MetaMask · jiexi · Dec 21, 2025 · Dec 21, 2025 · Dec 21, 2025 · cursor
@@ -141,6 +141,86 @@ describe('DeeplinkProtocolService', () => {
       service.setupBridge(clientInfo);
       expect(setupBridgeSpy).toHaveReturned();
     });
+
+    it('should throw error when originatorInfo.url is "metamask"', () => {
+      const clientInfo: DappClient = {
+        clientId: 'client1',
+        originatorInfo: {
+          url: 'metamask',
+          title: 'Test',
+          platform: 'test',
+          dappId: 'dappId',
+        },
+        connected: false,
+        validUntil: Date.now(),
+        scheme: 'test',
+      };
+
+      expect(() => service.setupBridge(clientInfo)).toThrow(
+        'Connections from metamask origin are not allowed',
+      );
+      expect(service.bridgeByClientId[clientInfo.clientId]).toBeUndefined();
+    });
+
+    it('should throw error when originatorInfo.title is "metamask"', () => {
+      const clientInfo: DappClient = {
+        clientId: 'client1',
+        originatorInfo: {
+          url: 'https://example.com',
+          title: 'metamask',
+          platform: 'test',
+          dappId: 'dappId',
+        },
+        connected: false,
+        validUntil: Date.now(),
+        scheme: 'test',
+      };
+
+      expect(() => service.setupBridge(clientInfo)).toThrow(
+        'Connections from metamask origin are not allowed',
+      );
+      expect(service.bridgeByClientId[clientInfo.clientId]).toBeUndefined();
+    });
+
+    it('should allow connection when originatorInfo contains "metamask" as substring', () => {
+      const clientInfo: DappClient = {
+        clientId: 'client1',
+        originatorInfo: {
+          url: 'https://my-metamask-dapp.com',
+          title: 'My MetaMask App',
+          platform: 'test',
+          dappId: 'dappId',
+        },
+        connected: false,
+        validUntil: Date.now(),
+        scheme: 'test',
+      };
+
+      expect(() => service.setupBridge(clientInfo)).not.toThrow();
+      expect(service.bridgeByClientId[clientInfo.clientId]).toBeInstanceOf(
+        BackgroundBridge,
+      );
+    });
+
+    it('should allow connection when originatorInfo has valid url and title', () => {
+      const clientInfo: DappClient = {
+        clientId: 'client1',
+        originatorInfo: {
+          url: 'https://example.com',
+          title: 'Example Dapp',
+          platform: 'test',
+          dappId: 'dappId',
+        },
+        connected: false,
+        validUntil: Date.now(),
+        scheme: 'test',
+      };
+
+      expect(() => service.setupBridge(clientInfo)).not.toThrow();
+      expect(service.bridgeByClientId[clientInfo.clientId]).toBeInstanceOf(
+        BackgroundBridge,
+      );
+    });
   });
   describe('sendMessage', () => {
     it('should handle sending messages correctly', async () => {

@@ -2,6 +2,10 @@ import { KeyringController } from '@metamask/keyring-controller';
 import { NetworkController } from '@metamask/network-controller';
 import { PermissionController } from '@metamask/permission-controller';
 import { OriginatorInfo } from '@metamask/sdk-communication-layer';
+import {
+  ORIGIN_METAMASK,
+  toChecksumHexAddress,
+} from '@metamask/controller-utils';
 import { Linking } from 'react-native';
 import { PROTOCOLS } from '../../../constants/deeplinks';
 import AppConstants from '../../../core/AppConstants';
@@ -23,7 +27,6 @@ import handleCustomRpcCalls from '../handlers/handleCustomRpcCalls';
 import DevLogger from '../utils/DevLogger';
 import { wait, waitForKeychainUnlocked } from '../utils/wait.util';
 import { AccountsController } from '@metamask/accounts-controller';
-import { toChecksumHexAddress } from '@metamask/controller-utils';
 import {
   Caip25CaveatType,
   Caip25EndowmentPermissionName,
@@ -100,6 +103,15 @@ export default class DeeplinkProtocolService {
       return;
     }
 
+    if (
+      (clientInfo.originatorInfo.url &&
+        clientInfo.originatorInfo.url === ORIGIN_METAMASK) ||
+      (clientInfo.originatorInfo.title &&
+        clientInfo.originatorInfo.title === ORIGIN_METAMASK)
+    ) {
+      throw new Error('Connections from metamask origin are not allowed');
+    }
+
     const defaultBridgeParams = getDefaultBridgeParams(clientInfo);
 
