Are you returning (or even new) to Neopets and have no idea what's going on? Well come right over to for a huge read on how to earn Neopoints, creating goals, account safety tips, and more! A lot has changed, but a lot remains the same for our dear website!
Note: This guide is primarily going to be directed at Non-Premium players, so information about Premium will only be touched on lightly.
If there’s any clarification needed, feel free to PM, or ask on the subreddit / Discord! Shout out to aredshroom for letting me make a c/p'd update lol and also other friends to help read over. o/

Last Updated: 1/11/21

First: The Important Things

• Do NOT mention Reddit on Neopets! Mentioning us in any way or form onsite will get you in trouble. You can only mention Official Fansites. Some of the well-known ones are Jellyneo (JN), The Daily Neopets (TDN), Dress to Impress (DTI), and SunnyNeo (SN).
  
• Account recovery tips and information can be found here.
  
• Introduce yourself to the Neopets Mobile-Friendly Beta Launch. As various browsers have released an update that disables Flash by default for security reasons, Neopets is urging you (or has already has transitioned) to use this new interface. Games, Maps, and most site features are slowly, but surely being updated to follow current internet standards. For more information and progress on the Mobile-Friendly Beta Launch, I would refer to the Release Notes page. This page can only be viewed if you are currently already using the Beta, however.
  
• If you cannot see the Neopian Map, Games, Customization Screen, and other miscellaneous content, then you'll most likely need to reenable Flash. Here's a JN article on how to do so.
  
• You are only allowed to have 5 accounts in total – ONE main, FOUR sides. Here’s JN's Side Account FAQ and SN's Side Account Guide for what is allowed and not.
  
• Secure your account! Set a PIN, and be cautious with links/users. If something sounds too good to be true (cough massive giveaways), it likely is. There have been incidents in the past of users getting in trouble after receiving illegit/stolen items from giveaways. Do remember that TNT is always watching... Also, there is a Hackproofing guide available here! There'll be some basic security tips at the bottom as well.
  
• Account age restrictions. Generally, you can do everything after 4 months. There are also Loyal User Perks for aged accounts!
  
• Check out this Hiatus Rescue Kit (2005 to 2015) and /~WhatWentOn (2014 to May 2020) to see additions, changes, and so many other things that have happened to the site over the years. I'd also check out JN's Book of Ages for event coverage and the history of Neopets!
  
• I would also check out the official Neopian FAQ and this Community Neopian FAQ! The official FAQ is somewhat outdated missing two years of additional information from the NeoBoards, Twitter, Discord, etc.
  
• Know the Neopets Acronyms! If you're anything like me upon returning - "What does RB/RG/WN/UC mean?" - this might be helpful. Here's TDN's TNAATP and JN's Neopian Dictionary!
  
• Note when your pets' birthdays are! You can choose to collect 1 out of 3 cupcakes on their birthday that increases your pet's stats. The Blue, Pink, or Yellow Cupcake (+Def, +HP, and +Str respectively). Note that you can only feed 1 cupcake to a pet per year, so you are unable to stockpile birthday cupcakes from your other pets and feed them all to one pet.
  
• We have a Guide Repository on the subreddit! There’s plenty of good info there, and safe userscripts to enhance your Neo experience. I’ll leave you to trawl.
  
• This subreddit has a Discord server! Go over here to join a real-time chat server and mingle around with others. Discord is accessible on mobile devices too! Just a reminder, that Discord is also NOT an official fansite, so don't mention it onsite.
  

Getting back on your feet: Earning NPs

• One of the most common questions on the sub is about making NP. With the inflation/fluctuation of prices, and daunting price figures (like the Secret Lab Map), this can seem hard. There are plenty of ways you’ll be earning, saving, and spending. Also here are the fun results from an old Strawpoll of how NeoRedditors earn Neopoints.

1. Dailies, of course! Here are a couple listings from TDN's Dailies Page, JN's Custom Dailies, and also good old /~Neo____Zafara!
   
2. Trudy's Surprise! It's a relatively new daily that gives you free NP. The amount increases until the 25th day, where any spin will net you 100k even if you don’t hit 3-in-a-row.
   
3. Ghoul Catchers is a Neo-mobile app where you can earn 50k a day just by playing the 1st/2nd level 50x a day. Here's JN's Guide and Petpage Guide! The app has been removed from the app store, but you can still play the game through an APK. Security FAQs on using an APK and the APK Download.
   
4. Battledome (BD). I'll be mentioning the more relevant guides. JN IDB's Beginner's Guide to Battledome + /~SilverCyanide4, Faerie Ability guide, 1-Player Equipment Guide, STDEF Boost Table, and JN's BD Damage Calculator are useful links.
   

The reason to participate in the BD is that it gives you goodies like Tan/Red Codestones, Neocola Tokens, Armoured Neggs, and even Nerkmids (if premium) that you can sell for profit. Each time you beat an opponent, you’ll obtain something from the General pool, Dome pool, or Opponent pool until you hit the limit of 1500 NP + 15 items daily. Here’s a breakdown.
The General pool includes Tan/Red Codestones. The recommended starter opponent is the Kreludan Defender, who has an easy starting HP of 14, and drops relatively good items from his Dome + Opponent pool (Neocola tokens, Armoured Neggs, Genius Neggs). The other challenger that beginners frequent is the Chia Clown, who may drop Chocolate Ice Cream.

JN's Battlepedia has a listing of difficulty-specific prizes. With regards to the rate of certain Battledome drops, there is no correlation to difficulty aside from different item pools.

• Play easy 3k games. 3k is the maximum you earn from each Flash Game except during special occasions (such as the week of Neopets' birthday). Check out /~fishyheart for easy quick to play games. Also, /~ChaChaFrancesca tracks NP ratios for on-site games, and /~AnnEstelle provides for mirrored games. Read the disclaimer on the mirrored game petpage (do not play the same game twice in one day)!
  
• Do basic jobs at the Faerieland Employment Agency. You'll have to be fast to get profitable ones, but it's such a fast way to earn spare cash. Max limit is 5 jobs a day. I would check out JN's article and our own guide here!
  
• Play Food Club. Lefty (/~Innocent) has a good rundown on what it's about. There’s a daily FC thread on this subreddit where you can follow experienced bettors as you start out.
  

