Nine out of 12 council members voted yes. That detail alone tells you how divided — and how serious — the conversation inside Arbitrum’s security council got before the blockchain took its most dramatic action in recent memory.
A Council Under Pressure
Griff Green, a sitting member of the Arbitrum Security Council, said the group wrestled with the decision for hours. The debates covered technical, practical, ethical, and political ground before the vote was cast.
“We did not make this decision lightly,” Green posted on X. In the end, the council moved 30,766 Ether — worth roughly $71.2 million — out of a wallet linked to the Kelp protocol exploit and into what Arbitrum described as “an intermediary frozen wallet.”
I’m a member of the Security Council & I can tell you we did not make this decision lightly, there were countless hours of debates, technical, practical, ethical and political.
But all it takes for evil to triumph is for good men to do nothing, so today, we decided to do… https://t.co/tArbmXwZKN
— Griff Green – griff.eth (@griffgreen) April 21, 2026
The funds cannot be touched by the address that originally held them. Only a further action by Arbitrum governance can move them now.
Law enforcement was part of the conversation. Arbitrum confirmed the council worked with authorities before acting, a detail that sets this incident apart from the usual back-and-forth that follows a DeFi hack.
The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times,…
— Arbitrum (@arbitrum) April 21, 2026
The Hack That Started It All
The chain of events began Saturday, when Kelp — a liquid restaking protocol — was hit through its LayerZero-powered bridge. Reports indicate the theft totaled at least $293 million.
LayerZero, the cross-chain messaging protocol involved, publicly pointed the finger at North Korea as the group behind the attack.
The damage did not stop at Kelp. Whoever carried out the exploit used stolen Kelp tokens to borrow other cryptocurrencies on Aave, the lending platform.
That move left Aave holding what risk managers described as bad debt — losses that spread through the broader crypto lending market because of how tightly connected these protocols are to one another.
so a council can just freeze 30k eth and we’re still calling this decentralized?
— Sandy.ETH (@david_lee2085) April 21, 2026
Backlash From The Community
Not everyone welcomed Arbitrum’s response. On X, several users pushed back hard, arguing that a blockchain capable of freezing funds on council orders cannot honestly call itself decentralized.
The criticism cuts at a long-standing tension in the crypto world: security measures that protect users can also be the same tools that override them.
Arbitrum said the council weighed its responsibilities carefully, taking care not to affect other users or running applications on the network.
Whether that assurance satisfies critics remains an open question. What is clear is that 30,000-plus ETH is now sitting in limbo, and the next move belongs to Arbitrum governance.
Featured image from Unsplash, chart from TradingView
Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Cryptocurrency Market Dynamics:#71M #Ether #Locked #Kelp #Security #Breach
