diff --git a/default.env b/default.env
index e595aa73..cd5219f6 100644
--- a/default.env
+++ b/default.env
@@ -226,8 +226,8 @@ NIMEL_DOCKERFILE=Dockerfile.source
 # Reth
 # SRC build target can be a tag, a branch, or a pr as "pr-ID"
 RETH_SRC_BUILD_TARGET=main
-RETH_DOCKER_TAG=nonesuch
-RETH_DOCKERFILE=Dockerfile.source
+RETH_DOCKER_TAG=latest
+RETH_DOCKERFILE=Dockerfile.binary
 
 # staking-deposit-cli
 # SRC build target can be a tag, a branch, or a pr as "pr-ID"
diff --git a/reth/Dockerfile.binary b/reth/Dockerfile.binary
new file mode 100644
index 00000000..d49139fa
--- /dev/null
+++ b/reth/Dockerfile.binary
@@ -0,0 +1,34 @@
+ARG DOCKER_TAG
+FROM ghcr.io/paradigmxyz/reth:${DOCKER_TAG}
+
+# Unused, this is here to avoid build time complaints
+ARG BUILD_TARGET
+
+ARG USER=reth
+ARG UID=10001
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -y --no-install-recommends \
+  ca-certificates \
+  tzdata \
+  gosu \
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/*
+
+# See https://stackoverflow.com/a/55757473/12429735RUN
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --shell "/sbin/nologin" \
+    --uid "${UID}" \
+    "${USER}"
+
+RUN mkdir -p /var/lib/reth/ee-secret && chown -R ${USER}:${USER} /var/lib/reth && chmod -R 700 /var/lib/reth && chmod 777 /var/lib/reth/ee-secret
+
+# Cannot assume buildkit, hence no chmod
+COPY --chown=${USER}:${USER} ./docker-entrypoint.sh /usr/local/bin/
+# Belt and suspenders
+RUN chmod -R 755 /usr/local/bin/*
+
+USER ${USER}
+
+ENTRYPOINT ["reth", "node"]