The only tip is to bet consistently - you may lose quite a bit, but in the long run it definitely pays out – and with older accounts, you can earn a LOT when you win since you can bet more.

• Stock Market is another thing players like investing in. It's recommended that you buy the cheapest stocks (15 NP). You should bookmark this page, so you can easily see which stocks are at 15 NP currently. You can buy a maximum of 1000 stocks a day, which equates to a 15k investment daily.

Keep in mind it's a long-term investment. Most people sell at 60 (+300% profit), but some hold for higher (100+). Neostocks is an informative Stock Market tracking site to see trending stocks and provides alerts if desired.

• Try Restocking! Restocking means hanging around in official Neopets shops and playing the waiting game in order to quickly buy profitable items at a lower price, so you can later resell them to players at a higher price. There are restrictions on what items you can see based on your account age, but you can still restock Faerie Quest items, Faerie Employment Items, and other consumables (books, food, etc.) if your account is younger.

Newbie r79 items and below
10 days old r84 items and below
16 days old r89 items and below
1 month old r94 items and below
3+ months old No restrictions

For a more visual guide, here's a reference guide at /~Sanskrits and JN's Shop Directory is great to start learning which items are good!

Creating NeoGoals

• Browse around on Neocolours! Once you figure out the species/colour combinations you want for your pets, there are plenty of ways to get them. You can paint, morph, or adopt! Sometimes, we get lucky users here who run Faerie Fountain giveaways as well.

Tip: Always check if a particular Morphing Potion is cheaper than Paint Brushes. It can save you a lot of NP.

• Maybe obtain a Secret Lab Map to try for a lab-exclusive colour, or perhaps to zap pound pets into interesting colours to help them get adopted out, or just for the sheer thrill of zapping?
  
• Collecting Avatars! /~Avatiers has a really good visual list. Build up your stats first, and you could drop by the Avatar NeoBoards to (politely) ask for lends. JN's Avatar Checklist provides code for you to put on a petpage, so lenders can easily check what you're missing.
  
• Aspiring for the best Gallery? There are a lot of items to catch up on. JN has a fantastic Item Database where you can search for items!
  
• Customisation? You’ll love Dress to Impress if you haven’t checked them out already.
  
• Want to spruce up your userlookup with game trophies? Here's an awesome score tracker so you know what's a reasonable score needed for Bronze/SilveGold. Just click on the graphs in the rightmost column to view the score requirements for a trophy over the past few months.
  
• Perhaps you just enjoy coding and beautifying your Lookups, Petpages, and more? What about a Neo Portfolio? There are plenty of premade artists around, but I’ll let you roam since there are really too many styles and pages to list. Feel free to ask around though!
  
• This is a non-exhaustive list, of course. Make up your own goals and have fun!
  

Account Recovery

Here’s an updated FAQ at /~Wispalings on what to do if you think you are frozen, and /~Sarika_ambrielle has all the details of what you should keep track of if you need to send in a recovery ticket. It's a good idea to backup your info in case you ever have to prove that an account belongs to you.
We have a revamped Lost Account Guide, to add to those petpages mentioned above!
The TL;DR for account recovery:

• Check that your account still exists! Your account may have been purged if it’s been inactive for years. Go here: http://www.neopets.com/userlookup.phtml?user=USERNAME, replace USERNAME with your own. If it is indeed purged, you most likely will need to start on a new account.
  
• Once you’ve verified that the account still exists, it’s all about figuring out details to prove that your account is yours, like your birthdate, linked email (and/or pass emails), NC/Premium purchase history, etc. Here's a NeoBoard post explaining what they want really.
  
• The Ticket System is now located at their support address: [email protected].
  
• General tips for getting a ticket response: Always be truthful and respectful. Give as much useful info about your situation/account as you're able, post on the "Highway to Help" thread located in the Help NeoBoard. Keep your ticket updated once per week to show TNT you're an active user waiting. Please read the following petpage, /~Kaizsa, before posting on the "Highway to Help" thread.
  

Basic Security

• Go to your Account Preferences. Block everything you don't want, ALWAYS check the birthday login prompt, and I'd recommend Plain Text Neomail. That makes it so any scripts sent through NM won't run.
  
• Similarly for your PIN Preferences. Set a PIN on ALL accounts (main/sides should all be pinned), preferably different/regularly changed, and keep no exceptions on where a PIN is used. Check all the boxes.
  

FAQ

• Why is everything broken? I can't even see the map.

Have you enabled Flash for your browser? Here's a JN article on how to do so. You will probably need to reenable Flash every time you completely close out of your browser.
If it's not Flash related, then a long list of things can be found here.

• Why aren't any of the games working?

Adblock is struggling on Neopets, and by struggling I mean racking up multiple thousands of blocked ads and lagging the site. Right at this moment, it's a good idea to go grab uBlock Origin (Chrome / Firefox) for whatever browser you're using and use that over Adblock right now.
I would also check out this thread on How to Run Flash Games on Chrome with Adblock.

• How do I leave Neopets Beta?

If, for whatever reason, you no longer want to be looking at the beta version of any of the pages we've previously discussed, simply click on the "View Classic Site" button in the profile menu to return to the site as all non-beta viewers see it. To get back into the beta view, click the "View Beta" link that's now on the right side of the "Logout" button for you. Do know that once the transition begins, you will not be able to return to Neopets Classic.
tl;dr: Click your pet in the top left corner, there should be a switch button. The Beta Mode will be permanent for everyone soon though.

• IS NEOPETS GOING TO DIE BECAUSE FLASH DYING?

No, TNT has announced that they are working on converting their Flash works to HTML5. On December 16th, 2020, TNT released an End of Flash Update video detailing their progress.

• Is Premium worth it?

That is up to you to decide and how active you are going to be on this site to make the most out of it. There are incentives such as Super Shop Wizard (SSW), if you are a prominent restocker, Species Change Perk (once every 365 days upon first use) that allows you to obtain nearly every converted colored species (no Draiks and Krawks) including the rare Ice Bori, and more. Check out JN's Guide on that.

