diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..9f87a73
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,22 @@
+.DS_Store
+
+.anchor
+test-ledger
+target
+
+**/*.rs.bk
+
+dist
+node_modules
+yarn-error.log
+
+.idea
+.vscode
+
+.env
+config/
+
+**/.git
+**/*.lz4
+**/*.so
+
diff --git a/.github/ci-docker-publish.yml b/.github/ci-docker-publish.yml
new file mode 100644
index 0000000..aab0fdd
--- /dev/null
+++ b/.github/ci-docker-publish.yml
@@ -0,0 +1,54 @@
+name: Publish Docker Image to GHCR
+
+on:
+  push:
+    branches: [main]
+    paths:
+      [
+        ".github/ci-docker-publish.yml",
+        "programs/**",
+        "lib/**",
+        "bin/autobahn-router/**",
+      ]
+  workflow_dispatch:
+
+env:
+  IMAGE: autobahn-router
+  REGISTRY: ghcr.io
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+
+      # Use docker buildx
+      - name: Use docker buildx
+        uses: docker/setup-buildx-action@v2
+        id: buildx
+        with:
+          install: true
+          buildkitd-flags: --debug
+
+      # Login to Registry
+      - name: Login to Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Build and push the base image, leveraging layer caching
+      - name: Build and Push Base Image
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/blockworks-foundation/${{ env.IMAGE }}:${{ github.sha }}
+            ${{ env.REGISTRY }}/blockworks-foundation/${{ env.IMAGE }}:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/deploy-fly.yml b/.github/deploy-fly.yml
new file mode 100644
index 0000000..844afcc
--- /dev/null
+++ b/.github/deploy-fly.yml
@@ -0,0 +1,21 @@
+name: Deploy to Fly
+
+on:
+  push:
+      branches: [main]
+
+env:
+  FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout 
+        uses: actions/checkout@v2
+
+      - name: Setup Fly
+        uses: superfly/flyctl-actions/setup-flyctl@master
+      
+      - name: Deploy
+        run: flyctl deploy -c fly.toml -a autobahn-router-1
diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml
new file mode 100644
index 0000000..d6d66ee
--- /dev/null
+++ b/.github/workflows/build_test.yml
@@ -0,0 +1,140 @@
+name: Cargo Build & Test
+
+on:
+  push:
+    branches:
+  pull_request:
+
+env:
+  CARGO_TERM_COLOR: always
+  SCCACHE_GHA_ENABLED: true
+  RUSTC_WRAPPER: sccache
+  SCCACHE_CACHE_SIZE: "1G"
+  SOLANA_VERSION: '1.18.8'
+
+jobs:
+  build_and_test:
+    name: Router full build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Linux Packages
+        run: |
+          sudo apt-get update -y
+          sudo apt-get install libssl-dev openssl -y
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      # The toolchain action should definitely be run before the cache action
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          cache: true
+          # avoid the default "-D warnings" which thrashes cache
+          rustflags: ""
+
+      - name: Run sccache-cache
+        uses: mozilla-actions/sccache-action@v0.0.3
+
+      # https://github.com/actions/cache/blob/main/examples.md#rust---cargo
+      # https://blog.arriven.wtf/posts/rust-ci-cache/
+      - uses: Swatinem/rust-cache@v2
+        with:
+          # will be covered by sscache
+          cache-targets: false
+          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+
+      - name: Install Solana
+        run: |
+          sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_VERSION }}/install)"
+          echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH
+          export PATH="/home/runner/.local/share/solana/install/active_release/bin:$PATH"
+          solana --version
+          echo "Generating keypair..."
+          solana-keygen new -o "$HOME/.config/solana/id.json" --no-passphrase --silent
+          echo Installing sbf toolchain...
+          (cd /home/runner/.local/share/solana/install/active_release/bin/sdk/sbf/scripts; ./install.sh)
+
+      - name: Build All Targets
+        run: cargo build --locked --workspace --all-targets
+
+      - name: Test autobahn-router
+        run: cargo test --locked --workspace --package autobahn-router --bin autobahn-router
+
+      - name: Build sbf programs
+        run: cargo build-sbf
+
+      - name: Test Executor
+        run: cargo test-sbf --package autobahn-executor
+
+  coverage:
+    name: Coverage
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      # The toolchain action should definitely be run before the cache action
+      - uses: actions-rust-lang/setup-rust-toolchain@v1
+        with:
+          cache: true
+          # avoid the default "-D warnings" which thrashes cache
+          rustflags: ""
+
+      - name: Run sccache-cache
+        uses: mozilla-actions/sccache-action@v0.0.3
+
+      # https://github.com/actions/cache/blob/main/examples.md#rust---cargo
+      # https://blog.arriven.wtf/posts/rust-ci-cache/
+      - uses: Swatinem/rust-cache@v2
+        with:
+          # will be covered by sscache
+          cache-targets: false
+          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+
+      - name: Install Solana
+        run: |
+          sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_VERSION }}/install)"
+          echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH
+          export PATH="/home/runner/.local/share/solana/install/active_release/bin:$PATH"
+          solana --version
+          echo "Generating keypair..."
+          solana-keygen new -o "$HOME/.config/solana/id.json" --no-passphrase --silent
+
+      - name: Install cargo-llvm-cov
+        uses: taiki-e/install-action@cargo-llvm-cov
+
+      - name: Build all deps
+        run: |
+          cargo build-sbf --verbose
+
+      - name: Generate code coverage
+        run: cargo llvm-cov --package autobahn-executor --lcov --output-path lcov.info -- --nocapture
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: lcov.info
+          verbose: true
+          fail_ci_if_error: false
+        env:
+          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+  sca:
+    name: Dependency Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # Fail the job on critical vulnerabilities with fix available
+      - name: Fail on critical vulnerabilities
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          scan-ref: 'Cargo.lock'
+          ignore-unfixed: true
+          hide-progress: true
+          format: 'table'
+          severity: 'CRITICAL'
+          exit-code: '1'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..801ee7a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,11 @@
+.DS_Store
+
+target
+config
+
+**/*.rs.bk
+
+.idea
+.vscode
+profile.json
+*.lz4