One other bit of color.
An agency that provides software/services to use sovrin will certainly play a role in the ecosystem. The company I work for, Evernym, is an example of such an agency, and there are others as well.
However, I wouldn’t describe the agency as “trusted”–at least, not in the way that cybersecurity people use that word. You don’t give your secrets to an agency to hold for you; you use it to move encrypted bits around, maybe host an endpoint for you, maybe do backups, etc. You assume that your agency is largely delivering the services you pay it for–but that’s as far as the trust goes. This is an important point, because if you have that mindset, you build an architecture where a hacked agency doesn’t endanger you as a user.