That's it! If you've read all this way, thank you for your time. I hope this helps some players. ^ ^

Short summary:

• The LS997 as a phone is generally only recommended to those on Sprint or its MVNOs and carriers whose frequency bands are fully covered by the phone.
• The phone is known to re-lock APN settings to Sprint when upgrading a SIM-unlocked one from Android Nougat to Oreo.
• Most are unrootable due to LG's anti-rollback enabled after May 2017. This includes every single one on stock Android Oreo.
• Some older, rootable ones are disguised as US996 models on Android Nougat.
• Rooted LS997s are generally limited to Nougat for stock-based ROMs, with very few attempts to cross-flash US996 stock Oreo, need LineageOS-based ROMs for Pie and higher

Details:

Since questions about this particular V20 variant still come up every once in a while, I figured I'd dump out almost all the information I know as there are many caveats to this model that do not apply to any of the other versions.

Reasons to own this model as a phone:

• Your carrier is Sprint or one of its MVNOs in the U.S.
• Your carrier's frequency bands are fully covered by the LS997.

Frequency bands:

• LTE bands: 2, 3, 4, 5, 12, 25, 26, 41
• More details: https://www.frequencycheck.com/models/A66D6/lg-ls997-v20-td-lte?c_id=2383698
• International compatibility: https://www.frequencycheck.com/compatibility/A66D6/lg-ls997-v20-td-lte/countries

Specific information for users on Sprint or one of its MVNOs:

LG V20 Sprint User Guide PDF document
The Sprint network's current LTE bands are 25, 26, and 41.
With the current merger with T-Mobile USA in progress, it's not clear yet what exactly will happen to these bands in the future. At this point, from what I've read, band 25 is staying, band 26 is set to be sold to the Dish network, and band 41 will eventually be repurposed to 5G.
Sprint SIM card info:

• Sprint is a weird carrier that is different from most for a number of reasons:
  
  • You cannot switch SIM cards between phones as a phone's IMEI number and the SIM card's number are tied together at the time the phone is activated. And like Verizon, Sprint keeps a whitelist of IMEI numbers, so they control which types of phones can be activated on their network, regardless of whether a phone supports all their frequency bands or not.
  • Sprint SIM cards have many different types that are only compatible with certain phone models. They can also be reused, even when switching phone numbers.
  • The type of Sprint SIM card needed for the LS997 is SIMGLW416Q. Unfortunately, with the nanoSIM card size, that part number is no longer printed on the card itself. Instead, you see some distinct numbers on the bottom below the long ICCID number of the card: either 80.01a as seen here or 80.02a here
  • There is a nice comprehensive up-to-date Sprint SIM Compatibility Chart for most phones found here: https://s4gru.com/forums/topic/7833-the-s4gru-aio-byod-sim-compatibility-chart/
  • Sprint also has an official list of compatible phones and SIM cards, but the list is not up-to-date and doesn't list older phones, including the LG V20: https://www.sprint.com/content/dam/sprint/us/en/campaigns/byod/compatible-phones-sims-(002).pdf

Identifying an LS997

The following may come in handy as some older LS997 models are disguised as US996 variants and sold as such (more on that later):

• If the original sticker behind the battery is still there, then the top right portion of it should say MODEL: LS997 and FCC ID: ZNFLS997
• Based on the phones I own, the first 8 digits of an LS997 are always 35996907, in contrast to 35229108 on a US996.
• A clean IMEI of an actual LS997 should pass any of the following Sprint-based IMEI checkers:
  • https://www.sprint.com/en/shop/bring-your-phone-to-sprint.html?INTCID=LP:BYOD:Shop&flow=BYOD
  • https://tello.com/bring_your_own_phone
• On the motherboard, there are 4 pairs of pins below the cameras, and the ones labeled "SP" are activated on the LS997, as seen in this thread (the printed VS995 on the board has no meaning in this case).
• As far as I'm aware, the LS997 only exists officially in the Titan Gray color.

Software versions

Sprint, like AT&T, never provides separate KDZ files for their firmware, and LG Bridge is not supported. Updates are only available over-the-air (OTA), but unlike AT&T, you don't need to have a Sprint SIM card or be on Sprint's network.

• Software update partial history:
  • https://www.lg.com/us/support/help-library/lg-v20-sprint-ls997-software-update-CT10000027-20150257242438
  • https://www.theandroidsoul.com/lg-v20-update/#sprint-lg-v20-update
• Software versions starting with LS997ZV are on Android Nougat while LS99720a is on Android Oreo.

Anti-rollback protection (ARB)

Unfortunately, starting with software version LS997ZV8 in August 2017, hardware-based anti-rollback protection has been enabled, changing from ARB0 to ARB1. This means that you cannot downgrade, and any attempt to cross-flash firmware from a different model will permanently brick the phone. Since Sprint does not provide firmware outside OTA, you are essentially stuck with the software version you get at this point. I'm assuming that by now, most LS997 phones out there fall under this category. In this state, it is the only V20 model that is unrootable. (And in case someone asks, I have heard of users on the XDA forums using an exploit to get temporary root on a locked down LS997 on ARB1. I don't know the details on that, but this stuff seems very unsafe and can easily brick your phone with no way to recover if you don't know what you're doing.)
So, the last software version on ARB0 is LS997ZV7 with Android security patch level date of May 1, 2017. This is also the last version where the phone can be rooted and manually SIM-unlocked (see below).

SIM unlocking

• Like AT&T's H910 and T-Mobile's H918, an actual untouched LS997 comes carrier-locked out of the box.
• If the phone is on software version LS997ZV7 or earlier, then it can simply be manually SIM-unlocked following this procedure from the XDA forums. Alternatively, cross-flashing the phone with US996 firmware on Android Nougat will also SIM-unlock it.
• According to many users, when a SIM-unlocked LS997 is updated from any software version on Android Nougat to Oreo, then the APN settings are re-locked to Sprint. And if you happen to have an LS997 already on Oreo that is SIM-unlocked, then I highly advise against doing a factory reset as that could also re-lock the APN settings.
  • Per Sprint's unlock policy, a Sprint-branded phone has to be active on Sprint (not one of its MVNOs) for at least 50 days to be eligible for an official SIM unlock.
  • Some people have been able to get this issue fixed by contacting a Sprint employee on the official Sprint forums, as documented in this XDA thread, although you probably have to be either a current or former Sprint customer or have the account information of the previous owner on Sprint. Update: Since the merger, the Sprint forums have turned to read-only mode, so I'm not sure if there's still a way to contact that employee.
  • There are paid unlock services out there that are supposedly able to do the SIM unlock remotely, but I haven't seen anyone yet who has done this on here or the XDA forums.
  • FWIW, there is a similar case with re-locking APN values on the Sprint LG G8 going from Android Pie to 10, and there seems to be a workaround using a small app to add new APN values, according to this thread.

