Aave, one of the largest decentralized lending protocols, has asked a U.S. federal court to halt an effort to seize roughly $71 million in ether (ETH) that was frozen on Arbitrum following last month’s rsETH-related exploit.

According to a filing in the Southern District of New York, Aave is challenging a New York restraining notice served on Arbitrum DAO by attorneys representing judgment creditors of North Korea. The creditors argue the frozen ETH can be claimed toward long-standing judgments tied to alleged North Korean activity.

Aave’s position is that the restrained assets are not property of North Korea or of the attackers, but of “blameless third parties” who used the protocol. The protocol argues that a thief’s temporary possession of stolen property does not transfer legal ownership, and warns that keeping the funds immobilized could cause ongoing market disruption.

Background: the dispute centers on 30,765 ETH that Arbitrum’s Security Council froze after the April incident, when attackers allegedly used improperly valued or unbacked rsETH as collateral on Aave. Recovery plans have focused on returning recovered funds to impacted users, but the restraining notice threatens to block that process.

Why it matters

- The case could set a precedent for how recovered or frozen crypto from hacks is treated in court.

- If outside creditors can claim seized assets, protocols and responders may be discouraged from rapid recovery coordination after exploits.

- The outcome may influence how DAOs, security councils, and DeFi protocols approach incident response, especially when funds are frozen at the infrastructure layer.

What to watch next

The court’s response to Aave’s motion—whether it lifts, pauses, or upholds the restraining notice—will determine whether affected users can receive recovered funds and could shape legal strategies for future DeFi hack recoveries.