Intermediate1 hourMCP (Model Context Protocol) · Python / TypeScript

MCP Agent Starter

Fast Start

What you will have in minutes

A locally running, ECZ-ID-backed agent scaffold with resolver-verifiable identity hooks, a credential manifest, and Resolver verification ready to run.

What you do first — in order

1Get starter scaffold— copy starters/[kit-slug]/ from the Developer Gateway2Install dependencies— Python 3.10+ or Node 18+3Go to TrustOps /start— acquire ECZ-ID credentials4Paste credentials— into your config file5Run locally— test identity flows6Verify via Resolver— confirm verifiable status7Deploy into your environment— no vendor lock-in

What comes back from TrustOps

Agent ECZ-ID(s)
Credential manifest (JSON, discovery only)
API keys issued in TrustOps

Success looks like

Resolver returns a resolver-verifiable state for your Agent ECZ-ID. You can share it with any party without an account.

1What This Kit Builds

A model-agnostic agent using the Model Context Protocol with ECZ-ID trust anchors. This kit produces an agent that connects to any MCP-compatible model while maintaining resolver-verifiable identity chains, enabling trusted multi-model orchestration with resolver-verifiable provenance.

2Who It Is For

Developers building model-agnostic AI agents that need to work across multiple LLM providers. Ideal for teams that want to avoid model vendor lock-in while maintaining resolver-verifiable identity and trust infrastructure across model switches.

3Why ECZ-ID Matters Here

When agents can switch between models, identity becomes even more critical. ECZ-ID ensures the agent’s resolver-verifiable identity persists regardless of which model is executing, making multi-model agents commercially legible and consistently verifiable through Resolver.

4Architecture

MCP Protocol Layer

Standard Model Context Protocol integration supporting any MCP-compatible model provider.

Model Router

Routes requests to appropriate models based on capability, cost, and availability while maintaining identity context.

ECZ-ID Trust Anchor

Persistent identity layer that remains constant regardless of which underlying model is active.

Context Window Manager

Manages identity context injection across model context windows, ensuring trust metadata persists.

Trust Metadata Passthrough

Ensures ECZ-ID trust metadata flows through MCP protocol boundaries without loss.

Multi-Model Audit Bridge

Unified audit logging across model switches, maintaining provenance continuity.

5Build Steps Overview

Clone the MCP agent starter

Pull the template with MCP protocol integration scaffolding.

Install dependencies

Install MCP client libraries, ECZ-ID SDK, and model provider adapters.

Configure MCP endpoints

Set up connections to your MCP-compatible model providers.

Define model routing rules

Specify how requests are routed across models and fallback logic.

Review trust anchor patterns

Understand how identity persists across model boundaries before credentialing.

Trust Map

Required Passports

ECZ-ID Business PassportAgent Credential

Recommended Passports

API PassportAI Model Passport

Relevant Packages

KYA Ready Pack™AI Provenance Pack

What Each Enables

ECZ-ID Business Passport: Organisation-level identity anchor for model-agnostic agents

Agent Credential: Persistent resolver-verifiable identity across model switches

API Passport: Evidence-linked handoffs between MCP-compatible model endpoints

AI Model Passport: Provenance verification for each underlying model

6TrustOps Credentialing Checkpoint

TrustOps Credentialing Checkpoint

Pause here to acquire your required ECZ-ID trust objects

This is a designed pause point in your build process. Before continuing, you need to acquire the required ECZ-ID passports and credentials from TrustOps. This midpoint credentialing approach ensures your agent is built with resolver-verifiable identity from the start—not bolted on after the fact.

Required Passports

ECZ-ID Business Passport
Agent Credential

Recommended Passports

API Passport
AI Model Passport

Relevant Packages

KYA Ready Pack™AI Provenance Pack

What You Must Acquire in TrustOps

ECZ-ID Business Passport

Enables: Parent organisation identity anchoring agent credentials

Agent Credential

Enables: Unique resolver-verifiable identity that persists across model switches

API Passport (recommended)

Enables: Verified API handoffs across MCP-compatible model providers

AI Model Passport (recommended)

Enables: Verification of each underlying model’s provenance

What You Bring Back from TrustOps

Agent ECZ-ID

Your agent’s unique, model-agnostic resolver-verifiable identity

Agent Credential Manifest

Declared capability metadata and model-independent operational boundaries

API Keys

Production ECZ-ID API keys for trust anchor management

Model Trust Configuration

Trust metadata templates for each connected model provider

Continue in TrustOps View Required ECZ-ID Package

9Return and Complete Integration

With your TrustOps credentials in hand, return here to complete the final build steps.

Inject agent credentials

Add your Agent ECZ-ID and API keys to the MCP agent configuration.

Configure trust anchors

Wire ECZ-ID trust anchors into the MCP protocol layer.

Test model switching

Verify identity persistence when switching between model providers.

Validate passthrough

Confirm trust metadata passes correctly through MCP boundaries.

Enable unified audit

Activate cross-model audit logging with identity anchoring.

10Verify Through Resolver

Verify agent identity

Query your agent’s ECZ-ID through Resolver regardless of which model is active.

Verify cross-model provenance

Trace an output back through model switches to confirm continuous identity chain.

Check model evidence records

If using AI Model Passports, look up the recorded provenance of each connected model.

Validate trust continuity

Confirm resolver state remains consistent across model transitions.

Verify with Resolver

11Deploy Into Your Environment

ECZ-ID-backed agents are portable. Your resolver-verifiable identity travels with your agent regardless of deployment target after TrustOps and Resolver checks. No vendor lock-in.

Any cloud provider (AWS, GCP, Azure)

Self-hosted infrastructure

Kubernetes clusters

Docker containers

Edge compute (with MCP support)

Hybrid multi-cloud

12Limits & Non-Claims

This kit does not provision ECZ-ID credentials. All credentialing happens through TrustOps.
This kit does not provide MCP model access. Model provider relationships are separate.
Identity verification is model-agnostic but requires real ECZ-ID credentials.
MCP protocol compatibility depends on model provider support.
Resolver state reflects agent behaviour, not underlying model quality.

Ready to Build This Agent?

Start with the build steps above, credential through TrustOps, and deploy your resolver-verifiable agent anywhere.

Continue in TrustOps View All Starter Kits