The invention provides techniques for implementing secure transactions using an instrument referred to as "executable digital cash." In an illustrative embodiment, a first user generates a piece of digital cash representing an offer made by that user. The piece of digital cash includes a digital certificate authorizing the first user to make specified transfers, and an offer program characterizing the offer. The piece of digital cash is broadcast or otherwise transmitted to one or more additional users, utilizing a mobile agent or other suitable mechanism, such that a given one of these users can evaluate the offer using the offer program. For example, a second user could execute the offer program with a specific bid as an input to determine what that user would receive upon acceptance of his bid. If the result is acceptable to the second user, that user generates a bid capsule including the bid, the corresponding output of the offer program, and another certificate authorizing the second user to make the transfer specified in the bid. The bid capsule is submitted to an institution for processing in accordance with a policy which may be specified in the piece of digital cash. The institution selects one or more winning bids and implements the corresponding transactions. Digital signatures generated using secret keys associated with the certificates of the first and second users are utilized to ensure adequate security for the transmitted offer and bid information.