M Emergency Motion Invokes Common-Law Theft Doctrine

On Monday, May 4, Aave LLC filed a 29-page emergency motion in the Southern District of New York seeking to vacate the Gerstein Harrow restraining notice that has frozen $71 million in ETH on Arbitrum since May 1. The filing, prepared by Morrison Cohen LLP and submitted before Judge Margaret M. Garnett, makes a direct property-law argument: a thief does not gain lawful ownership of stolen property by taking it, and recovered stolen funds belong to the victims, not to the thief or to creditors with claims against the thief. Aave demands either immediate vacatur, an expedited hearing with temporary vacatur, or a $300 million cash bond from plaintiffs if the freeze remains. CEO Stani Kulechov: 'A thief does not own what he steals.' The case will determine whether on-chain attribution to a sanctioned entity can override ordinary ownership rules to convert recovered stolen assets into seizable judgment-debtor property. The answer will shape the contours of property law in the age of programmable money.

Key takeaways

  1. On Monday, May 4, 2026, Aave LLC filed a 29-page emergency motion in the US District Court for the Southern District of New York, seeking to vacate the New York restraining notice served on Arbitrum DAO on May 1 by Gerstein Harrow LLP on behalf of plaintiffs holding approximately $877 million in unpaid terrorism judgments against North Korea. The motion was prepared by Morrison Cohen LLP and filed before Judge Margaret M. Garnett
  2. Aave's central legal argument is a clean property-law point: a thief does not gain lawful ownership of stolen property simply by taking possession of it. The filing states the law is clear on this principle and that the 30,765 ETH frozen by Arbitrum's Security Council on April 21 belongs to the Aave Protocol users from whom it was stolen during the April 18 Kelp DAO bridge exploit, not to the alleged thief or to creditors holding judgments against the thief. CEO Stani Kulechov stated the position publicly: 'A thief does not own what he steals'
  3. The motion offers the court three alternatives. First, immediate vacatur of the restraining notice. Second, an expedited hearing with temporary vacatur of the notice in the interim. Third, if the freeze remains in place pending hearing, plaintiffs must post a cash bond of no less than $300 million to cover the damages Aave argues the freeze is causing to its users. The filing also accuses Gerstein Harrow of misrepresenting case law, calling the firm's claim that DAOs like Arbitrum DAO have been held to be general partnerships a 'flatly false' assertion designed to 'pull a fast one'
  4. The DeFi United coalition that the filing references has raised over $300 million to restore rsETH backing and compensate Kelp DAO exploit victims. The coalition includes Aave, Lido, EtherFi, Compound, Consensys, Avalanche Foundation, and Babylon Foundation, which committed $3 million USDT for stabilization. The plan calls for transferring the recovered assets to a multi-party recovery contract controlled by Aave, Kelp, and Certora. The restraining notice has paused that recovery process
  5. The case will likely set precedent for whether on-chain attribution of an exploit to a sanctioned entity (Lazarus Group, designated DPRK actors) is legally sufficient to convert recovered stolen funds into seizable judgment-debtor property. Aave's filing turns on a single distinction: blocked is not the same thing as owned. OFAC sanctions block transactions with designated entities but do not automatically convert stolen goods into state property subject to private judgments. Civil forfeiture of blocked assets typically requires government action, not private counsel filing writs of execution. The court's answer will shape how every future Lazarus-attributed exploit gets resolved

What Happened

On Monday, May 4, 2026, Aave LLC filed an emergency motion in the US District Court for the Southern District of New York seeking to vacate the New York restraining notice that has frozen 30,765 ETH (approximately $71 million) on Arbitrum since May 1. The 29-page memorandum was filed by Morrison Cohen LLP before Judge Margaret M. Garnett. The filing covers the May 5 news cycle and is the direct legal continuation of the Gerstein Harrow seizure attempt covered on May 3.

The motion presents the court with three options. First, immediate vacatur of the restraining notice on the basis that the notice targets assets belonging to innocent third parties (Aave Protocol users) rather than to the named judgment debtor (the Democratic People's Republic of Korea). Second, an expedited hearing with temporary vacatur in the interim while the court reviews the underlying legal theory. Third, if the freeze remains in place pending a full hearing, plaintiffs must post a cash bond of no less than $300 million to cover the damages Aave argues the freeze is causing to Aave Protocol users with positions stuck in the recovery vehicle. CEO Stani Kulechov stated the position publicly on May 4: 'A thief does not own what he steals.'

The Property-Law Argument

The filing's legal foundation is a property-law point that long predates digital assets. A thief does not gain lawful ownership of stolen property by taking possession of it. Property recovered from a thief during the theft remains the victim's property. Creditors with claims against the thief have no superior interest in the stolen property compared to the original owner, because the thief never had ownership to convey. The 30,765 ETH that Arbitrum's Security Council froze on April 21 was, in Aave's framing, never lawfully owned by the attacker. It was stolen from Aave Protocol users on April 18 and recovered on April 21. The recovery does not convert it into the attacker's property. It returns it (or it should return it) to the users from whom it was stolen.

