The Arbitrum Security Council moved swiftly last week to freeze more than 30,000 ETH linked to a security breach involving KelpDAO. While the decision was presented as a major step in protecting users, it has reignited debate within the crypto ecosystem about the boundaries of “decentralization.”
Centralization versus security dilemma
The Security Council is a 12-member board on Arbitrum, elected by token holders every six months and authorized to intervene in emergencies. Exercising this authority, the council took control of assets seized in the KelpDAO attack, rendering these ETH effectively inaccessible. While supporters praise the move as a rapid response to prevent theft and safeguard users, critics argue it exposes the risks of a handful of individuals exerting outsized control in a supposedly decentralized network.
Proponents argue the intervention stopped millions of dollars in illicit funds from being laundered and bought essential time to try to recover losses. Opponents, however, stress that in critical moments, power can concentrate in just a few hands—meaning a central authority may act even after transactions are finalized.
The emergency process behind the decision
According to Steven Goldfeder, co-founder of Offchain Labs, the team behind Arbitrum, the Security Council’s initial instinct was to take no action. Goldfeder explained that the council first debated a passive approach but ultimately agreed with a proposal from one member for “minimal intervention.” The assets in the attacker’s control were therefore moved to a wallet with no access, effectively freezing the funds.
This form of technical intervention is seen as more proactive and effective than simply “freezing” funds. Yet, such privilege to intervene raises persistent concerns about centralization. In the crypto community, the ethos of “code is law” is popular, but in exceptional events like hacks, many are uneasy about a select group’s power to manipulate the protocol.
Community representation and governance
Patrick McCorry, research lead at the Arbitrum Foundation, emphasized that the Security Council is an entirely transparent part of the system. Council members are chosen by the community through on-chain votes every six months, and their powers are visible to all, with the intent that authority is ultimately delegated by and for the community.
Some critics maintain that such monumental decisions should be put to all token holders for consultation. However, Goldfeder insists that speed and confidentiality are crucial in threats of this kind. He noted that consulting the DAO could tip off attackers, allowing them to move assets before any protective action was taken.
“You cannot consult the DAO. The moment you do, the attackers become aware and make their move. You would end up doing nothing,” Goldfeder reflected.
Following the incident, investigations pointed to potential North Korean links to the attack. As the Security Council acted to lock down stolen ETH, the attackers began attempting to move the remaining funds into circulation.
These events once again highlight the delicate balance between decentralization and the need for rapid incident response. Empowering security councils with special authority may help protect users and ecosystem security, but over time, this could clash with crypto’s foundational principles. The ongoing debate signals more scrutiny around the management of future emergencies.
