Well, my suggestion is to look around, how others have done.
For example, the big game portals, like kongregate. It has it's own api, it has lots and lots of games so it would be logical to assume they also have had lots and lots of problems
Also, I think that google had a gameportal thingy (cant' remember the name) and a scores api.
Okay, I took a look around.
It seems that most of these places (Kongregate included) has problems with keeping their highscore table safe. Not because people figure out an exploit in the submitting process, but because they edit the score in the actual game. No kind of security on the highscore end can prevent this, sadly.
I guess it just goes to show that it is an almost impossible task, with Cheat Engine out there.
However, I think I'm going to encrypt all the fields in the JSON, just to add another layer for the actual network hackers.
I'm also thinking about adding a data-array to the JSON, containing data about the game.
That way, developers can plug-in their game-specific values and do validatory calculations on them, on the server. I'm confident that would stop Cheat Engine-powered cheats.
What do you think of this? Are these good ideas, or am I unnecessarily obscuring this for developers?