Call to non-existing contracts returns success

[hats-bug-reporter[bot]]

Github username: @Jelev123 Twitter username: zhulien_zhelev Submission hash (on-chain): 0x6782f1d9123466d9f8e60f5a706dc6497b782b3e3277a315b067cc832f572846 Severity: medium

Description: Description\ in consensusTakeReceipt function is missing check for SUBCALL

1. Proof of Concept (PoC) File

   (bool success, bytes memory data) = SUBCALL.call(
           abi.encode(
               CONSENSUS_TAKE_RECEIPT,
               abi.encodePacked(
                   hex"a2", // Map, 2 pairs
                   hex"62",
                   "id", // Byte string, 2 bytes
                   hex"1b",
                   receiptId, // Unsigned 64bit integer
                   hex"64",
                   "kind", // Byte string, 4 bytes
                   uint8(kind) // uint8 <= 23.
               )
           )
       );
   
       if (!success) revert SubcallError();

   Low level calls (call, delegatecall and staticcall) return success if the called contract doesn’t exist (not deployed or destructed) As written in the [solidity documentation](https://docs.soliditylang.org/en/develop/control-structures.html#error-handling-assert- The low-level functions call, delegatecall and staticcall return true as their first return value if the account called is non-existent, as part of the design of the EVM. Account existence must be checked prior to calling if needed.

Recommendation

Check for contract existence on low-level calls, so that failures are not missed.

[0xRizwan]

Invalid issue.

    address internal constant SUBCALL =
        0x0100000000000000000000000000000000000103;

SUBCALL is a precompile address which is hardcoded in contract as constant so contract address being not existent would not be applicable here.