#Arbitrum冻结KelpDAO黑客ETH

Arbitrum Wins Against Hackers but Loses Self-Identity

The Arbitrum Security Council recently approved, by a vote of 9 to 3, an on-chain emergency action to freeze approximately 30,766 ETH involved in the KelpDAO attack, worth about $71 million. However, the hacker has already transferred the remaining roughly $175 million in stolen funds across chains via decentralized protocols, and protocols such as Aave have therefore incurred more than $120 million in bad debt.

This is a typical example of exercising system-level permissions during a “catastrophic emergency,” reflecting the complex balance between centralized governance and decentralized networks.

This action was carried out through the ‌ArbitrumUnsignedTxType‌ (EIP-2718 type 0x65), a system-level transaction type, and the Security Council directly injected the on-chain operation. It does not require conventional signatures to transfer funds to a mediator-frozen wallet. This operation did not roll back chain history or rewrite transactions; instead, it completes the asset freeze at the state level. The attacker’s private key can still sign, but the ETH on the corresponding address can no longer be controlled by them.

While this move helps safeguard the overall ecosystem security and prevent losses from expanding, it has also raised community concerns about “governance centralization”:

Positive impact‌: Rapid response to major security incidents, protecting most users’ assets, and preventing systemic risk from spreading to protocols such as Aave and Compound.

‌Controversial point‌: It exposes the problem of power concentration along Arbitrum’s gradual decentralization path—i.e., a small number of members can intervene in asset states without any prerequisite on-chain voting, which may weaken users’ trust in “immutability.”

Overall, this was an efficient technical rescue, but it also serves as a reminder that developers and users need to re-examine the trade-offs between security and decentralization for L2 networks.