We propose a DecryptStrapper and Dually Lever-aged Deployment (DS+DLD), a protocol to authenticate tenant-side design checks for trusted cloud FPGA deployment. Current methods require tenants to trust the cloud FPGA provider with their designs for inspection and allow for no method to confirm the confidentiality of the design check process (without Trusted Execution Environments which have a performance overhead). As a result, there is a clear need for a protocol that allows both tenants and providers to cooperate when deploying FPGA configuration files in a trusted way. DS+DLD works by combining the hash of a compiled bitstream with the hash of the design rule or virus scan results, preventing tenants from uploading bitstreams with falsified results while also never exposing an unencrypted bitstream to the Cloud FPGA Provider (CFP). The result is sent along with an encrypted version of the bitstream to the cloud provider, who recovers the hash of the bitstream and forwards the encrypted bitstream to a Root-of-Trust on the FPGA to program. This Root-of-Trust, known as DecryptStrapper (DS), checks the hash provided by the CFP against the recovered bitstream to confirm they match before programming the FPGA. This ensures that both parties are satisfied with the design in a process we call Dually Leveraged Deployment, forming DS+DLD. As DS+DLD does not use true Trusted Execution Environments (TEEs), the compilation overhead is minimal. We find that our method, while marginally slower than others that fail to provide the same level of coverage, manages to outperform the most similar method, completing 1.06x-3x faster when including compile-time and up to 1. 5x faster when not, while also addressing a larger amount of potential vulnerabilities.