Disabling auto-update and official update notification

As there are several reasons not to take an OTA update, depending on your needs and the phone's currently installed software version, you may want to turn off automatic system updates and related notifications:

• Under "Developer options" in Settings (if not visible, enable it by going to "About phone" -> "Software info" and tap "Build number" 7 times), disable "Automatic system updates"
• For the system update notification that shows up on every boot, I simply long-pressed the notification and blocked it. This seems to block notifications from Google Play Services, but I haven't noticed missing any important notifications from doing so. There may be other ways by disabling certain services as mentioned in this XDA thread, starting at the bottom half of the page.

Missing LG apps

The Sprint V20 is one of the variants with most of the LG stock apps missing. At least on Nougat, users have been able to restore some of them without root access:

• https://forum.xda-developers.com/v20/themes/stock-lg-apps-sprint-v20-ls997-t3633074

I haven't seen any reports on someone doing this on Oreo, but at least certain versions of the LG Music can be installed, with links to working apks to install for both Nougat and Oreo found here:

• https://forum.xda-developers.com/v20/themes/stock-music-app-to-att-version-t3552963/page8

Older LS997 models disguised as unlocked US996 variants

As mentioned before, LS997 phones on software from May 2017 or earlier can be cross-flashed with US996 firmware on Android Nougat. This type of "disguised" US996 has been sold mostly outside the U.S. as either an unlocked US996 (even though it does not have the same LTE bands as a real US996) or an unlocked LS997.
The one reason for getting one of these is if you want to have a rootable LS997. While it may not be easy to pick one out online on places such as eBay without specifically asking the seller about the software version, a good bet is to look for a description that mentions an LS997 working both on Sprint and being GSM unlocked worldwide. Since the LS997 is much more difficult to SIM unlock on Oreo and cannot be cross-flashed with anything starting with software version LS997ZV8 due to anti-rollback, the odds of such a listing being a rootable Sprint V20 is decently high. A redditor got one of these on eBay not too long ago to replace a broken one:

• https://www.reddit.com/lgv20/comments/fkcm6y/sprint_users_brand_new_unlockable_ls997s_are_both/

Everything described from this point on will require an LS997 that has not been updated past May 2017, as in software version LS997ZV7 or older.

Root access

Like most V20 variants, the rather lengthy "DirtySanta" method is used to install custom recovery and gain root access on the LS997. The general steps specific to the Sprint V20 are outlined in the following guide:

• https://forum.xda-developers.com/v20/how-to/root-ls997-to-zv9-t3696488

And here are some (or maybe a bit more than "some") pointers that may not be mentioned in the guide or may not be obvious from the descriptions:

• If the phone's software is from December 2016 (version LS997ZV5) or earlier, then it may be possible to skip the cross-flashing step in the beginning.
• If you do have to cross-flash using the patched LGUP, for more details on how to do that, follow the first nine bullet points in this guide but replace the H915 KDZ with the VS995 firmware VS99512A_06_1114_ARB00.kdz found here:
  • https://androidfilehost.com/?fid=11410963190603847053
  • I originally got the VS995 KDZ from the popular LG firmware page https://lg-firmwares.com/lg-vs995-firmwares/#tab=firmwares but I found that the site has gotten less ad blocker friendly over the past few years. I can confirm that the file I downloaded back then has the same MD5 hash value as the one on the AndroidFileHost link.
  • After cross-flashing and booting up, you may face a startup screen asking for a password. If that happens, simply do a factory reset: With the phone off, hold down both volume-down and power buttons until the reset screen shows up (this is different from how you do it later - see below), then select yes twice to reset.
• Besides the general DirtySanta procedure linked in the guide above, there is another more user-friendly general procedure found here:
  • https://forum.xda-developers.com/v20/how-to/guide-root-twrp-lg-v20-using-dirtysanta-t3722278
  • I recommend looking over both procedures to make sure you're familiar with all the steps involved.
• If cross-flashed with VS995 firmware, be aware that at some point in the procedure, the phone will start constantly vibrating as a side effect.
• Some time after TWRP recovery is flashed in Step 3 of the procedure, you may have to enter recovery mode with the phone off to continue. The button combination is slightly different from before:
  • With the phone off, hold down both volume-down and power buttons, then release the power button for one second, then hold it down again while still keeping the volume-down button pressed. This will bring up the factory reset screen like before, but when you select yes twice, it won't actually do a reset but instead enter TWRP.
• Before flashing an LS997 ROM at the end, you'll want to update TWRP with a version that is specific to the LS997. You can find all TWRP versions here:
  • https://forum.xda-developers.com/v20/development/recovery-twrp-3-2-1-0-t3720239
  • To update/change TWRP versions (it doesn't matter if it's a newer or older version), transfer the IMG file to your phone's internal storage or a microSD card, then enter TWRP. In TWRP, select Install, then "Install Image", then pick your IMG file and select Recovery from the list of partitions shown. After done flashing, return to the main home screen, select Reboot, then Recovery to enter the newly installed TWRP version.
  • FWIW, some users on various V20 models have had problems installing ROMs on TWRP versions higher than 3.2.3-4, so you may want to try 3.2.3-4 first. The last time I installed a ROM on my LS997, these higher versions did not exist, so I cannot tell if the issue exists on this model or not.
• Besides all the comments found in the various XDA threads, you can find some more troubleshooting discussions in the following thread where a redditor went through the procedure early this year:
  • https://www.reddit.com/lgv20/comments/enfv6j/i_am_the_proud_new_owner_of_a_ls997_whats_the/

Custom ROMs

For LG stock-based ROMs, you're limited to Android Nougat since no one so far has figured out how to root stock Oreo on this phone model. To get Oreo or higher, you'll have to go with non-stock AOSP/LineageOS-based ROMs, but you'll lose certain features such as VoLTE, Wi-Fi calling, FM radio, stock second screen functions, LG apps such as the LG camera, and some Sprint functions (activation, some dialer codes, update PRL and update profile functions).
Basically, for the LS997, you can generally only pick 2 of the following 3:

