Dr. McKay

You have to use the game client code somehow, whether that's injection or hooking or whatever. The GC only sends the raw data (paint seed, paint index, wear, etc) but the code to turn that into a model or image is only inside the game client.

Cursor is wrong. Passing the httpProxy option to LoginSession is unnecessary because the CMAuthTransport handles proxying already. All login communication happens through the same proxied TCP/WS connection as all other Steam client communication.

It's possible that the request is no longer supported by Steam.

740 is not the right AppID, use 730.

The /inventory endpoint is newer and provides more up-to-date data. But the trade offer UI does still use this endpoint, so you should be safe to use it even if it's marked as deprecated.

1. There's no reason to think you'd be banned for using this endpoint.
2. It's already there: TradeOffer#loadPartnerInventory

Not currently possible but it's on my list of things to do

It's available under artifacts on SteamKit's GitHub Actions (you need to login to GitHub to download): https://github.com/SteamRE/SteamKit/actions

No, you'll need to login twice.

Yes, use getAppBetaDecryptionKeys.

I don't know why you'd get DuplicateRequest when logging in if you're doing everything correctly. Maybe the code was already used?

You're getting DuplicateRequest in the login callback?

Basically just do exactly what the login-with-password example shows, and once you have webCookies then you can call community.setCookies(webCookies)

In admin command prompt: rundll32.exe NetHook2.dll,Inject

Show your code please.

Either event should be fine to determine if using a backpack expander succeeded, although personally I'd probably use itemRemoved.

Not really. The best you could do is check whether either party is not tradable.

Trade bans can be checked with the GetPlayerBans WebAPI method.

Escrow can be checked with the GetTradeHoldDurations WebAPI method.

getUserDetails() works by loading the tradeoffer page (using the user's trade link) and scraping the results from the HTML.

Yeah, no reason that shouldn't work.

You can't mobile confirm a trade offer without having your account's identity_secret, which is present in the mafile.

You're far more than one step away. Joining a community server is not supported and never will be, as you'd have to implement VAC which nobody has been insane enough to try.

Where are you getting a 'ready' event from? No such event exists in globaloffensive. It's connectedToGC.

It wouldn't show as in-game on the profile unless you set your persona state to Online with the setPersona() method, although that wouldn't affect connecting to the GC.

Are you still using your modifications to global offensive? Try getting rid of those, as those weren't your problem.

Set your client's persona state to Online and then check the account's Steam profile to make sure it's actually launching CS. If it doesn't appear as in-game, you're doing something else wrong.

This is normal if your steam-user client shut down without properly logging off recently. I believe what happens is the GC never receives a notification of the client disconnecting, so it keeps your session active even though you're no longer there. You can typically solve this by calling logOff() if you don't get a session in a reasonable time, then logging on again.