Checks-effects-interactions is the canonical pattern for writing reentrancy-safe Solidity functions:
- Checks: validate inputs and require the caller is authorized.
- Effects: update all relevant state in the current contract.
- Interactions: only after state is updated, make external calls.
Following this order ensures that any reentrant call into the contract sees the post-update state, so a re-entered withdrawal sees a zero balance, an over-transfer is impossible, and so on.
The pattern is decades old in security engineering and well-documented in Solidity's official guidance. Despite that, reentrancy still ships in production code, almost always because the developer thought "this external call is safe" or "this token can't be malicious." A senior auditor's heuristic is: every external call is a potential reentrance, period.