• LG stock functions
• Android Oreo
• Full root access

Now, some of you might be wondering: What if you initially cross-flashed old US996 firmware on Nougat, then did the whole rooting procedure treating it as an US996 and tried to install a stock-based US996 Oreo ROM? I have not seen anyone do that yet, so I guess no one has dared to or had a good reason to try this. Update (January 2021): There are a couple of users at the XDA forum who have done this, and you can see that thread here for more information.
Sprint stock-based ROM:

• If your carrier is Sprint or one of its MVNOs and you want to keep all stock functions, then the ROM of choice is Classic Rom which is based on LS997ZV7 firmware. This is what I use on my daily driver LS997.
• You'll want to pair this ROM with the mk2000 BTTF custom kernel, which is the most popular kernel for stock-based Nougat ROMs. It includes removal of LG's root checking tool (RCTD, more info here) and support for KCAL screen settings which helps getting rid of most screen retention when used with a kernel manager. The last version of the kernel, BETA 2, can be found here (the original file in the main XDA thread had broken parts, but luckily, another user fixed them for the LS997):
  • https://androidfilehost.com/?fid=4349826312261734796
• Typically, after you flash a new kernel in TWRP, it's a good idea to reflash Magisk before booting back into the system.

AOSP/LineageOS-based ROMs:

• I haven't used any of these, but the most popular ROMs are:
  • LineageOS 18.1 (Android 11)
  • LineageOS 17.1 (Android 10)
  • LineageOS 16 (Android Pie)
  • Resurrection Remix 7 (Android Pie)
  • LineageOS 15.1 (Android Oreo)
  • AOKP (Android Oreo)
  • Resurrection Remix 6 (Android Oreo)
• If you plan on using any of the above ROMs on Sprint or one of its MVNOs as your carrier, make sure that the phone has previously already been activated on a stock-based ROM since there are no activation functions in these ROMs. And if you get no cell signal, then you may have to change a few settings as shown in this XDA forum post.
• Some users also had problems getting a signal on LineageOS 17.1, and one fix seems to be installing LineageOS 16 first and then flashing 17.1 on top of it as mentioned in this post.

Returning from a rooted phone to complete stock (not recommended)

And finally, mostly for educational purposes, a while back, a procedure was posted to return a rooted LS997 back to stock:

• https://forum.xda-developers.com/v20/how-to/how-to-return-sprint-lg-v20-to-stock-t3665954

At this point, I see little reason for anyone to try this, and I don't know if there is a way to recover if something went wrong in the middle of the procedure.

Certain apps, commonly referred to as "spouseware" or "stalkerware," are designed to give someone the ability to track or spy on a person's phone. Specifically, depending on the version, it may allow a person to: - track the phone's location - view messages and emails - view the device's pictures and videos - in some cases, activate the camera or microphone - and more
Generally speaking, this sort of software is legal to sell and buy, but not legal to use to track a person who doesn't know they're being tracked. There are exceptions to that, which is why the companies selling it are careful in how they advertise.
If you suspect that your phone is being tracked, this quick guide will help you find out for sure and figure out what to do about it.
Signs of stalkerware
Stalkerware apps are designed to hide from the victim, meaning they don't generally show up as installed apps. That doesn't include legitimate apps that an be used to track a phone, which would show up as installed apps. Because the apps don't show up as installed, it can be easy to miss. But if you're looking for it, it's possible to find it.
Some signs that may indicate stalkerware is installed include: - a person that may have installed it always seems to know where you are - your phone battery is draining unusually fast - GPS turns on after you turn it off - Your iOS phone refuses to update - You've received suspicious emails or texts with links (which you clicked on) OR you were told to download apps from sources other than the official app/play store - Someone had access to your phone for an extended period of time (generally, these apps require physical access to the device)
Please note that the presence of any one or more of those indicators doesn't necessarily mean that your phone has been infected. For example, some legitimate apps can drain the battery or activate your GPS. These are only indications that you should look a little more closely.
What to do if you suspect stalkerware
First, don't panic. The odds are good that a legitimate app is the cause of what you're seeing. However, just to be on the safe side it's best to take a closer look while also staying safe.
First, think about your "threat model." That is, think about your safety needs and what it could mean if you're being tracked. If you're in a place you don't want to be found, consider turning off the phone and taking it directly to law enforcement.
If you're safe at the moment but don't want to tip off whoever may be tracking you, try not to change your behavior too much. Keep doing normal things, but don't talk about anything sensitive until you're sure your phone is safe. If possible, a prepaid "burner" phone will allow you to talk about personal/sensitive things while you're checking on your primary phone.
Either way, if there's a concern about your safety, go to law enforcement immediately. If you need to go to a shelter, do not take the suspect phone with you until it's been cleared (if allowed by shelter policy).
Confirming the presence of stalkerware
If you know what to look for, you can detect stalkerware. First, check to see if your phone is configured to even allow those apps.
For iOS: Look to see if the phone is jailbroken- that means, if it's been changed to allow unofficial apps to run. There are a lot of reasons to jailbreak your phone and not all are malicious, but if it's jailbroken and you didn't do it, that's a red flag. One way is to look for an app called Cydia which is often, but not always, present when the phone is jailbroken. Another way is to download an iOS app like "System and Security Info" to check it that way.
For Android: Go into the settings and open "Unknown Devices," "Allow installation from Unknown Sources," and/or "install from untrusted APKs." If you can't find those settings, you may be able to use the search function in the settings area if available. Check if those settings are toggled on. Also look at the "Device administrator" settings and see if there's any apps you don't recognize there. There will probably some google-related apps there, so expect to see something there.
Next, install and run a security suite. Lookout Mobile Security is one of the best for detecting stalkerware and will let you know if it's found.
What if something's found?
If you find evidence of stalkerware on your device, your best bet is to turn it off and bring it to law enforcement. Tell them what you found and make a report. Anecdotally, sometimes the first officer won't see the need to take a report. You have the right to escalate the request if you have a concern.
If you wish to recover your phone, the safest option is to factory reset and restore your phone (after backing up your pictures, etc). This basically restores your phone to the factory settings, getting rid of ALL non-default apps. There are no commercial stalkerware apps that can survive this. If you're unsure about how to do this, your provider should be able to help.
Changing your Android settings to remove the suspect device administrator should be enough to disable the software, but this should only be a temporary measure. The best solution is a full reset.
Once your phone is recovered, change all of your passwords and enable two-factor authentication wherever possible. This means that your accounts are secure even if someone knows the password. Here's a handy guide to enabling this additional security on your accounts.
How to prevent stalkerware installation
If you're concerned about stalkerware installation, consider implementing other secure communication channels so you always have a safe way to communicate.
Because nearly all stalkerware variants require physical access, restrict physical access to your device if it's safe to do so. Adding a secure password or PIN to your device (one that no one could know but you) should be enough for this. Please note that suddenly adding a password may be seen as an indication that you're getting suspicious, which may or may not be a concern for your particular situation.
Also, installing a security suite should catch malicious links and installations. Periodically check your phone's settings to make sure they haven't been changed as discussed previously. If you're ever in doubt, take your phone to a professional or to your carrier to discuss your concerns.