     const bridge = new BackgroundBridge({

@@ -123,4 +123,43 @@ describe('setupBridge', () => {
       }),
     );
   });
+
+  it('should throw error when originatorInfo.url is "metamask"', () => {
+    connection.backgroundBridge = undefined;
+    originatorInfo.url = 'metamask';
+
+    expect(() => setupBridge({ originatorInfo, connection })).toThrow(
+      'Connections from metamask origin are not allowed',
+    );
+    expect(BackgroundBridge).not.toHaveBeenCalled();
+  });
+
+  it('should throw error when originatorInfo.title is "metamask"', () => {
+    connection.backgroundBridge = undefined;
+    originatorInfo.url = 'https://example.com';
+    originatorInfo.title = 'metamask';
+
+    expect(() => setupBridge({ originatorInfo, connection })).toThrow(
+      'Connections from metamask origin are not allowed',
+    );
+    expect(BackgroundBridge).not.toHaveBeenCalled();
+  });
+
+  it('should allow connection when originatorInfo contains "metamask" as substring', () => {
+    connection.backgroundBridge = undefined;
+    originatorInfo.url = 'https://my-metamask-dapp.com';
+    originatorInfo.title = 'My MetaMask App';
+
+    expect(() => setupBridge({ originatorInfo, connection })).not.toThrow();
+    expect(BackgroundBridge).toHaveBeenCalled();
+  });
+
+  it('should allow connection when originatorInfo has valid url and title', () => {
+    connection.backgroundBridge = undefined;
+    originatorInfo.url = 'https://example.com';
+    originatorInfo.title = 'Example Dapp';
+
+    expect(() => setupBridge({ originatorInfo, connection })).not.toThrow();
+    expect(BackgroundBridge).toHaveBeenCalled();
+  });
 });
@@ -5,6 +5,7 @@ import getRpcMethodMiddleware, {
 } from '../../RPCMethods/RPCMethodMiddleware';
 
 import { OriginatorInfo } from '@metamask/sdk-communication-layer';
+import { ORIGIN_METAMASK } from '@metamask/controller-utils';
 import Logger from '../../../util/Logger';
 import { Connection } from '../Connection';
 import DevLogger from '../utils/DevLogger';
@@ -22,6 +23,13 @@ export const setupBridge = ({
     DevLogger.log(`setupBridge:: backgroundBridge already exists`);
     return connection.backgroundBridge;
   }
+
+  if (
+    (originatorInfo.url && originatorInfo.url === ORIGIN_METAMASK) ||
+    (originatorInfo.title && originatorInfo.title === ORIGIN_METAMASK)
+  ) {
+    throw new Error('Connections from metamask origin are not allowed');
+  }
   const backgroundBridge = new BackgroundBridge({
     webview: null,
     isMMSDK: true,

@@ -600,6 +600,62 @@ describe('ConnectionRegistry', () => {
       expect(mockHostApp.hideConnectionLoading).toHaveBeenCalledTimes(1);
       expect(mockStore.save).not.toHaveBeenCalled();
     });
+
+    it('blocks connection requests with `metamask` as origin', async () => {
+      registry = new ConnectionRegistry(
+        RELAY_URL,
+        mockKeyManager,
+        mockHostApp,
+        mockStore,
+      );
+
+      const blockedRequest = {
+        ...mockConnectionRequest,
+        metadata: {
+          ...mockConnectionRequest.metadata,
+          dapp: {
+            ...mockConnectionRequest.metadata.dapp,
+            url: 'metamask',
+          },
+        },
+      };
+
+      const blockedDeeplink = `metamask://connect/mwp?p=${encodeURIComponent(
+        JSON.stringify(blockedRequest),
+      )}`;
+
+      await registry.handleConnectDeeplink(blockedDeeplink);
+
+      expect(mockHostApp.showConnectionError).toHaveBeenCalledTimes(1);
+      expect(Connection.create).not.toHaveBeenCalled();
+      expect(mockStore.save).not.toHaveBeenCalled();
+    });
+
+    it('blocks connection requests with `metamask` as dapp name', async () => {
+      registry = new ConnectionRegistry(
+        RELAY_URL,
+        mockKeyManager,
+        mockHostApp,
+        mockStore,
+      );
+
+      const blockedRequest = {
+        ...mockConnectionRequest,
+        metadata: {
+          ...mockConnectionRequest.metadata,
+          dapp: {
+            ...mockConnectionRequest.metadata.dapp,
+            name: 'metamask',
+          },
+        },
+      };
+
+      const blockedDeeplink = `metamask://connect/mwp?p=${encodeURIComponent(
+        JSON.stringify(blockedRequest),
+      )}`;
+
+      await registry.handleConnectDeeplink(blockedDeeplink);
+    });
   });
 
   describe('disconnect', () => {

@@ -16,6 +16,7 @@ import { ACTIONS, PREFIXES } from '../../../constants/deeplinks';
 import { decompressPayloadB64 } from '../utils/compression-utils';
 import { whenStoreReady } from '../utils/when-store-ready';
 import Engine from '../../Engine';
+import { ORIGIN_METAMASK } from '@metamask/controller-utils';
 
 /**
  * The ConnectionRegistry is the central service responsible for managing the
@@ -169,6 +170,14 @@ export class ConnectionRegistry {
 
     try {
       const connReq = this.parseConnectionRequest(url);
+      if (
+        (connReq.metadata.dapp.url &&
+          connReq.metadata.dapp.url === ORIGIN_METAMASK) ||
+        (connReq.metadata.dapp.name &&
+          connReq.metadata.dapp.name === ORIGIN_METAMASK)
+      ) {
+        throw new Error('Connections from metamask origin are not allowed');
+      }
       connInfo = this.toConnectionInfo(connReq);
       this.hostapp.showConnectionLoading(connInfo);
       conn = await Connection.create(