Merge pull request ethereum#13457 from ethereum/checks

Explained Checks-Effects-Interactions

docs/security-considerations.rst

@@ -98,7 +98,7 @@ as it uses ``call`` which forwards all remaining gas by default:
     }
 
 To avoid re-entrancy, you can use the Checks-Effects-Interactions pattern as
-outlined further below:
+demonstrated below:
 
 .. code-block:: solidity
 
@@ -116,6 +116,13 @@ outlined further below:
         }
     }
 
+The Checks-Effects-Interactions pattern ensures that all code paths through a contract complete all required checks
+of the supplied parameters before modifying the contract's state (Checks); only then it makes any changes to the state (Effects);
+it may make calls to functions in other contracts *after* all planned state changes have been written to
+storage (Interactions). This is a common foolproof way to prevent *re-entrancy attacks*, where an externally called
+malicious contract is able to double-spend an allowance, double-withdraw a balance, among other things, by using logic that calls back into the
+original contract before it has finalized its transaction.
+
 Note that re-entrancy is not only an effect of Ether transfer but of any
 function call on another contract. Furthermore, you also have to take
 multi-contract situations into account. A called contract could modify the