Mario Ciavarella

Dependency-free implementation of the Advanced Encryption Standard (AES) in modern JavaScript, covering the block cipher and the supporting primitives (PKCS#7 padding, SHA‑256, HMAC‑SHA256, PBKDF2‑HMAC) in plain code. The aim is a small, readable surface for environments where shipping a full third‑party crypto suite would be excessive.

It supports AES‑128/192/256 across ECB, CBC, PCBC, CTR, CFB, OFB and GCM, optional key derivation and integrity protection, plus utilities like sha256, hmacSha256 and pbkdf2Sha256. A compact API and regression suite (NIST KATs, fuzzing, large‑payload stress tests) keep it practical for teaching, prototypes and small systems that need deterministic, inspectable cryptography.

A poker bot built with Discord.js, a MySQL-backed API and a lightweight control panel to run casual Texas Hold’em and Blackjack games inside private servers. It automates lobbies, seating, betting rounds, card reveals and bankroll tracking while persisting player stats and audit logs in a relational database.

First assembled as a weekend project and revived later, it now acts as a playground for asynchronous flows, fairness checks and incentives like streaks and leaderboards. The newer iterations focus as much on the surrounding tooling—rate-limited endpoints, structured logging, access controls and a web dashboard—so the bot behaves like a small, observable multiplayer system rather than a one-off script.

A compact open-source framework for auditing AI and rule-based decisions across financial workflows. It combines a deterministic Merkle log with HMAC‑SHA256, pure-function policy checks (LTV, DSR, VaR, positivity), ε‑DP privacy budgeting with Laplace noise and clipping, and lightweight multivariate drift detection via Hotelling’s T² — all behind a single orchestrator and a minimal CLI.

The project is intentionally modest and self-contained (Python 3.10+, no external dependencies), centred on a toy mortgage underwriting flow and a deterministic test suite. It works as a sandbox for learning how accountability, traceability and transparency can be engineered as system properties rather than bolted on as compliance afterthoughts.

A modular heatmap dashboard for equity markets, built as a browser client that flips between an offline simulation and a Finnhub feed. State, transport and rendering stay isolated: tiles live in a state manager, updates travel through an event-driven controller and the renderer batches DOM work on animation frames to keep interactions fluid.

It doubles as a UI-heavy JavaScript lab where I postpone picking a framework. Views own the DOM quirks (filters, sliders, modals) while a small services layer handles WebSocket traffic, rate limits, API keys and mode switches, leaving room to tune performance and reuse patterns in tougher dashboards.