What is reentrancy?
TODO(author): one-paragraph definition tying reentrancy to the call/external-call boundary in the EVM.
Classic reentrancy
TODO(author): walk through the DAO-era pattern. Single-function reentrancy. The role of check-effects-interactions.
Modern variants
Read-only reentrancy
TODO(author): explain how view functions returning stale state during an external call can still be weaponized (e.g. Curve, Balancer).
Cross-contract reentrancy
TODO(author): explain when a reentrant call enters a sibling contract that shares state.
Cross-function reentrancy
TODO(author): explain reentrancy across functions that share storage.
Cross-chain reentrancy
TODO(author): briefly, message-passing layers introducing new re-entry surfaces.
How to prevent reentrancy
TODO(author): nonReentrant modifiers, check-effects-interactions, pull-over-push, transient storage (EIP-1153), and formal invariants to assert.
What CODESPECT checks for
TODO(author): how CODESPECT audits look for these patterns; link to /web3-security.