Auto-sync: 2026-04-21 17:12

wiki/concepts/Checks-Effects-Interactions.md

@@ -1,41 +0,0 @@
----
-title: "Checks-Effects-Interactions"
-type: concept
-tags: [smart-contract, pattern, security]
-sources: [blockchain-security-auditor]
-last_updated: 2026-04-20
----
-
-## Definition
-Checks-Effects-Interactions（检查-效果-交互）是一种智能合约安全设计模式，通过在执行外部调用前完成所有状态更新来防止重入攻击。
-
-## Pattern
-```solidity
-function withdraw() external nonReentrant {
-    // 1. CHECKS: 验证条件
-    uint256 amount = balances[msg.sender];
-    require(amount > 0, "No balance");
-
-    // 2. EFFECTS: 更新状态
-    balances[msg.sender] = 0;
-
-    // 3. INTERACTIONS: 执行外部调用
-    (bool success,) = msg.sender.call{value: amount}("");
-    require(success, "Transfer failed");
-}
-```
-
-## Why It Works
-1. 状态在外部调用前已更新
-2. 攻击者重入时检查失败
-3. 即使外部调用失败，状态也不会不一致
-
-## Limitations
-- 复杂业务逻辑可能无法严格遵循
-- 需要配合 ReentrancyGuard 作为额外防护
-- 异步操作（如 event emission）应在交互后执行
-
-## Connections
-- [[Reentrancy]] ← prevents ← [[Checks-Effects-Interactions]]
-- [[Smart Contract Pattern]] ← is_type_of ← [[Checks-Effects-Interactions]]
-