I'd like to create an app requiring smart contracts where only 2 parties would know ETH address and an amount needed to send there for some code to execute. Is it possible to do that?
Your code is immutable and hackers can't mess with your code. They can execute it like everyone else but that is it. If you leave a hole in your system so anyone can enter and execute the code they can cause damage via that hole, you can look up the DAO exploit as an example.
Anyone can see your compiled byte code on the blockchain, but in order to understand how it works they would need precompiled human readable code. As long as you keep private the human version they will only have access to the byte code. Currently, there isnt a way to get human code from compiled code.
So to answer your question your contract is public, but as long as you dont publish the address, human readable code, or the amount needed you should be fine. That being said, you should try to avoid keeping information that you need to stay private on the chain and I would also advice getting any smart contract you have audited by a third party.