Summary

In ExecutionHelper, we are using low-level calls. Low-level calls (call, delegatecall, and staticcall) return success even if the called contract doesn’t exist (i.e., not deployed or destroyed).

Vulnerability Details

In _execute and _tryExecute, we are not checking if our target is zero or if the contract at the target address exists when needed. This can cause a loss of user funds and return incorrect information.

Scenario: If the target is zero and we are transferring ether, this can cause a loss of funds.

Scenario: If our target contract doesn't exist when we are making a call to perform some state change, it will not revert when using _execute and will return true when using _tryExecute.

Impact

It can lead to several issues, such as the call not reverting when needed, potentially causing a loss of funds. Additionally, when using _tryExecute, it will incorrectly return as successful.

Tools Used

Manual

Recommendations

We should check that our target is not zero, and when we need our target to have code, we should verify this to mitigate any risks.