Certain apps, commonly referred to as "spouseware" or "stalkerware," are designed to give someone the ability to track or spy on a person's phone. Specifically, depending on the version, it may allow a person to: - track the phone's location - view messages and emails - view the device's pictures and videos - in some cases, activate the camera or microphone - and more
Generally speaking, this sort of software is legal to sell and buy, but not legal to use to track a person who doesn't know they're being tracked. There are exceptions to that, which is why the companies selling it are careful in how they advertise.
If you suspect that your phone is being tracked, this quick guide will help you find out for sure and figure out what to do about it.
Signs of stalkerware
Stalkerware apps are designed to hide from the victim, meaning they don't generally show up as installed apps. That doesn't include legitimate apps that an be used to track a phone, which would show up as installed apps. Because the apps don't show up as installed, it can be easy to miss. But if you're looking for it, it's possible to find it.
Some signs that may indicate stalkerware is installed include: - a person that may have installed it always seems to know where you are - your phone battery is draining unusually fast - GPS turns on after you turn it off - Your iOS phone refuses to update - You've received suspicious emails or texts with links (which you clicked on) OR you were told to download apps from sources other than the official app/play store - Someone had access to your phone for an extended period of time (generally, these apps require physical access to the device)
Please note that the presence of any one or more of those indicators doesn't necessarily mean that your phone has been infected. For example, some legitimate apps can drain the battery or activate your GPS. These are only indications that you should look a little more closely.
What to do if you suspect stalkerware
First, don't panic. The odds are good that a legitimate app is the cause of what you're seeing. However, just to be on the safe side it's best to take a closer look while also staying safe.
First, think about your "threat model." That is, think about your safety needs and what it could mean if you're being tracked. If you're in a place you don't want to be found, consider turning off the phone and taking it directly to law enforcement.
If you're safe at the moment but don't want to tip off whoever may be tracking you, try not to change your behavior too much. Keep doing normal things, but don't talk about anything sensitive until you're sure your phone is safe. If possible, a prepaid "burner" phone will allow you to talk about personal/sensitive things while you're checking on your primary phone.
Either way, if there's a concern about your safety, go to law enforcement immediately. If you need to go to a shelter, do not take the suspect phone with you until it's been cleared (if allowed by shelter policy).
Confirming the presence of stalkerware
If you know what to look for, you can detect stalkerware. First, check to see if your phone is configured to even allow those apps.
For iOS: Look to see if the phone is jailbroken- that means, if it's been changed to allow unofficial apps to run. There are a lot of reasons to jailbreak your phone and not all are malicious, but if it's jailbroken and you didn't do it, that's a red flag. One way is to look for an app called Cydia which is often, but not always, present when the phone is jailbroken. Another way is to download an iOS app like "System and Security Info" to check it that way.
For Android: Go into the settings and open "Unknown Devices," "Allow installation from Unknown Sources," and/or "install from untrusted APKs." If you can't find those settings, you may be able to use the search function in the settings area if available. Check if those settings are toggled on. Also look at the "Device administrator" settings and see if there's any apps you don't recognize there. There will probably some google-related apps there, so expect to see something there.
Next, install and run a security suite. Lookout Mobile Security is one of the best for detecting stalkerware and will let you know if it's found.
What if something's found?
If you find evidence of stalkerware on your device, your best bet is to turn it off and bring it to law enforcement. Tell them what you found and make a report. Anecdotally, sometimes the first officer won't see the need to take a report. You have the right to escalate the request if you have a concern.
If you wish to recover your phone, the safest option is to factory reset and restore your phone (after backing up your pictures, etc). This basically restores your phone to the factory settings, getting rid of ALL non-default apps. There are no commercial stalkerware apps that can survive this. If you're unsure about how to do this, your provider should be able to help.
Changing your Android settings to remove the suspect device administrator should be enough to disable the software, but this should only be a temporary measure. The best solution is a full reset.
Once your phone is recovered, change all of your passwords and enable two-factor authentication wherever possible. This means that your accounts are secure even if someone knows the password. Here's a handy guide to enabling this additional security on your accounts.
How to prevent stalkerware installation
If you're concerned about stalkerware installation, consider implementing other secure communication channels so you always have a safe way to communicate.
Because nearly all stalkerware variants require physical access, restrict physical access to your device if it's safe to do so. Adding a secure password or PIN to your device (one that no one could know but you) should be enough for this. Please note that suddenly adding a password may be seen as an indication that you're getting suspicious, which may or may not be a concern for your particular situation.
Also, installing a security suite should catch malicious links and installations. Periodically check your phone's settings to make sure they haven't been changed as discussed previously. If you're ever in doubt, take your phone to a professional or to your carrier to discuss your concerns.

Edit (after 2 hours of posting):

• Think big, not only about the OS itselve and the functionalities but also how you would run the department so you'll get a better product and bigger marketshare.
• What would your vision be for W10M in the next 5 years?

Edit (after 19 hours after posting): I decided to bring all your input together and catagorize it a bit. Think most of us do agree on a lot of things.
Thank you all, this was an amazing AskWindowsPhone!

Visions

• MSFT is full of smart people, no doubt. In fact I'm sure most of these, they have thought about. I come from the 8.1 era so I still have a consumer perspective, where MSFT has stated they are going "Business / Enterprise" with mobile... Not sure how convinced I am of that just yet.
• Stop trying to make Windows 10 universal, doesn't work. PC is PC and Mobile is Mobile.
• W10M has unique opportunity for creating truly crossplatform MS experience (...), which Android/iOS can't provide.
• Completely aligning it with IoT.
• Get an app ecosystem, otherwise nobody gives a shit.
• MS app parity across ALL platforms.

