Skip to content
View maro20066600's full-sized avatar
1 follower · 3 following

Highlights

  • Pro

Block or report maro20066600

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
maro20066600/README.md

Marwan Maro

Smart Contract Security Researcher focused on DeFi protocol security, competitive audits, and security tooling.

Code4rena Cantina LinkedIn GitHub

I review smart contracts, study DeFi failure modes, and build Rust/TypeScript tools around EVM security workflows. My current focus is turning audit experience into practical monitoring, analysis, and reporting tools.

Security Highlights

  • Valid high and medium severity findings on Code4rena.
  • Helped secure Olas and Rujira through competitive smart contract audits.
  • Code4rena signal: Good.
  • Active on Code4rena and Cantina.
  • Merged Rust contribution to Warp terminal.
  • Contributor to smart contract security tooling, including Cyfrin Aderyn.

Featured Work

EVM Security Monitor

Rust-based MVP for a blockchain security monitoring backend.

  • Built with Rust, Axum, Tokio, SQLx, and SQLite.
  • Includes CLI commands for watched contracts, alert rules, and demo alerts.
  • Exposes REST and WebSocket APIs for health checks, contracts, rules, and alerts.
  • Includes Docker, docker-compose, GitHub Actions CI, and a clean deployment path.
  • Designed around extensible rules for large transfers, admin changes, suspicious approvals, and pause events.

Repository: evm-security-monitor

NullTrace

Dev3Pack hackathon project for AI-powered DeFi security intelligence, exploit monitoring, transaction analysis, and forensic incident reports.

  • Next.js, TypeScript, Tailwind CSS.
  • AI-assisted contract and transaction analysis.
  • DeFi incident feed and forensic dossiers.
  • LI.FI emergency bridge flow and x402 payment gate.

Repository: nulltrace-ai
Live: nulltrace-eight.vercel.app

Competitive Audits

Public competitive audit profiles with validated DeFi findings.

  • Code4rena: 1 high severity finding, 1 medium severity finding.
  • Helped secure: Olas, Rujira.
  • Cantina profile for ongoing vulnerability research.
  • Writeup: Olas broken TWAP validation

Code4rena: code4rena.com/@Maro0o0o
Cantina: cantina.xyz/u/Mar0o0o0

Open Source Contributions

Practical contributions to developer tools and security tooling.

  • Warp terminal: merged Rust contribution improving Markdown file-link behavior so it respects the user's Markdown Viewer preference, with regression test coverage and wasm CI follow-up.
  • Cyfrin Aderyn: contributed to the costly loop detector by reducing false positives from for-loop initializers and updating report baselines.
  • Foundry: opened a Chisel regression fix around dynamic bytes/string ABI memory display.

Technical Focus

  • Smart contract security and DeFi vulnerability research.
  • Solidity, EVM internals, fuzzing, and invariant testing.
  • Rust backend development and systems-level debugging.
  • Security monitoring, static analysis, and audit workflow tooling.
  • TypeScript applications for security dashboards and research interfaces.

Current Priorities

  • Publishing sanitized audit writeups from competitive findings.
  • Building a public audit portfolio with reproducible vulnerability notes.
  • Improving Rust and TypeScript tooling for EVM security workflows.
  • Contributing to high-quality open-source security and developer tools.

Contact

Pinned Loading

  1. maro20066600 maro20066600 Public

  2. nulltrace-ai nulltrace-ai Public

    TypeScript

  3. warpdotdev/warp warpdotdev/warp Public

    Warp is an agentic development environment, born out of the terminal.

    Rust 61k 4.9k

  4. evm-security-monitor evm-security-monitor Public

    Rust