checks-effects-interactions pattern prevents reentrancy by updating state before external calls

# checks-effects-interactions pattern prevents reentrancy by updating state before external calls The checks-effects-interactions (CEI) pattern structures function execution in three phases: first check all preconditions and validate inputs, then update all state variables, and only then make external calls. Since [[reentrancy is possible whenever external calls precede state updates]], performing state updates before external calls ensures that any reentrant call sees the already-updated state, neutralizing the attack. Combined with reentrancy guard modifiers (mutex locks), CEI has driven reentrancy from #1 to #5 in the OWASP 2025 ranking. The pattern is the primary defense against single-function, cross-function, and cross-contract reentrancy. For [[read-only reentrancy exploits view functions to cause other protocols to read inconsistent state|read-only reentrancy]], CEI alone is insufficient — protocols must also protect state-reading functions across contracts, not just state-writing ones, since `nonReentrant` guards do not trigger on view function calls. --- Relevant Notes: - [[reentrancy is possible whenever external calls precede state updates]] — the vulnerability this defends against - [[read-only reentrancy exploits view functions to cause other protocols to read inconsistent state]] — a variant that requires additional measures beyond CEI - [[vyper compiler reentrancy lock storage slot bug broke cross-function reentrancy protection in versions 0.2.15 through 0.3.0]] — demonstrates why CEI is essential as defense-in-depth: the compiler-level lock failure would not have mattered if CEI had been followed - [[vyper nonreentrant decorator uses a single global storage lock eliminating cross-function reentrancy by design in versions 0.4.0 and later]] — Vyper's language-level complement to CEI, providing structural reentrancy defense - [[the Fei Protocol Rari Capital exploit demonstrated that incomplete reentrancy guard coverage enables cross-function reentrancy through unprotected state-sharing functions]] — $80M lost because the team chose mutex locks over CEI and applied them incompletely - [[the Curve Finance Vyper compiler exploit proved that source-level reentrancy guards can be silently broken by compiler bugs invisible to auditors]] — CEI at the source level would have prevented this exploit regardless of the compiler bug that broke mutex guards - [[the Penpie exploit demonstrated reentrancy in reward-harvesting via permissionless Pendle market creation enabling flash-loan-amplified extraction of $27 million]] — $27M lost because _harvestBatchMarketRewards() made external calls to unvalidated market contracts before state updates; CEI compliance would have neutralized the re-entry Topics: - [[security-patterns]] - [[vulnerability-patterns]]