Key Highlights
- More than 30,000 ETH (approximately $71M) tied to the KelpDAO security breach were frozen by Arbitrum’s Security Council
- An elected 12-person council exercised emergency authority to transfer assets into an ownerless wallet
- The swift action stopped the attacker from laundering stolen cryptocurrency but triggered fresh controversy about network governance
- Skeptics contend this action establishes a dangerous framework for centralized oversight on supposedly decentralized platforms
- Arbitrum representatives maintain these powers are transparent, democratically selected, and only used in extreme situations
This week, Arbitrum’s Security Council took decisive action by freezing more than 30,000 ETH—valued at approximately $71 million—associated with a security breach targeting KelpDAO. The council redirected these assets from the hacker’s wallet to an ownerless address, effectively rendering them immovable.
The response came swiftly. Steven Goldfeder, co-founder of Offchain Labs (the development team behind Arbitrum), revealed that the council initially considered taking no action at all. The strategy to precisely isolate the compromised funds originated from discussions within the council.
“The default was do nothing,” Goldfeder said. “Then this idea actually emerged — a way to do it in a very surgical way without affecting any other user.”
The strategy proved timely. Within just hours following the council’s intervention, the perpetrator began attempting to move and launder the remaining stolen assets, demonstrating how narrow the opportunity window had been.
The Security Council comprises 12 individuals chosen by Arbitrum token holders in biannual on-chain elections. This group possesses emergency intervention capabilities that can be deployed without requiring full community consensus.
Patrick McCorry, head of research at the Arbitrum Foundation, said those powers have always been visible. “You can see exactly what powers they have,” he said, adding that members are “elected by token holders, not hand-picked by us.”
The Decentralization Dilemma
This freeze has reignited persistent tensions within the cryptocurrency community regarding the true meaning of decentralization. According to its strictest interpretation, decentralization means no entity should possess the ability to reverse or intercept a transaction after execution—a philosophy commonly summarized as “code is law.”
Detractors argue this intervention demonstrates that Arbitrum doesn’t truly adhere to this fundamental principle. If a limited group can intervene with stolen assets, the same authority could theoretically be deployed under different scenarios—perhaps in response to regulatory demands.
Goldfeder rejected the idea that a full token-holder vote would have been appropriate given the stakes. “The DAO cannot be consulted, because the second the DAO is consulted, that essentially means North Korea is consulted,” he said, citing investigative reports tying the attacker to state-linked actors.
Certain community members maintained the choice should have undergone comprehensive governance processes regardless. Arbitrum representatives countered this perspective, emphasizing that rapid action was critical and that public discussion would have alerted the attacker.
Emergency Powers, Not Permanent Authority
Arbitrum’s stance is that the council functions as an emergency backstop rather than a permanent governing body. The visibility of its authority and its democratically elected composition are presented as proof that power is granted by the community rather than unilaterally claimed.
“We’re no more or less decentralized today than we were yesterday,” Goldfeder said.
The immobilized assets continue to be locked while awaiting additional governance determinations from the wider Arbitrum DAO community.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
