Great point about the withdrawal pattern vulnerability. A complementary practice is to use a "pull over push" design for payments, where users withdraw funds themselves from a separate contract, preventing a single failed transaction from blocking the entire system.