When one fetches code from an untrusted source it is not currently feasible to show secrets to that code, for it may export those secrets. Java applets are limited in their access to the local machine, but unlimited in their communications ability. But such applications may have legitimate needs to call home for additional code after they have seen the job to be done.

If a DataBank is trusted not to disclose what data it provides copies of, it can be used in the role of a discreet proxy. Suppose that I have managed to confine some computation to a compartment. The compartment may be a physical computer or, with some operating systems, a portion of a physical computer, or with some interpreters, a confined applet. If I connect that compartment to a discreet proxy then an application in that compartment can summon extensions to itself or even other applications to serve as a sub-contractor. If that connection is secure, the proxy truly discreet and the compartment wall indeed impervious to outgoing signals, then the application is still unable to export secrets which have been given to it. The proxy, communications channel and discreet proxy have then become a larger confined compartment.

The arrangement can be made if the compartment logic maintains a set of the public DH keys of the proxies it deems to be discreet. The application can have its own list of proxies where suitable data may be found. If there is an intersection then the computation can proceed.
This protocol is silent on the issue of payment for software services. Indeed payment seems to be at odds with discretion, but an engineering trade-off is described here. That scheme can be extended to cover use of the discreet proxy.

This is a special case of a more general situation that Markm describes. Using Markm's terminology, the proxy referred to above (necessarily trusted for confinement) can be subdivided into parts only some of which need be trusted. In particular we must trust:

We need not trust the code X that determines what code or data it must remit to the client, because X is confined.