对话Arbitrum安委会成员：我们为何启用「上帝权限」冻结朝鲜黑客资金

特邀专栏作者

2026-04-23 12:00

本文約5916字，閱讀全文需要約9分鐘

對話 Arbitrum 安委會成員：我們為何啟用「上帝權限」凍結北韓駭客資金如果凍結北韓資金能讓 Circle 賺錢，他們肯定會做。核心觀點：Arbitrum 安全委員會首次動用緊急權限凍結並追回約 7200 萬美元北韓駭客資產，此舉挑戰了區塊鏈不可篡改的固有認知，凸顯了去中心化系統中社會共識與市場行為的根基作用，同時揭示了加密行業在安全防護與穩定幣發行方責任上的深層矛盾。關鍵要素：Arbitrum 安全委員會透過 9-of-12 多簽機制，在駭客資金滯留兩天的窗口期內，從北韓駭客地址凍結並追回約 7200 萬美元資產，這是主流 L2 首次執行此類操作。Griff Green 強調區塊鏈的「不可篡改性」是誤解，其根基在於社會共識；若全網同意，規則即可改變，例如以太坊因 The DAO 事件硬分叉。駭客攻擊模式以社交工程學為主，而非程式碼漏洞，透過獲取金鑰持有者權限實施攻擊，暴露出運維安全（opsec）的薄弱環節。Griff Green 批評 Circle（USDC 發行方）在凍結北韓資金上「持續不作為」，而 Tether（USDT 發行方）則主動行動，追回金額遠超 7000 萬美元，原因在於兩家公司的創始背景與決策邏輯差異。加密行業安全短板阻礙了技術落地，技術雖已成熟，但普通人仍因釣魚、智慧合約漏洞等面臨資金損失風險，遠高於傳統銀行系統。追回的 7200 萬美元已轉入由 DAO 控制的地址，最終處置方案需透過 Aave、Kelp DAO 與 Arbitrum 三個 DAO 的協作，並由 ARB 代幣持有者投票決定。

AI總結

展開

核心观点：Arbitrum 安全委员会首次动用紧急权限冻结并追回约 7200万美元朝鲜黑客资产，此举挑战了区块链不可篡改的固有认知，凸显了去中心化系统中社会共识与市场行为的根基作用，同时揭示了加密行业在安全防护与稳定币发行方责任上的深层矛盾。
关键要素：
1. Arbitrum 安全委员会通过9-of-12多签机制，在黑客资金滞留两天的窗口期内，从朝鲜黑客地址冻结并追回约7200万美元资产，这是主流L2首次执行此类操作。
2. Griff Green 强调区块链的“不可篡改性”是误解，其根基在于社会共识；若全网同意，规则即可改变，例如以太坊因The DAO事件硬分叉。
3. 黑客攻击模式以社会工程学为主，而非代码漏洞，通过获取密钥持有者权限实施攻击，暴露出运维安全（opsec）的薄弱环节。
4. Griff Green 批评Circle（USDC发行方）在冻结朝鲜资金上“持续不作为”，而Tether（USDT发行方）则主动行动，追回金额远超7000万美元，原因在于两家公司的创始背景与决策逻辑差异。
5. 加密行业安全短板阻碍了技术落地，技术虽已成熟，但普通人仍因钓鱼、智能合约漏洞等面临资金损失风险，远高于传统银行系统。
6. 追回的7200万美元已转入由DAO控制的地址，最终处置方案需通过Aave、Kelp DAO与Arbitrum三个DAO的协作，并由ARB代币持有者投票决定。

Arranged & Compiled by: Deep Tide TechFlow

Guest: Griff Green, Arbitrum Security Council Member

Host: Zack Guzman

Podcast Source: Coinage

Original Title: Why Arbitrum Decided To Take Back $72M North Korea Stole

Airdate: April 23, 2026

Editor's Introduction

Over the past few days, the Ethereum ecosystem and the broader crypto space have been focused on the incident where Kelp DAO (a liquid restaking protocol) was hacked, impacting Aave (a decentralized lending platform).

