We list all the issues we found in the inital version (commit fddd25e) and subsequent commits.

Rounding errors

We found several rounding error issues in the code.

In addLiquidity function, token_amount computed on line 51 is less than the actual value. The issue was fixed in commit 2c29ee8
In ethToToken(line 92) and ethToTokenExact(line 110) functions, the way to compute final results uses two integer divisions, and thus the error cannot be bounded. We proposed a better way to compute the results and reduced the error to at most 1. The issue was fixed in commit 7b23a2e.

Other implementation issues

On line 28, return value of setup function is not necessary. The issue was fixed in commit (3cdbb98).
In getEthToToken(line 104) and getTokenToEth(line 120) functions, since no call value is passed to the two functions, self.balance is not modified. As a result, they should not directly call ethToToken and ethToTokenExact functions. The issue was fixed in commit 0612ebf and was further fixed in commit 2c29ee8.
Several uncessary assertions were removed in commit ae2aec9.
We noticed that when comparing the computed value with user defined min/max value, < and > were used instead of <= and >=. The issue was fixed in commit fa912634.
In tokenToTokenExactfunction(line 269), the developer incorrectly used min_eth_bought instead of max_eth_bought to bound the ratio from eth to target token. The issue was fixed in commit 07e86fb.
We suggested adding assert msg.value > 0 in the addLiquidity function. The issue was fixed in commit 3956e9a.
We suggested refactoring ethToToken*/tokenToEther* functions to extract common code and avoid code duplication. The issue was fixed in commit 7b23a2e.
We found a naming issue on line 322. The issue was fixed in commit 3956e9a.