diff --git a/.github/workflows/docker-publish-gnark.yml b/.github/workflows/docker-publish-gnark.yml
index e6f32e127b..75dfaee566 100644
--- a/.github/workflows/docker-publish-gnark.yml
+++ b/.github/workflows/docker-publish-gnark.yml
@@ -1,5 +1,4 @@
-# Source: https://raw.githubusercontent.com/foundry-rs/foundry/master/.github/workflows/docker-publish.yml
-name: docker-gnark
+ame: docker-gnark
 
 on:
   push:
@@ -7,7 +6,6 @@ on:
       - "v*.*.*"
   schedule:
     - cron: "0 0 * * *"
-  # Trigger without any parameters a proactive rebuild
   workflow_dispatch:
     inputs:
       tags:
@@ -21,175 +19,84 @@ env:
 
 jobs:
   build-amd64:
-    runs-on:
-      [
-        runs-on,
-        runner=64cpu-linux-x64,
-        spot=false,
-        "run-id=${{ github.run_id }}",
-      ]
-    # https://docs.github.com/en/actions/reference/authentication-in-a-workflow
+    runs-on: [runs-on, runner=64cpu-linux-x64, spot=false, "run-id=${{ github.run_id }}"]
     permissions:
       id-token: write
       packages: write
       contents: read
-    timeout-minutes: 120
     steps:
       - name: Checkout repository
-        id: checkout
         uses: actions/checkout@v4
-
-      - name: Install Docker BuildX
+      - name: Set up Docker BuildX
         uses: docker/setup-buildx-action@v3
-        id: buildx
-        with:
-          install: true
-
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
-        # Ensure this doesn't trigger on PR's
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      # Creates an additional 'latest' or 'nightly' tag
-      # If the job is triggered via cron schedule, tag nightly and nightly-{SHA}
-      # If the job is triggered via workflow dispatch and on a master branch, tag branch and latest
-      # Otherwise, just tag as the branch name
-      - name: Finalize Docker Metadata
-        id: docker_tagging
-        run: |
-          if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
-            echo "manual trigger from workflow_dispatch, assigning tag ${{ github.event.inputs.tags }}"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.tags }}" >> $GITHUB_OUTPUT
-          elif [[ "${{ github.event_name }}" == 'schedule' ]]; then
-            echo "cron trigger, assigning nightly tag"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-${GITHUB_SHA}" >> $GITHUB_OUTPUT
-          else
-            echo "Neither scheduled nor manual release from main branch. Just tagging as branch name"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
-          fi
-
-      # Log docker metadata to explicitly know what is being pushed
-      - name: Inspect Docker Metadata
-        run: |
-          echo "TAGS -> ${{ steps.docker_tagging.outputs.docker_tags }}"
-          echo "LABELS ->  ${{ steps.meta.outputs.labels }}"
-
-      # Build and push Docker image
-      # https://github.com/docker/build-push-action
-      # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v6
+      - name: Build and push AMD64 image
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile.gnark-ffi
           platforms: linux/amd64
           push: true
-          tags: ${{ steps.docker_tagging.outputs.docker_tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64
           cache-from: type=gha
           cache-to: type=gha,mode=max
-          build-args: |
-            BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
-            VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
-            REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
 
   build-arm64:
-    runs-on:
-      [
-        runs-on,
-        runner=64cpu-linux-arm64,
-        spot=false,
-        "run-id=${{ github.run_id }}",
-      ]
-    # https://docs.github.com/en/actions/reference/authentication-in-a-workflow
+    runs-on: [runs-on, runner=64cpu-linux-arm64, spot=false, "run-id=${{ github.run_id }}"]
     permissions:
       id-token: write
       packages: write
       contents: read
-    timeout-minutes: 120
     steps:
       - name: Checkout repository
-        id: checkout
         uses: actions/checkout@v4
-
-      - name: Install Docker BuildX
+      - name: Set up Docker BuildX
         uses: docker/setup-buildx-action@v3
-        id: buildx
-        with:
-          install: true
-
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
-        # Ensure this doesn't trigger on PR's
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      # Creates an additional 'latest' or 'nightly' tag
-      # If the job is triggered via cron schedule, tag nightly and nightly-{SHA}
-      # If the job is triggered via workflow dispatch and on a master branch, tag branch and latest
-      # Otherwise, just tag as the branch name
-      - name: Finalize Docker Metadata
-        id: docker_tagging
-        run: |
-          if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
-            echo "manual trigger from workflow_dispatch, assigning tag ${{ github.event.inputs.tags }}"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.tags }}" >> $GITHUB_OUTPUT
-          elif [[ "${{ github.event_name }}" == 'schedule' ]]; then
-            echo "cron trigger, assigning nightly tag"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-${GITHUB_SHA}" >> $GITHUB_OUTPUT
-          else
-            echo "Neither scheduled nor manual release from main branch. Just tagging as branch name"
-            echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
-          fi
-
-      # Log docker metadata to explicitly know what is being pushed
-      - name: Inspect Docker Metadata
-        run: |
-          echo "TAGS -> ${{ steps.docker_tagging.outputs.docker_tags }}"
-          echo "LABELS ->  ${{ steps.meta.outputs.labels }}"
-
-      # Build and push Docker image
-      # https://github.com/docker/build-push-action
-      # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v6
+      - name: Build and push ARM64 image
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile.gnark-ffi
           platforms: linux/arm64
           push: true
-          tags: ${{ steps.docker_tagging.outputs.docker_tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64
           cache-from: type=gha
           cache-to: type=gha,mode=max
-          build-args: |
-            BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
-            VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
-            REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
+
+  create-manifest:
+    needs: [build-amd64, build-arm64]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Create and push manifest
+        run: |
+          TAGS=""
+          if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
+            TAGS="${{ github.event.inputs.tags }}"
+          elif [[ "${{ github.event_name }}" == 'schedule' ]]; then
+            TAGS="nightly nightly-${{ github.sha }}"
+          else
+            TAGS="${GITHUB_REF##*/}"
+          fi
+          
+          for TAG in $TAGS; do
+            docker buildx imagetools create -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$TAG \
+              ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64 \
+              ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64
+          done
\ No newline at end of file