Robdog 🍾

(For what’s relevant to Kelp specifically, see question 4; for general musings on intervention against illicit actors, see questions 1-3) I feel like the direct intervention of a major L2 to seize illicit funds marks a major shift in how L2s will be perceived and operate going forward. I think it’s probably wise for all L2s to develop a formal policy, even if it’s not publicly made available. My biggest hope is that this action makes L2s unappealing for major crime, and the deterrent is enough. Some thoughts (questions?) on the Arbitrum action, in no particular order: 1) Was there a court order? If not, why not, given the time delay? (This is really a question for Kelp) 2) If this was in response to a court order, does that open the flood gates to any legitimate court order? And what jurisdictions are legitimate to ignore vs act upon? This extends beyond criminal actions. Think divorce cases and bankruptcy cases where funds are frozen during litigation. 3) If this was not in response to a court order, what threshold warrants action? For example, there has been $16m in funds from the 2023 Multichain incident sitting on Arbitrum for years ($12m on Optimism, and single digit millions on other chains). Leaving aside views on Multichain draining specifically, is $16m enough to act like today? Why or why not? This is a really tough question, but if done at discretion, probably needs to be considered by teams. 4) Does this go to repay the exploiter’s loans on Aave? This would narrowly benefit Arbitrum’s Aave depositors the most, and there will still be some bad debt on Arbitrum, just at a glance. Or is this handed over to Kelp to make the underlying more whole? Priority of claims is going to be pretty important here because there’s a material difference between repaying debt on Aave, turning it over to Kelp, and potentially other combinations. I think we haven’t solved the issue that has markets stuck, which is seniority and recovery process. 5) Will we ever get some clear guidelines from major jurisdictions about the obligations in this kind of case? This extends beyond just L2s. Does a stablecoin have an obligation to perform a maneuver like this? If so, see questions 1, 2, and 3 above. Just swap out the Multichain executor on L2s for $20m stolen from users after the CB data breach that’s within reach of a major stablecoin. We suddenly are faced with the prospect that there’s a lot of recoverable funds within reach across all of DeFi if we have moved from “we don’t have a seize function” to “we can upgrade, add a seize function, revert the upgrade, but can do it again”. The similar precedent that comes to mind is Oasis (now SummerFi) responding to a UK court to recover funds on behalf of Wormhole, who used a zero day exploit on themselves to move the funds but then patched it. I am still developing my own opinions on all of these, and recommend everyone openly debate many of these, but keep an open mind on the final equilibrium. No one is going to have a final, smart answer today, these things have a lot of downstream effects, and also contain the unknown variable of how much deterrence is or is not available based on each choice.

The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times, weighed its commitment to the security and integrity of the Arbitrum community without impacting any Arbitrum users or applications. After significant technical diligence and deliberation, the Security Council identified and executed a technical approach to move funds to safety without affecting any other chain state or Arbitrum users. As of April 20 11:26pm ET the funds have been successfully transferred to an intermediary frozen wallet. They are no longer accessible to the address that originally held the funds, and can only be moved by further action by Arbitrum governance, which will be coordinated with relevant parties.