Plaintiffs' theory uses a different legal frame to override that ownership baseline. Their argument is that on-chain attribution of the April 18 exploit to a Lazarus Group operator, combined with the Foreign Sovereign Immunities Act terrorism exception, makes the recovered ETH DPRK property eligible for execution against $877 million in unpaid terrorism judgments dating to 2010-2016. Aave's filing rejects this on multiple grounds. First, the underlying attribution is described as 'conjecture' based on 'internet-post hearsay opinions' rather than admissible evidence. No court has formally determined the identity of the attacker. Second, even if the attribution were established, the legal effect of OFAC sanctions does not extend to converting stolen goods into state property. Aave's filing presses the point directly: a frozen address is not a forfeited one. Sanctions block transactions with designated entities. Civil forfeiture of blocked assets typically requires government action, not private counsel filing writs of execution. Third, the assets sit in a multi-sig governance structure (Arbitrum's Security Council) that may not constitute a legal entity properly served by the plaintiffs' restraining notice in the first place.

DeFi United and the $300 Million Recovery Coalition

The filing reveals operational details about DeFi United that had not been fully public before May 4. DeFi United is the emergency coalition formed in late April after the Kelp DAO exploit to coordinate recovery and restore rsETH backing. The coalition includes Aave, Lido, EtherFi, Compound, Consensys, the Avalanche Foundation, and the Babylon Foundation, which committed $3 million in USDT specifically to stabilization. Total committed capital exceeds $300 million. The plan calls for transferring the recovered ETH from Arbitrum's Security Council to a multi-party recovery contract jointly controlled by Aave, Kelp DAO, and Certora (the smart-contract security firm). From there, the funds would compensate documented Kelp depositors who can prove their lost rsETH balances.

The Gerstein Harrow restraining notice paused this entire process on May 1. Even if Arbitrum DAO had voted to release the funds to the recovery contract, the act of transferring would have exposed Arbitrum participants and Aave to US contempt-of-court risk. The freeze is therefore not just a legal dispute. It is an operational blocker preventing the largest organized DeFi recovery effort in the industry's history from completing its work. Aave's filing emphasizes the time-sensitive nature: continued restraint risks 'cascading liquidations, sustained liquidity outflows, and irreversible changes to user positions.' The economic pressure on stuck Aave positions is mounting daily, with stuck deposits accruing interest and unable to close. The longer the freeze persists, the more the recovery vehicle's value erodes for the very users it was designed to protect.

Property Law in the Age of Programmable Money

The court's ruling will functionally answer two questions that have not been resolved before. Question one: is on-chain attribution of an exploit to a sanctioned entity legally sufficient to override ordinary ownership rules and convert recovered stolen funds into seizable judgment-debtor property? If yes, then every future Lazarus-attributed DeFi exploit becomes a candidate for terrorism-judgment seizure the moment funds get frozen on-chain in any US-jurisdictional venue. The supply of plaintiffs is large (multiple federal judgments against North Korea totaling more than $2 billion across all plaintiffs). The supply of attributable on-chain Lazarus pools is growing fast (76% of all 2026 crypto theft, per TRM Labs). The legal arithmetic suggests an active future of similar filings if this one succeeds.

Question two: does a DAO governance structure constitute a legal entity properly served by traditional civil procedure? Aave's filing flags this as an open question and accuses Gerstein Harrow of misrepresenting precedent on the point. If DAOs are general partnerships (the plaintiffs' position), then DAO participants face joint and several liability for compliance with court orders served on the DAO, which has profound implications for delegate participation in future DeFi governance. If DAOs are not general partnerships and not legal entities at all, then traditional restraining notices may not properly attach to assets held by them, which is the structural defense Aave is pressing. Either ruling reshapes how DeFi governance interacts with US courts going forward.

What this case really tests is bigger than one frozen wallet or one exploit: courts are increasingly being asked to map old legal doctrines onto new financial infrastructure. This case asks whether a digital trail can substitute for a real transfer of title, whether possession equals ownership, and whether a sanctions designation can override ordinary theft doctrine without a government forfeiture action. Those are not niche questions. They are the shape of property law in the age of programmable money. Whatever the court rules will set the doctrinal foundation for how every future on-chain dispute over stolen, recovered, mixed, or sanctioned assets gets resolved.