The Arbitrum Security Council invoked emergency powers to freeze and recover approximately $72 million in assets from an address suspected to be controlled by North Korean hackers. This marks the first time in the crypto industry that an L2 has activated a "god mode" to freeze funds from a specific address. Before this podcast, the community was divided in opinion; the controversy centered on the fact that while Arbitrum did the right thing, a chain possessing the ability to "transfer assets out of an address" raises doubts about the boundaries of its power and its decentralization.

The guest in this podcast is Griff Green, a member of the Arbitrum Security Council that authorized this decision. Simultaneously, Griff is a survivor of the 2016 DAO hack and one of the proponents of the Ethereum hard fork. In the interview, he directly criticized Circle (USDC issuer) for its "continued inaction" in the North Korean hacker incident, contrasting it with Tether's proactive freezing actions, arguing that Circle's decision-making logic is entirely driven by financial statements.

Key Quotes

"Immutability" of Blockchain is a Misconception

"People think blockchains are immutable, but in reality, they run on social consensus. If everyone agrees to upgrade the protocol, the rules can be changed. This applies to Ethereum and Bitcoin alike."
"That's why there are currently discussions within the Bitcoin community about freezing Satoshi's coins. It's entirely technically feasible because blockchains aren't absolutely immutable; they just have rules."

The True Foundation of Decentralization is Market Behavior

"If people don't like our decisions, they will sell their tokens. If the Bitcoin network coordinated to steal people's money, holders would obviously dump their coins. The real foundation of decentralization is market behavior. The role of market dynamics in this incident has been severely underestimated."
"Honestly, no one would blame us for doing nothing. Doing nothing carries almost no risk, so you need a bit of willingness to take risks."

North Korean Hackers' Attack Pattern

"North Korea rarely engages in smart contract-level attacks. Most of the time, they don't attack the code, but people. They use social engineering to find key holders with special privileges and gain access to their computers and keys."
"I don't know why they left the funds in one address for two days without moving them. Maybe they worked for three straight days, took Sunday off, and were late on Monday. That was our window."

Circle vs. Tether

"Let me be very clear: There are obviously no 'good guys' at Circle. Because they consistently choose inaction. On the other hand, Tether continuously freezes North Korean funds, recovering far more than $70 million."
"Circle's origin isn't crypto-native; it's Goldman Sachs. So their decision-making logic is: 'Will this look good on the balance sheet?' If freezing North Korean funds would make them money, they would definitely do it."

Security Issues are the Biggest Obstacle to Crypto Adoption

"With today's technology, we can absolutely build something more secure than PayPal or banks. Take the infrastructure of banks and PayPal, remove the custodians, make it non-custodial; the technology is already there."
"I don't know anyone who lost money from their bank account after being phished. But I know many people who lost crypto after being phished."
"I've been building for the public good, trying to create something better than government, but I keep hitting the same wall: this technology isn't yet safe enough for ordinary people to use."

Activating God Mode

Zack Guzman: Many people are watching the situation unfold. The controversy hasn't stopped. Let's start with the structure of the Arbitrum Security Council. You are a member of the council, and in your post, you mentioned this was a very serious decision. Can you walk us through how the entire event unfolded?

Griff Green: Kelp DAO was attacked. Whether primary responsibility lies with Kelp DAO or LayerZero (a cross-chain messaging protocol) is still debated, but the impact certainly affected Aave. It was a cross-chain bridge attack. About $300 million in tokens originally on Layer 2 were stolen from the bridge by the hacker, then deposited into Aave on Ethereum mainnet and Arbitrum as collateral to borrow ETH.

