Just learned from @danfinlay that Metamask uses Parity on-chain registry for looking up methods from the data payload on a transaction request.
https://www.bokconsulting.com.au/blog/a-quick-look-at-paritys-signature-registry-contract/
There is a javascript library on Github to make this super simple to use.
This still doesn’t solve the full scope of this issue but is definitely a significant step forward in the right direction! 