Running the department

General

• Get rid of head honchos who are leading not because they're so good but because the position is a reward for surviving many years of stack ranking. No company needs people like this but in a suffering division of the company they're extra toxic
• I would ENSURE that there are high-quality products to back up all of these claims. THEN....
• Microsoft first, android and apple second. Apps, updates and new features get put on windows first no matter what. Wether it's normal windows 10, surface, Xbox, or windows Phone, they get the new apps, features and updates before they get ported to any other platform.
• Let's be honest, it's too late for Windows Phone. All we can really do now is die. Dissolve into Windows 10 proper. Let the mobile shell die for the most part, focus on adding the good bits from it to the desktop build. But for the comeback, keep pushing people to UWP, and not just wrapped desktop apps. Go beyond appealing to desktop developers, get current iOS and Android developers writing UWP code - use your Xamarin goods. Perhaps throw a bone to current insiders and let them have builds of the new thing, Desktop 10 with a mobile shell.

Marketing

• I would become Buddy Buddy with one of the best marketing agencies in the nation - to tell these stories beautifully ( This. Is. Important. Apple destroy(s)ed MSoft in the Marketing dept. )
• Better communication of their uwp and store, to push the multiplattform application
• Promote the platform correctly.
• Resonate with the success of the surface line.
• Stop trying to sell the smartphones and OS only in the US. Europe is where they should have bet from the beginning! Oh, and ALL EUROPE not only the UK...

App-gap removal

• Apps. Android was unstable, but it had apps.
• I'd get back Project Astoria - allowing any Android app to run natively on Windows Mobile, no strings attached. Then do a bridge that works identical as Project Centennial but for Android so that those devs who only publish Java apps to Windows Store could convert them to C# and XAML fully when they are ready with as little effort.
• I'd make the android subsystem available for enthusiasts as a download. Just like the insider program.
• Project Astoria (?) allow android and ios apps to run on WM
• Bring back being able to run Android apks.. for the love of GOD, this might have saved things
• Buy companies that refuse to release their app, Snapchat et al.

Developers satisfaction

• I would focus on communicating with developers what the plan is for the future.
• I guess the biggest things are to find some direction and make sure everyone, especially the third party developers, knows what it is. But at this point nobody will trust them.
• Courting developers, make it a platform that they want to write code for.
• Better cooperation with developers
• Embrace the community: 1. find and contact the developers of the most used apps on the store, that are relevant, usefull and built according to W10M standards 2. Offer the congratulations 3. Ask them what they think that the platform needs to improve
• I would laser focus on RETAINING developer and APPs for consumers to avoid people leaving.

User satisfaction

• I would begin to tell a similar story (the plan is for the future) but for the public. (marketing campaigns, trusted partners, etc.)
• All employees of the W10M department have to use a Windows 10 M device. As long as they don't use it as a personal device work needs to be done. Get at least to 60% in the first year.
• Especially the dogfooding. It's so obvious not enough people inside Microsoft are actually using 10 Mobile. They have some serious QC work to do. Then they need to sell the dream with amazing advertising.
• If they don't want to use it, then they should want to make it something that they want to use.
• I'd also force everybody involved in W10M to actually use it daily and not only as a test device laying on a desktop but as a real smartphone.
• Keep current users satisfied: Get rid of those damn bugs and return functionalities users ask for. Smartphones are different from tablets/laptops/PC and used differently.

Insiders project

• Insiders Program (Fast) should be more dedicated. Let no more then 2000 join. If your an insider it's expected of you to give feedback. No feedback means back to Slow or Preview. This way correct feedback is given.
• Rather than. Having just insiders i will use talented people among those and get them together and let them create things to their liking ( within limits) these designs will be a major influence in future products.

Software development

General

• Make two teams working full time . One for new features and other tweaks. The second one specifically for stability and reliability issues. Both teams will be seperate yet work in tandem and will make it fast futuristic and fluid.
• Stop development of new features and apps for a few months (although impossible seeing that W10 and W10M are strongly related in these terms) and focus on stability and consistency of the existing system and system apps (tired of different UI in system apps).
• Put Rudy Huyn in charge of app development OFC

3th Party developers support

• QA for top 100 most used apps -> give consultancy on performance / resource utilization / UI.
• A dedicated place/page/event for developers and designers to request API availability and all other hiccups. This will focus on giving developers everything they need to make fantastic UWP apps that are nothing but top notch stuff.
• Focus on getting a more consistent API and exposing internal scripting and remote management interfaces. That's in addition to a lot of other important stuff, like fixing hamburger menus, cameras, speed/overheating, and the huge list of other stuff.
• Build secure API's and ALLOW 3RD PARTY companies to use them like in Android and iOS (Ex. Create API for smartwatch makers to have access to notifications, calls, etc)

W10M quality (Performance / UI / etc)

• I would invest rigorously, in Quality Assurance.
• Stability, UI/UX consistency, stability. sigh... I'm not talking about a grand vision, but what makes the user happy. No matter what the vision is, if the user is happy, everyone's happy.
• Stability and UI consistency.
• Stability
• I would build a phone that didn't require rebooting every 6 hours to make basic shit work. At this point your not going to beat apple and Google, stop trying to create huge advances and failing. Make a great phone system that runs on numerous devices and works flawlessly. People will leave Apple if there was another device that was easy and worked.
• Bug fixing first, optimize for better performance and battery.
• Performance and UI. Let's get the basics sorted first.
• Speed, everything needs to be more fluid
• Abolish "Resuming..." screens, ABOLISH!
• Member the UI being slick and responsive? A Lumia 1020 out of the box runs smoother than my 950. And somehow managed to save a photo quicker too.
• Hire a designer, with a good track record and experience of UX and UI design, to rework the interface. It's a total mess. They could look at the sore app while they're at it.

