Integration Guide
MCP Integration
The Model Context Protocol (MCP) gives AI agents a standard way to discover and call external tools. TruCore uses MCP to expose policy enforcement, operator control, and verifiable receipts as tools that any MCP-compatible agent runtime can call directly.
What is MCP?
MCP is an open protocol for connecting large language model applications to external data sources and tools. It defines a standard lifecycle for tool discovery, invocation, and response handling so agent runtimes do not need custom integrations for every service they use.
MCP includes concepts such as tools (callable operations), resources (readable data), lifecycle management, and optional authorization for HTTP transports. The current protocol version is 2025-11-25. Multiple agent runtimes and platforms now support MCP as a standard integration surface, including OpenAI's Apps SDK which uses an MCP server model to define app capabilities.
Why MCP Matters for Agent Systems
Autonomous agents that execute high-value operations (trading, transfers, contract calls) need guardrails that are not hard-coded into every agent. MCP provides a standard way for agents to call enforcement tools before execution, receive structured decisions, and verify results afterward. This means:
- No bespoke glue. Agents call TruCore through MCP tool invocations instead of custom API wrappers.
- Runtime-agnostic. Any agent framework that speaks MCP can use TruCore without framework-specific plugins.
- Composable enforcement. Policy checks, simulation, and receipt verification are separate tools that agents can call in the order their workflow requires.
How TruCore Fits
TruCore's hosted MCP endpoint exposes five tools that cover the full advisory-to-enforcement loop for agent transactions:
| Tool | Type | Description |
|---|---|---|
| probe_transaction | Advisory | Lightweight policy pre-check on a candidate intent. Returns a quick pass/fail signal without full simulation. |
| simulate_transaction | Advisory | Full simulation against active policies and current conditions. Returns detailed evaluation results. |
| protect_transaction | Authoritative | Binding policy enforcement decision. Returns an approved permit with receipt or a denial. This is the enforcement gate. |
| verify_receipt | Verification | Deterministic hash verification on an execution receipt. Confirms the receipt has not been tampered with. |
| explain_decision | Advisory | Human-readable explanation of a prior decision with reason codes. Useful for observability and debugging. |
The integration model is straightforward: an MCP server exposes protected transaction tools. Agents call TruCore through MCP instead of building bespoke integration code. TruCore remains the policy and receipt layer while the agent runtime handles tool orchestration, signing, and submission.
Canonical MCP Flow
- Agent runtime discovers TruCore tools via the MCP endpoint.
- Agent calls
probe_transactionfor a lightweight pre-check on a candidate intent. - Agent calls
simulate_transactionfor full policy simulation. - Agent calls
protect_transactionto get a binding enforcement decision (approved permit or denial). - If approved, the agent signs and submits the transaction independently.
- Agent calls
verify_receiptto confirm receipt integrity. - Optionally, agent calls
explain_decisionfor human-readable audit output.
Important
MCP does not sign or submit transactions. The agent remains responsible for key management and chain submission. TruCore evaluates, enforces, and produces receipts.
Security and Trust
- Policy gate before execution. Every intent passes through policy evaluation before the agent can proceed. Denied intents never reach signing or submission.
- Deterministic outputs. The same input produces the same decision. Receipt hashes are reproducible from canonicalized decision data.
- Verifiable receipts. Every enforcement decision produces a tamper-evident receipt that can be independently verified without contacting TruCore.
- Operator control. Operators define spend caps, slippage bounds, protocol allowlists, and cooldown windows. Agents cannot override these policies.
- Tier-scoped entitlement. MCP access is scoped to each tenant's entitlement tier. Tooling availability follows the same plan-based gating as the REST API.
Current Status
TruCore's hosted MCP endpoint is available today with five tools covering the full advisory-to-enforcement loop. Agents can discover tools, probe and simulate intents, request binding enforcement decisions, verify receipts, and explain decisions through the MCP protocol surface.
For full tool inventory, endpoint details, and tier-based access, see Integration Surfaces: Hosted MCP.
Next Steps
- Integration Surfaces for the full MCP tool inventory, REST API endpoints, CLI commands, and OpenClaw plugin reference.
- First Protected Trade to run the golden-path workflow using the HTTP API or CLI.
- Integration Pattern for the Agent to ATF to Execution flow diagram and code examples.
- Agent Discovery for machine-readable manifests and OpenClaw plugin details.
- Receipts and Trust for receipt verification semantics and verification guarantees.