The Frozen Funds Debate: Should DeFi Protocols Have the Power to Lock Stolen Assets?

The cryptocurrency industry finds itself criticized both for freezing stolen assets and for failing to act, as conflicting expectations create an impossible standard.

Protocols operating in the decentralized finance (DeFi) space are taking action to freeze stolen assets, even as centralized entities draw criticism for their reluctance or hesitation to respond similarly.

Following a significant exploit, an intervention occurred on Arbitrum that resulted in the freezing of assets tied to the attacker, while certain stablecoin issuers like Circle have encountered public criticism for responses that have been either slower or more restricted in comparable circumstances.

According to Connor Howe, CEO and co-founder of cross-chain infrastructure project Enso, cryptocurrency protocols bear striking similarities to centralized platforms and traditional banks when a limited number of individuals possess the authority to freeze assets.

The differentiation from a bank compliance officer is less than DeFi idealists will ever admit.
Connor Howe, CEO of Enso

This discussion transcends the typical debate between decentralization versus centralization, focusing instead on questions of who possesses the authority to intervene and the speed at which they can execute that intervention. These factors, in practical terms, can be the difference between successfully halting stolen assets or watching them disappear.

Crypto community divided on Arbitrum's decision to freeze stolen funds — The crypto community remains split on whether Arbitrum's decision to freeze stolen funds was appropriate. Source: Joe Hall

How decentralized can DeFi really be?

In straightforward terms, the cryptocurrency industry remains divided over whether platforms that identify as decentralized should possess the capability to freeze assets when exploits occur.

Platforms such as THORChain have stated that their design prevents them from freezing funds, even when exploits take place. However, security researchers have raised doubts about this assertion, referencing previous instances where intervention actually occurred.

THORChain founder's defense against the security community — THORChain founder responds to criticism from the security community. Source: JP Thorbjornsen

Bernardo Bilotta, CEO of stablecoin infrastructure platform Stables, has expressed that while the functionality is essential, it must function under well-defined limitations.

Freeze capabilities need to be narrowly scoped, time-limited and governed by transparent criteria that existed before the breach occurred. A protocol shouldn't be making up the rules while the house is on fire.
Bernardo Bilotta, CEO of Stables

According to Bilotta, prioritizing "philosophical purity" at the expense of protecting users amounts to "negligence."

The conversation surrounding these issues was reignited by the recent $293 million Kelp DAO exploit, which saw Arbitrum freeze portions of the stolen assets believed to be connected to North Korean hackers. Critics within the industry argued that this decision contradicted DeFi's fundamental principles.

The layer-2 network built on Ethereum operates with a security council consisting of 12 members who possess the authority to implement specific protocol modifications. When emergency circumstances arise, the council can execute changes through nine of the 12 signatories in its multisig wallet.

Arbitrum security council members — Members of Arbitrum's security council receive their positions through votes from the network's decentralized autonomous organization. Source: Arbitrum

Howe emphasized that transparency regarding the operations of such security councils can still provide meaningful distinction between DeFi platforms and traditional financial institutions or their centralized equivalents.

That's notably different from a TradFi institution that invokes discretionary powers buried in their terms of service and guarded by their legal team. There should be transparency in every protocol around who holds the keys, and the safeguards in place to prevent them from going rogue. If there's no clear distinction, then it's a vague claim of decentralization.
Connor Howe

A different set of limitations for centralized issuers

Among the world's most-traded cryptocurrencies are centralized stablecoins. The two largest examples, Tether's USDt and Circle's USDC, together represent more than $266 billion in combined market capitalization.

Both of these issuers possess the technical capability to freeze their respective stablecoins, though their approaches to utilizing this function differ significantly.

Tether tends to freeze funds with greater speed in the majority of security breaches, whereas Circle prioritizes legal procedures and jurisdictional requirements before taking action.

Let me be clear about something that is frequently misunderstood: when Circle freezes USDC, it is not because we have decided, unilaterally or arbitrarily, that someone's assets should be taken from them. Our ability to freeze funds is a compliance obligation — exercised only when we are legally compelled by an appropriate authority, through lawful process.
Dante Disparte, Circle's head of global policy

The company found itself compelled to clarify its position following the recent $280 million exploit targeting the Solana-based Drift protocol, an incident also attributed to North Korea.

Security experts demanding answers found Circle's explanation insufficient. Source: ZachXBT

According to Bilotta, choosing to wait for formal legal orders in situations where clear, onchain evidence of an exploit exists represents a "failure of responsibility."

The question of who determines what qualifies as "extreme"

Major exploits, particularly those with connections to North Korean actors, have forced the industry into scenarios that most observers would classify as extreme, where hundreds of millions of dollars can be extracted and laundered in real time.

These situations give rise to critical questions about who has the authority to define what constitutes "extreme" circumstances and when intervention becomes justified.

This is the question the industry has been ducking the longest. In practice, 'extreme' is too often defined after the fact by whoever holds the keys, which is exactly the failure mode decentralization was meant to avoid.
Wish Wu, CEO of Pharos

According to Wu, the more trustworthy approach involves defining these conditions beforehand and embedding them into governance structures, even when that means acknowledging that certain edge cases will fall outside the established rules.

Can a small, identifiable group move user funds before users have a fair chance to exit? If the answer is yes, then whatever the marketing says, the system is custodial in substance. If the answer is no, only then are we in an honest conversation about which governance and safety tradeoffs make sense for different use cases.
Wish Wu

When systems fall below that threshold, decentralization ceases to carry any meaningful substance, he added.