Allow Advanced Permissions metadata in signtypeddata payload

[jeffsmale90]

Explanation

#8526 adds tighter validation to signtypeddata v4 payloads, to ensure that no extraneous properties are added.

This additional validation disallows Advanced Permissions metadata which is used to communicate the origin and justification of the permission.

This change loosens the validation just enough to allow metadata: { justification: string; origin: string } as a property on the payload that is not used within the message encoding.

References

#8526
MetaMask/metamask-extension#42181

Checklist

• I've updated the test suite for new or updated code as appropriate
• I've updated documentation (JSDoc, Markdown, etc.) for new or updated code as appropriate
• I've communicated my changes to consumers by updating changelogs for packages I've changed
• I've introduced breaking changes in this PR and have prepared draft pull requests for clients and consumer packages to resolve them

---

Note

Medium Risk
Touches security-adjacent request validation for typed-data signing; while the new metadata allowance is tightly constrained, any loosening here could affect input filtering behavior.

Overview
Relaxes signTypedData (V4) payload validation to permit an additional top-level metadata field used by Advanced Permissions.

validateTypedMessageKeys now explicitly allows metadata and enforces it is exactly { justification: string, origin: string } (rejecting non-objects, missing/typed fields, or extra keys), with new unit tests covering the allowed and rejected cases; changelog updated accordingly.

^{Reviewed by Cursor Bugbot for commit 17f9432. Bugbot is set up for automated code reviews on this repo. Configure here.}