The legal battle over who can claim DeFi’s stolen millions

A New York federal judge ruled that $71 million in Ether frozen on Arbitrum could be transferred to Aave as part of a broader recovery effort. 

The funds are tied to the $293 million Kelp DAO exploit linked to North Korean hackers. Terrorism victims who were awarded $877 million in unpaid judgments against North Korea argue the stolen funds should be redirected to satisfy their claims, on the basis that the exploit was carried out by the state-sponsored Lazarus Group.

The case has forced the crypto industry to confront a paradox it has long avoided, where acting responsibly can be riskier than doing nothing at all for decentralized protocols.

Magazine spoke to Yuriy Brisov, partner at Digital & Analogue Partners, about the legal fault lines running through the Arbitrum case, why noble actions can open DAOs to legal liability, and what Circle and Tether’s diverging approaches to asset freezing mean for stablecoins.

This conversation has been edited for clarity and length.

Magazine: When a decentralized protocol freezes stolen funds, can this open the door to legal liability?

Brisov: From a moral ground, Arbitrum acted as any bona fide actor should: you see somebody steal a phone, you chase them down.

Generally, in a fully decentralized protocol, there shouldn’t be any people involved in your activities — founders, attorneys or legal entities. The moment there’s a unified business interest, courts may treat you as a legal entity. So a noble action can open you to legal action.

That’s the controversy with DAOs right now. Markets in Crypto-Assets (MiCA) in Europe and the Clarity bill in the US give exemptions for DeFi when it’s completely decentralized. 

What is completely decentralized in our world? Only Bitcoin. Everything else has some human control. When an attack or a theft happens, there’s someone who tries to fork the chain, freeze assets or file a complaint. You’re now a legal entity under some jurisdiction.

My personal opinion is that it’s more honest to just register as a DAO LLC from the start under US law, the Marshall Islands or as a Cayman Foundation. When there’s no legal entity behind a DAO, courts treat it as a partnership where every partner is personally liable. There’s no liability shield like an LLC provides.

Protocols that relinquish complete control may look like the smart guys here, but in some cases, cancel culture can punish you harder than any lawsuit. Personally, I stand with the protocols that do the right thing.

Magazine: Does having a security council or a kill switch undermine a protocol’s decentralization claims?

Brisov: They show that they have the power to freeze assets. They had this special council authority displayed in their documents, but I’m sure that many users and customers of their protocol would reconsider using them again.

Crypto people are usually very private and they don’t like to follow all the laws, even though they don’t precisely break them. They just try to be decentralized. And this crypto philosophy comes from something real.

In our modern world, to say that you own anything is really difficult. The money you have in the bank — is it really yours? In the crypto world, the philosophy is that it’s finally something that belongs to us.

So when a hack happens and we suddenly see a centralized mechanism, it undermines the whole premise.

Magazine: Is there a legal basis for treating stolen crypto assets as sovereign property of a terrorist state?

Brisov: There are laws that allow plaintiffs to directly confiscate funds belonging to terrorist organizations and terrorist countries. It’s called TRIA, the Terrorist Risk Insurance Act. Under TRIA you can freeze assets belonging to a terrorist party anywhere in the world. However, these assets must really belong to the terrorist party. 

Let’s say I have a claim against North Korea. No matter how many lawsuits I win, I have no chance of freezing assets within North Korea itself. But if I know that a North Korean businessman buys a jet or a yacht, I can freeze that, because I would claim it is property belonging to a terrorist party. But they would have had to obtain it legally.

In common law, which the US follows, it’s a fundamental principle that stolen property does not change its title. If I own something and it’s stolen from me, the thief does not become the new owner. I’m still the owner. 

In 2026, when we already recognize crypto as a third dimension of property and most property laws apply to it, trying to pretend that these stolen assets belong to Lazarus rather than their legal owners has no legal basis. Cases like Calderon-Cardona v. BNY Mellon have already established that federal property laws do not overcome state property. There is no chance for a federal court to uphold this claim.

There is a legal ground to seize terrorist assets overseas, but it simply doesn’t apply here because it doesn’t apply to stolen property.

Magazine: Does Aave LLC filing on behalf of the Aave protocol undermine the protocol’s own decentralization argument?

Brisov: Filing in court can drag a decentralized structure into jurisdiction. When you come and support a claim, you have to proceed by court rules. If you don’t want that, just don’t show up.

There were alternatives. A legal foundation funded by DAO members but operating independently, like a trustee acting in the interest of the decentralized organization without being part of it, could have presented their position without becoming a party. But Aave LLC is not a trust or a foundation. It’s a private limited liability company filing on behalf of a DAO with the same name. This situation has opened up many questions.

Magazine: When a centralized issuer like Circle clearly has the ability to freeze funds, can its inaction be considered negligence? Conversely, does proactive freezing like Tether force them to become the police of the crypto ecosystem?

Brisov: McCollum v. Circle claims exactly this. That Circle was negligent and aided and abetted the Drift protocol attack, where $285 million was stolen on April 1st, because they failed to freeze assets during the several-hour window they had. I don’t think this claim has good legal standing. I agree with Circle CEO Jeremy Allaire, who said they only freeze when legally compelled.

Even though they’re fully compliant with MiCA, pursuing licenses across the US and considering an IPO, they still try to preserve the core philosophy of crypto: your assets are yours. If you lose it, you lose it.

Tether, on the other hand, is becoming a crypto police. It’s true that they froze hundreds of millions in obviously sanctioned assets, and they did it through proper channels, like cooperating with the FBI and OFAC.

Once you become the police of your own ecosystem, you open yourself to liabilities and you risk losing the whole gist of cryptocurrency, which was supposed to be decentralized and fully controlled by the owner. Instead, it’s becoming a modern bank, just without SWIFT. Same rules, different rails.

Subscribe

The most engaging reads in blockchain. Delivered once a
week.

Yohan Yun

Yohan (Hyoseop) Yun is a Cointelegraph staff writer and multimedia journalist who has been covering blockchain-related topics since 2017. His background includes roles as an assignment editor and producer at Forkast, as well as reporting positions focused on technology and policy for Forbes and Bloomberg BNA. He holds a degree in Journalism and owns Bitcoin, Ethereum, and Solana in amounts exceeding Cointelegraph’s disclosure threshold of $1,000.