Dr. McKay

My bad, I'd thought you said above that RemoveSticker did exist. Try using Language.ApplySticker instead. It may be that including the extra properties broke things for you.

Try this: GlobalOffensive.prototype.scrapeSticker = function(item_id, stickerslot) { this._send(Language.RemoveSticker, Protos.CMsgApplySticker, { item_item_id: item_id, sticker_slot: stickerslot, sticker_wear: 1 }); }

You'd need to use getPersonas for that.

No bother, I fixed the bug in response to this thread. It was in one of steam-session's dependencies which I maintain.

This was a bug. Run npm update and you should be set.

This is correct. Access tokens are only useful when using EAuthTokenPlatformType.MobileApp.

Between your two screenshots, it kinda looks to me like g_ProcessPersonaSemaphore is somehow hanging at some point. The semaphore is backed by a linked list, and I see a lot of prev pointers in your OP screenshot. I don't really see why it would hang though, all code paths end in releasing the lock. That would also cause SteamID objects to pile up, as you're seeing in your heap snapshot. In any case, try 4.28.4 and see if that fixes things for you.

You can intercept and inspect Steam traffic using NetHook to see what the game is sending to the GC. I didn't see any RemoveSticker protobuf definitions in the files, so my guess would be that it's using CMsgApplySticker for removals, but not setting sticker_item_id or baseitem_defidx.

If you only need to confirm the trade, you can do that directly with steamcommunity. If you need to accept the trade, this isn't a supported use-case for steam-tradeoffer-manager. You'd have to craft the accept request yourself.

I'm pretty confident that sharedfile IDs are just simple incrementing integers. No real way to determine if a given input is a sharedfile without making a request.

You don't need sessionid or steamcountry. There are no restrictions if you don't set them.

I'm not sure under what conditions DLCs show up in its output, but you could try using the GetOwnedApps WebAPI method.

Once you have cookies set, you're logged in (assuming they're still valid). You don't need to call login again. And yes, steamLoginSecure is all you should need, although you might run into trading problems if you don't also include steamMachineAuth<steamid>, if the cookies didn't come from steam-user.

CasketItemLoadContents doesn't return anything sane, because it's Valve. When you send it, you get back a bunch of SO_Create messages for the items in the casket. Basically, they get added to your inventory as if they were presently in your inventory, even though they aren't. That's where you need to check those two attributes to determine which items are in the casket.

setCookies expects an array.

You can't do it with steam-user.

You might run into fewer rate limits using steam-session to login and get your cookies.

Yes. Those attributes indicate which casket an item is contained in. When you fetch a casket's contents, the items inside of it are spat into your inventory as standard CSOEconItem objects, and you need to check attributes 272 and 273 to figure out which items are contained within the casket. Those messages just get sent automatically. There's nothing you need to send to request them. You need to listen for all of those messages. SO_Create is sent when you receive a new item, SO_Update is sent when an item in your inventory is changed in some way, SO_UpdateMultiple is the equivalent of multiple SO_Update messages.

Not as far as I'm aware. I'm not super familiar with CS:GO stuff.

getInventoryHistory was written years ago, before the inventory history page showed more than just trades. I'm not aware of anything that scrapes the newer full inventory history page.

getInventoryHistory is deprecated and I'd be surprised if it still works. You should use IEconService/GetTradeHistory instead.

Every GC is just a copy of TF2, so check out the documentation on the TF2 wiki. value_bytes is not a serialized protobuf message. You need to either read that value as an integer or a float (little-endian), depending on what the item schema specifies the type of the attribute should be.

You can either pass the steamID property from the offer, or the SteamID as you're doing in that last example, but the U needs to be capital. The ID type character is case-sensitive. So, for example, either of these will work: let offer = manager.createOffer(tradeUrl); manager.getUserInventoryContents(offer.partner, 440, 2, true, (err, inv) => { console.log(`Got ${inv.length} items`); }); // OR manager.getUserInventoryContents(`[U:1:${accountid}]`, 440, 2, true, (err, inv) => { console.log(`Got ${inv.length} items`); });

Either you're on an old version of steam-tradeoffer-manager, or your trade url isn't valid.

I'm not aware of any way to do that without rooting/jailbreaking the phone.