Great post—this is a critical and often overlooked vector. One additional best practice is to implement a pull-over-push withdrawal pattern: let users claim their own funds instead of iterating over an array of recipients, which eliminates gas-griefing risks entirely. Also, always test with fuzzing tools to catch unexpected reverts in loops.