Aave's filing presses a further point: whether the restraining notice was even good-faith litigation. Plaintiffs' attorneys wrote in their original filing that 'the objective of the Restraining Notice against Arbitrum DAO is not to aid in the global recovery efforts to help the Aave Protocol victims; instead, it does the opposite.' Aave reads this as plaintiffs explicitly acknowledging that their action harms innocent third parties to satisfy decades-old judgments against a different party. If the court agrees, the restraining notice may be vulnerable not just on property-law grounds but on equitable grounds: that satisfying terrorism judgments through seizure of assets recovered for innocent victims of a separate crime is not a proper use of New York's restraining notice mechanism.

What This Means for You

If you self-custody Bitcoin in your own keys on the Bitcoin network, this case is structurally irrelevant to your operational posture. Your assets do not sit in any DAO multi-sig. There is no governance entity that can be served with a restraining notice that affects your custody. There is no recovery coalition you depend on. The court's ruling, whatever it is, does not reach into your wallet because your wallet has no legal-jurisdictional contact point. Custody is yours and only yours; the keys are yours and only yours. That is precisely the distinction this case turns on.

If you hold any DeFi position, wrapped asset, or yield-bearing protocol token, this case is the most direct test yet of whether the recovery mechanisms protocols rely on (governance freezes, security councils, multi-sig recovery vehicles) actually deliver the protection they imply. The Kelp DAO exploit produced $292 million in losses on April 18. The recovery effort assembled $300 million in coalition capital plus a $71 million governance freeze. Three weeks later, the recovery is paused indefinitely because the freeze mechanism that enabled the recovery also created a legal attachment surface. The protective infrastructure became the attack surface, and the attackers are not the original thieves. They are private creditors with valid federal judgments against a different party, exploiting the legal-jurisdictional contact point the protective mechanism created.

The takeaway is sovereignty-shaped, and this article already named it in the body: the protective infrastructure became the attachment surface. The Arbitrum Security Council freezing the Kelp attacker's funds was a feature on April 21. The same freeze gathered the funds into one identifiable pool, under one governance entity, in one servable place, and by May 1 that was the vulnerability. Aave is arguing that crypto recovery should protect the people who were stolen from, not become a back door for creditor capture. If the court disagrees, on-chain tracing plus a sanctions designation becomes a confiscation logic that bypasses government forfeiture entirely. The point for users is narrower than 'hold your own keys': any capability that can freeze can be commandeered, and a recovery vehicle is a freeze capability with a return address. Native BTC in self-custody has no Security Council to freeze it and therefore nothing for a creditor to commandeer.

What to Watch

Watch Judge Garnett's ruling; the expedited timing Aave requested means a decision could come within days. The $300 million bond is the hinge: if plaintiffs cannot post it, the freeze lifts by default. Arbitrum DAO's governance vote on releasing the funds to the DeFi United recovery contract will set precedent for every future L2 entity facing a similar order. Other terrorism-judgment plaintiffs against North Korea will adapt rather than abandon their theories if the motion succeeds. OFAC and Treasury carry their own Lazarus-attributed asset claims through sanctions enforcement that may or may not align with the private plaintiffs. And watch whether protocols begin restructuring multi-sig and governance specifically to shrink the legal-jurisdictional attachment surface this case made visible.

Blocked is not the same thing as owned. The court's answer will shape the contours of property law in the age of programmable money. Every protective mechanism that can freeze attacker funds can also be served with a court order.

Sources

  1. [1]Aave LLC — Emergency Motion to Vacate Restraining Notice, US District Court for the Southern District of New York, filed May 4, 2026 (29-page memorandum, Morrison Cohen LLP)
  2. [2]CoinDesk — 'DeFi lender Aave asks court to block $71 million crypto seizure tied to North Korea claims', May 5, 2026
  3. [3]The Defiant — 'Aave Asks Court to Vacate Restraining Notice Targeting Recovered Kelp DAO Assets', May 5, 2026
  4. [4]Decrypt — 'Aave Fights to Unfreeze $71 Million as Kelp DAO Hack Spills Into Court', May 5, 2026
  5. [5]The Crypto Times — 'Aave vs Gerstein Harrow: Court Clash Over $71M Stolen ETH Linked to Kelp DAO Hack', May 5, 2026
  6. [6]Cryptopolitan — 'Aave challenges $71M freeze as DeFi recovery collides with North Korea claims', May 5, 2026
  7. [7]Stani Kulechov (Aave founder/CEO) — Public statement: 'A thief does not own what he steals', May 4, 2026
  8. [8]OPNorange archive — '$71 Million in Frozen ETH, Two Sets of Victims', May 3, 2026 (cited as direct legal predecessor)

More in Threats

Hinkal Lost $820,000 After Its Privacy Proof Verification Failed to Verify Anything$1.7 Million Drained Through a Single Forged Proof on TaikoFTX Repays Bitcoin Creditors at $16,871 Petition-Date Price