diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index fd78ec8..9ddcddf 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,7 +1,7 @@
 name: Publish Docker
 on:
   push:
-    branches: [master]
+    branches: [master, docker-improvements]
     tags:
       - '*'
 jobs:
@@ -10,16 +10,21 @@ jobs:
     steps:
       - uses: actions/checkout@v2
 
-      - name: GitHub Login
-        uses: azure/docker-login@v1
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+        id: buildx
         with:
-          login-server: docker.pkg.github.com
+          install: true
+
+      - name: GitHub Container Registry Login
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Set Docker Package and Version
-        env:
-          ACTIONS_ALLOW_UNSECURE_COMMANDS: true
+        id: version
         run: |
           set +e
           _=$(echo "$GITHUB_REF" | grep "^refs/heads/")
@@ -41,20 +46,24 @@ jobs:
             PKG=etheno
           fi
           set -e
-          echo "::set-env name=PKG::$PKG"
-          echo "::set-env name=VER::$VER"
+          echo "::set-output name=PKG::$PKG"
+          echo "::set-output name=VER::$VER"
 
       - name: Docker Build
-        run: docker build -t $PKG:$VER .
+        run: docker build -t ${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }} --load --target final .
+
+      - name: Docker Push
+        run: |
+          docker tag ${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }} ghcr.io/${{ github.repository }}/${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }}
+          docker push ghcr.io/${{ github.repository }}/${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }}
 
       - name: DockerHub Login
-        uses: azure/docker-login@v1
+        uses: docker/login-action@v1
         with:
-          login-server: registry.hub.docker.com
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
 
       - name: Docker Push
         run: |
-          docker tag $PKG:$VER registry.hub.docker.com/trailofbits/$PKG:$VER
-          docker push registry.hub.docker.com/trailofbits/$PKG:$VER
+          docker tag ${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }} registry.hub.docker.com/trailofbits/${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }}
+          docker push registry.hub.docker.com/trailofbits/${{ steps.version.outputs.PKG }}:${{ steps.version.outputs.VER }}
diff --git a/Dockerfile b/Dockerfile
index 5c645db..1aaaa7f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,62 +1,59 @@
-FROM ubuntu:bionic
-MAINTAINER Evan Sultanik
+# syntax=docker/dockerfile:1.3
+FROM ubuntu:focal AS python-wheels
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+    build-essential \
+    cmake \
+    python3-dev \
+    python3-pip \
+    python3-setuptools
+RUN --mount=type=bind,target=/etheno \
+    cd /etheno && \
+    pip3 wheel --no-cache-dir -w /wheels '.[manticore]'
 
-RUN DEBIAN_FRONTEND=noninteractive \
-    apt-get update && apt-get install -y --no-install-recommends \
-    curl \
-    ca-certificates \
+
+FROM ubuntu:focal AS final
+LABEL org.opencontainers.image.authors="Evan Sultanik"
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
     bash-completion \
-    sudo \
+    ca-certificates \
+    curl \
+    gpg-agent \
+    libudev-dev \
+    locales \
     python3 \
-    libpython3-dev \
     python3-pip \
-    python3-setuptools \
-    git \
-    build-essential \
     software-properties-common \
-    locales-all locales \
-    libudev-dev \
-    gpg-agent \
-&& apt-get clean \
+    sudo \
 && rm -rf /var/lib/apt/lists/*
 
-RUN DEBIAN_FRONTEND=noninteractive add-apt-repository -y ppa:ethereum/ethereum && \
+RUN add-apt-repository -y ppa:ethereum/ethereum && \
     apt-get update && apt-get install -y --no-install-recommends \
     solc \
     ethereum \
-&& apt-get clean \
 && rm -rf /var/lib/apt/lists/*
 
-RUN curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash - && sudo apt-get install -y --no-install-recommends nodejs && apt-get clean && rm -rf /var/lib/apt/lists/*
+RUN curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash - && \
+    sudo apt-get install -y --no-install-recommends nodejs \
+&& rm -rf /var/lib/apt/lists/*
 
-# TODO: need to check whether this installation is correct
 RUN npm install --production -g ganache truffle && npm --force cache clean
 
-RUN useradd -m etheno
-RUN usermod -aG sudo etheno
-USER etheno
-WORKDIR /home/etheno
-USER root
-WORKDIR /root
+# BEGIN Install Etheno
+RUN --mount=type=bind,target=/mnt/etheno \
+    --mount=type=bind,target=/mnt/wheels,source=/wheels,from=python-wheels \
+    cd /mnt/etheno && \
+    pip3 install --no-cache-dir --no-index --find-links /mnt/wheels '.[manticore]'
 
-# Install Parity
-RUN curl https://get.parity.io -L | bash
+RUN useradd -m -G sudo etheno
 
 # Allow passwordless sudo for etheno
 RUN echo 'etheno ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
 
 USER etheno
-ENV HOME=/home/etheno PATH=$PATH:/home/etheno/.local/bin
+ENV HOME=/home/etheno
 WORKDIR /home/etheno
 
-COPY --chown=etheno:etheno LICENSE setup.py etheno/
-COPY --chown=etheno:etheno etheno/*.py etheno/etheno/
-
-RUN cd etheno && \
-    pip3 install --no-cache-dir && \
-    cd .. && \
-    rm -rf etheno
-
 COPY --chown=etheno:etheno examples examples/
 
 CMD ["/bin/bash"]
diff --git a/README.md b/README.md
index e0ddb73..9fa8580 100644
--- a/README.md
+++ b/README.md
@@ -88,11 +88,6 @@ etheno --ganache
 * `--balance` or `-b` sets the default balance (in Ether) to seed to each Ganache account (default is 100.0)
 * `--gas-price` or `-c` sets the default gas price for Ganache (default is 20000000000)
 
-**NOTE**: As of September, 2020, there is
-[an upstream bug in `ganache-cli` that prevents it from being run on Node version 14](https://github.com/trufflesuite/ganache-cli/issues/732).
-If you intend to use Truffle and/or Ganache, we suggest using Node 12 (_e.g._,
-with [`nvm`](https://github.com/nvm-sh/nvm)). 
-
 ### Differential Testing
 
 Whenever two or more clients are run within Etheno, the differential
diff --git a/docker/install-libff.sh b/docker/install-libff.sh
deleted file mode 100755
index da8225f..0000000
--- a/docker/install-libff.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-
-set -eux
-
-if ls /usr/local/lib | grep -q libff; then exit 0; fi
-
-git clone https://github.com/scipr-lab/libff --recursive
-cd libff
-git submodule init && git submodule update
-ARGS="-DWITH_PROCPS=OFF"
-CXXFLAGS=""
-if [ "$(uname)" = "Darwin" ]; then
-  export LDFLAGS=-L/usr/local/opt/openssl/lib
-  export CPPFLAGS=-I/usr/local/opt/openssl/include
-  export CXXFLAGS=-I/usr/local/opt/openssl/include
-  ARGS="$ARGS -DOPENSSL_INCLUDE_DIR=/usr/local/opt/openssl/include/openssl -DCURVE=ALT_BN128"
-  sed -i '' 's/STATIC/SHARED/' libff/CMakeLists.txt # Fix GHC segfaults from hell (idk why)
-  sed -i '' 's/STATIC/SHARED/' depends/CMakeLists.txt
-fi
-mkdir build
-cd build
-CXXFLAGS="-fPIC $CXXFLAGS" cmake $ARGS ..
-make && sudo make install
-cd ../.. && rm -rf libff