After the North Korean hackers obtained the ETH, they left it sitting in their wallet for several days without moving it, giving us a window to coordinate a rescue. Arbitrum, as a Stage 1 rollup still under development (meaning it has certain security guarantees but isn't fully decentralized), has a Security Council. It's a 9-of-12 multisig (requiring 9 signatures out of 12 members to execute an operation). We collaborated with the Seal 911 team (a security emergency response organization in the crypto industry) to use emergency powers to transfer the funds out of the North Korean-controlled address and freeze them in a new address they couldn't access.

The Foundation of Blockchain

Zack Guzman: I didn't know about the 9-of-12 threshold before. It seems like many people didn't know Arbitrum had this capability. You probably didn't want North Korean hackers to know about this feature either.

Griff Green: Actually, this is completely public information. I think there are some misconceptions about blockchain technology. The foundation of blockchain is open-source code, nodes running on servers, and social consensus.

My first project was The DAO. We raised $150 million and then got hacked. For detailed information, you can read Laura Shin's book "The Cryptopians," which has 100 pages dedicated to this incident. Ultimately, we forked the Ethereum network, doing something very similar to what we did on Arbitrum this time: breaking the rules without the hacker's permission to move funds out of their wallet.

This can be done on Ethereum, Bitcoin, or any chain. Because the essence of blockchain operates on social consensus. There are discussions in the Bitcoin community now about freezing Satoshi's coins; if everyone agrees, it can be done.

What's slightly different on Arbitrum is that you don't need to convince all network node operators. There are two paths: ARB token holders can vote to execute the same operation, or the Security Council's 9-of-12 multisig can act in an emergency. Before this incident, the Security Council's powers were only used for fixing bugs and upgrading the protocol, never for freezing funds. As far as I know, this is the first time a major L2 has frozen on-chain funds.

Comparing Two Incidents

Zack Guzman: You experienced the DAO hack and this incident. How do the two compare?

Griff Green: This time was much easier. The DAO was my own project; losing $150 million was far more stressful. This time, I didn't suffer any personal financial loss; I just stepped in as a Security Council member to help.

Moreover, the infrastructure is much better now, allowing us to figure out what happened much faster. Back when The DAO was hacked, we had no idea who the hacker was. In this case, Seal 911 was able to contact the FBI, and we basically confirmed the attacker was the North Korean hackers. We got intelligence from outside the ecosystem through the behind-the-scenes network we've built over the years.

Discussion of Key Issues

Zack Guzman: During the decision-making process, the side of inaction meant letting North Korea keep these funds. But conversely, some worry this might have a chilling effect on DeFi. What was the discussion process like?

Griff Green: First, there were the technical challenges. We spent a lot of time finding a perfect technical solution. The fact that we found such a solution is remarkable in itself; the credit goes to the technical heroes behind the scenes.

Only after confirming the technical feasibility did the real discussion begin: Could we do it, but should we?

From my personal standpoint, the attacker was almost certainly North Korea, involving $72 million, and DeFi faced an existential risk. My duty was to uphold the Arbitrum Constitution and do what I believed was right for Arbitrum. No one would blame us for choosing inaction; doing nothing carries almost zero risk. So it did require a bit of a pioneering spirit.

Some people might feel uncomfortable thinking, "Nine people can just do this on-chain." But let me tell you, getting nine security experts, who are inherently extremely risk-averse, to agree to do something, after exhausting all potential issues, is much harder than you think. It might be harder than coordinating mining pools to freeze Satoshi's coins.

The key information is that the system remains decentralized. This is reflected not only in its architecture but also in market sentiment and price action. If people don't like our decision, they will sell their tokens. That's the true cornerstone of decentralization; the role of market dynamics in this situation has been severely underestimated.

Zack Guzman: The Security Council is elected by ARB token holders. Could this incident set a precedent, changing people's attitudes towards hacker incidents in the Ethereum ecosystem?

Griff Green: One thing is underestimated: hackers rarely leave funds sitting in one address for two days without moving them. It was precisely because they didn't move them that we had a window of opportunity. I can't think of any previous hack incident on Arbitrum with a similar situation. I don't know why they didn't transfer the funds. Maybe they worked for three days, got tired, rested on Sunday, and were late on Monday.

