diff --git a/common/tools/cointool.py b/common/tools/cointool.py
index 92bce0490..cf6b69de2 100755
--- a/common/tools/cointool.py
+++ b/common/tools/cointool.py
@@ -507,6 +507,27 @@ def check_fido(apps):
         print_log(logging.ERROR, webauthn_str, bucket_str)
         check_passed = False
 
+    domain_hashes = {}
+    for app in apps:
+        if "webauthn" in app:
+            for domain in app["webauthn"]:
+                domain_hashes[sha256(domain.encode()).digest()] = domain
+    for app in apps:
+        if "u2f" in app:
+            for u2f in app["u2f"]:
+                domain = domain_hashes.get(bytes.fromhex(u2f["app_id"]))
+                if domain:
+                    print_log(
+                        logging.ERROR,
+                        "colliding WebAuthn domain "
+                        + crayon(None, domain, bold=True)
+                        + " and U2F app_id "
+                        + crayon(None, u2f["app_id"], bold=True)
+                        + " for "
+                        + u2f["label"],
+                    )
+                    check_passed = False
+
     for app in apps:
         if "name" not in app:
             print_log(logging.ERROR, app["key"], ": missing name")