Function names don't reflect their true functionalities, and the code uses some undocumented assumptions.
Refactor the code to separate getting rate functionality with getSellRate and getBuyRate. Explicitly document any assumptions in the code (slippage, etc).
- ConsenSys Audit DeFi Saver Finding 5.6
- Naming/Documentation/Refactoring
- Misleading Function Names & Assumptions
- Refactor Code Document Assumptions