So, I think people will be more open to this. Not because it became technically possible (it always was), but because people saw an actual operation. L2Beat clearly states on its site that the Security Council has emergency upgrade powers. The hackers could have transferred the funds at any time and ruined our efforts, but we got lucky.

Security Lessons

Zack Guzman: Any security lessons learned?

Griff Green: First, technical risk analysis needs to improve. Aave does a good job controlling the listing of low-market-cap, high-volatility tokens, but it was too permissive with liquid staking tokens (LSTs). The underlying asset of these tokens is ETH, so the economic risk is indeed lower, but technical risk analysis needs more scrutiny. This isn't just Aave's problem; all lending protocols like Morpho, Compound, Sky, etc., need to double down on technical risk analysis.

Kelp DAO's setup had a single point of failure (one-of-one, meaning compromising one key point was enough to succeed), which is why it was criticized. But the bigger issue was operational security (opsec), i.e., the keys were compromised. North Korea rarely engages in smart contract-level attacks. Most of the time, they don't attack the code, but the people. Specifically, they use social engineering to gain access to computers and keys with special privileges.

There are two ways to deal with this: First, strengthen security standards. If you manage significant funds, your computer's security level should be like that of a CEO at a major traditional tech company. But the crypto industry hasn't reached that level yet.

What Happens to the $72 Million

Zack Guzman: What happens next with the $72 million that was recovered? Will that also be determined by your vote?

Griff Green: Yes, and this will be very interesting. Users in the Aave and Kelp DAO ecosystems will be in a better position, but the specific plan is hard to determine. Coordination within a DAO is inherently difficult, just like with governments and large organizations, especially when there isn't a clear final decision-maker.

Initially, Aave and Kelp DAO were pointing fingers at each other. Now, with Arbitrum involved, it requires coordination among three DAOs. The good side is that there are now actual funds to allocate; Aave and Kelp DAO can't just pass the buck anymore; they need to publicly formulate a plan. How this $72 million is returned to users will ultimately be decided by a vote of Arbitrum DAO token holders.

My personal stance is that unless 100% is directly returned to users, the Arbitrum DAO should not release these funds.

It's important to clarify that the Security Council only acts in emergencies. We deliberately sent the funds to the address 0x0000DAO. The "DAO" suffix was a deliberate choice, signifying that the money now belongs to the DAO community. I am also a delegate for the Arbitrum DAO. But the total voting power might be around 200 million votes, and I only have about 10 million votes, roughly 5% of the voting power. There are many others with more weight than me.

Current Projects

Zack Guzman: Let's talk about your current projects, which are highly relevant to the security theme.

Griff Green: I've been building in this industry since the DAO incident. I co-built a platform called Giveth (a decentralized donation platform), helping many non-profits raise funds on Ethereum. I've personally watched these non-profits lose money in every way imaginable: sending funds to the correct address but on the wrong chain, getting phished, smart contract vulnerabilities, exchange hacks, etc.

With today's technology, we can absolutely build something more secure than PayPal or banks. The technology is in place. But the reality is, I don't know anyone who had their bank account drained after being phished, yet I know many people who lost crypto after being phished.

So we created the DAO Security Fund. The goal is to make Ethereum safer than banks. We have approximately $170 million in staked assets, using the staking rewards as a long-term funding source for the security sector.

The first round of large-scale grants launches tomorrow. At qf.giveth.io, you can donate to security projects. Based on your donation direction, a $1 million matching pool will be distributed proportionally to various security projects.

But more important than the money is project discovery. There are hundreds of free, open-source security tools out there, but many people have no idea they exist. The core purpose of this round is to bring these projects together in one place for people to discover them. Funding helps these projects survive, but the real impact comes from market signals: which projects are most needed, and which directions warrant more people's investment.