Big thanks, on 4 step i've got a buffer for request: 146A5F50F269A90E02000000 and noticed that F269A90E (Int32: 245983730) doesn't change on ClientMicroTxnAuthorize and txn_id (on GCStorePurchaseInitResponse) equal to orderid, but still I didn't get the response after request, I'm using node-steam
var payload = new ByteBuffer(0, ByteBuffer.LITTLE_ENDIAN);
payload.writeUInt32(data.transID.toInt()); // data.transID.toInt() == 1144076083
payload.append('F269A90E02000000', 'hex'); // == 371DB34FF269A90E02000000
steamClient.send({ msg: EMsg.ClientMicroTxnAuthorize, proto: {} }, payload.buffer);
Okay, here's the flow of how this works: CS:GO client sends a GCStorePurchaseInit to the GC with the items you want to buy You get back a GCStorePurchaseInitResponse containing a result (1 = OK) and a transaction ID (64-bit, even though it can currently fit into 32 bits) Concurrently, you get a ClientMicroTxnAuthRequest message via Steam. Discard the first byte of the payload (seems to be 1 in the dump you sent, not sure if that's always the case or what the significance of it is), then decode the remainder of the payload as Binary KeyValues (require('binarykvparser').parse(payload.toBuffer().slice(1))). The interesting stuff in there is the total/BillingTotal and transID (orderid is there if you want to make sure it matches what the GC sent back). Grab the transID and send it back in ClientMicroTxnAuthorize (little-endian encoded, as always) and append a 32-bit value of 2 (unsure what the significance of this is, or if it ever changes from 2. Could perhaps be an authorization result, where 1 is deny or something). You'll get back ClientMicroTxnAuthorizeResponse with a payload containing a 32-bit eresult value (1 = OK), and a 1-byte unknown value of 0. If successful, If successful, send GCStorePurchaseFinalize to the GC containing the transaction ID you from the GC before (not transID) to get your items.