Well, you can't hide that. What minify does is shortens the names of all variables and objects and removes unnecessary blank spaces and all, to shorten the size of the code. It does also obfuscates the code. But that doesn't affect Strings.
If you use JavaScript, you can somehow make it difficult for the hacker/attacker to understand code by obfuscating it and by string manipulation (encoding/decoding) your strings and using fake codes. (That's what I do in my firebase plugins)
But still that's not enough. That's where the Security Rules comes into play. And you can also restrict your Firebase project to allow Reads/Writes from a specific domain only domains from the Google Developers Console.