Software (functionality)

OS

• Flawless Powering Up, Powering down.
• Flawless Continuum. This Technology is too cool, and becomes more useful over time, and with UWP App support.
• Fix the terrible built in vpn
• Mute Live Tile option for ALL apps.
• Transparent Live Tile alternatives for ALL Brands. ( all companies have a 1-color logo ready and on hand. leverage 1-color for Transparent, Full color for normal Tile ).
• Member live tiles? I'm looking at you Skype Preview.
• Actionable Live Tiles. Unclutter the notification tray, you've turned it into Android. If you're going to do that, at least let me immediately dismiss notifications as they come in without opening the tray.
• I would like to add simple things like a close all apps button, send current Edge tab to default web browser on desktop, and better live tile customization.
• Remove hamburger menus or put them at the bottom. Change all jump menus(Pressing on a alphabet to jump to letters) to the same one as the one in the app list. Redesign core apps to follow the style of the Photos App/NEON. Setting to auto hide navigation bar.
• Do you remember when Windows had no hamburger menus? I 'member.
• I know Metro is dead, but it was the best mobile UI. Bring the bits of it that worked back. And unfuck the keyboard. It was better in 8.1. I'm sick of hitting c and b when I'm hitting the space bar. Word Flow is drunk. I have to fight to override the autocorrect. It was not like this
• Member panorama view? I 'member.
• Bring back all the things from Win8.1 that they fucked up in W10, like the goddamn swipe keyboard.
• Allow me to copy and paste text between my laptop and my phone
• Allow me to easily send photos and files between my laptop and my phone without resorting to using Messenger or OneDrive. right click 'send to phone', boom it pops up on my phone.
• I would bring more and more features from Windows 10 desktop to mobile.
• I would focus on making features across mobile and full be on both versions. Night light needs to come to mobile and more keyboard options need to go to full. That sort of thing.
• How about an easy one? Turn off the damn "feature" that turns your volume down to half and disables the volume buttons until you dismiss the popup.
• Offer better support for usb connectivity to other platforms. JUST MAKE A WINDOWS PHONE CONNECT APP FOR MAC ALREADY MICROSOFT!
• Windows 10 is yet to provide what iOS/Apple is already offering. Microsoft's version of Handoff (most importantly - enable third party developers to create apps that can will let user to switch between devices with ease) or AirDrop like features would help Microsoft deliver a truly universal platform.

MS apps

• Basic phone apps like maps/navigation, clock/alarm, payments, camera, skype should stay good.
• Fix/bring back FM radio, Bluetooth, messaging integration, camera, and clipboard/UI integration with other devices.
• Bring back the awesome features of wp7 that made us all fall in love with the platform. People hub. Me hub. Kids corner.
• People hub, me hub, geofencing are gone in wp10?
• Get Cortana features back. The ability to change quiet hours text message.
• Flawless Music Managment Software for Desktop. ( Not everyone wants to use OneDrive, or File Manager to keep songs synced between iTunes Library, Groove, and WP. )
• Then bring back the damned fm radio and add vision back to the search page.
• Bring back FM Radio, Bing vision, old Zune style live tile animation, old people hub live tile animation, lockscreen artist picture, Kids Corner.
• Bring Radio FM app back
• A good podcast app
• Flawless edge, easy website pinning with good icons( like edgetile), continuum, and a smooth OS with lots of battery.
• Edge extensions, dolby audio support for Films & TV app.
• Fix the rendering in Edge mobile, some sites take some time to load or aren't usable in a WPhone
• If I search "MACE" in Maps, I should get the mosque ten miles away, not some city in Continental fucking Europe.
• Fuck Skype off and let me use Messaging on my PC to send texts.
• Background apps, advertisement notifications, permissions, strictly controlled and easy to understand.
• Kickass software nobody else has, this includes games and apps

3th party apps

• Do something about some of the horrible apps. WhatsApp, Facebook, Messenger, Skype Preview. It still boggles my mind that GroupMe and Skype Preview are supposedly made by the same company.
• Force Facebook to create native apps, tired of high load times, no glance screen and shuttering scroll!

Hardware

OS Hardware support

• Flawless Bluetooth.
• Bluetooth. Make it so it does not stutter so bad you have to restart your phone or head set every time you finish a phone call.
• Flawless Camera : Photo-taking-to-Photo-Viewing experience. ( THIS IS CRITICAL for high use. No More "Finishing Touches". You finish your own touches.).
• Fix the camera and many many "finishing touches" issues
• Camera wise: Select presets for post processing, like noise reduction and sharpening, colour output natural/current with ability to create presets / built in raw DNG editor in photos app. Focus highlighting when adjusting the knob so you know what is completely in focus, bring back 5.1, directional audio, bass filters. Improve panorama mode to allow higher resolution images.
• Bring back geofemcing for WiFi
• Member the networking stack as a whole not sucking dick? I do. I shouldn't have to restart my phone to get my WiFi to stop saying "No Internet". There are two other Windows 10 devices in the house. Same access point. Only the phone spazzes out. Same goes for Bluetooth.

New Hardware

• Lastly I'd expand OneNote and pen teams to incorporate top notch pen support for Mobile, and work with top iPad app makers for artists and musicians to bring them to both phones and tablets running Windows.
• Kickass hardware nobody else has.

Availability of phones

• More cheap, quality phones. MS too early pulled out Lumias, with the W10M they can finally compete with iOS and Android.
• Provide the hardware for their vision. Windows everywhere doesn't work without the hardware. Amazon is doing a better job right now. We need phones, cars, fridges, etc...
• Create a cheap, well built, reasonable performance and reliable smartphone device: NO VARIATIONS! ONE MODEL, ONE SIZE, ONE OS, CHEAP!!

Since everyone is concerned about the new release and the problem with root exclusion, I will leave my shelter and write down "two" lines of what I think will happen in the future of Pokemon Go APIs and some possible solutions.
0) SafetyNet Overview
1) Root/Xposed Users
2) Maps and bots (unknown6 welcome back)
3) Possible solutions
3.1) Android & Magisk
3.2) Clean device approach
3.3) SafetyNet and GooglePlayServices hooking
3.4) iOS environment
4) Future SafetyNet approach + SafetyNet Root
[TL;DR]

• SafetyNet doesn't block users from having root, thanks to Magisk.
  
• They will use SafetyNet responses into checksum of requests; this would make APIs broken (similar to Unknown6 week). This is an opinion of mine. This may become a problem for devs in this subreddit.
  
• I proposed a draft on how to use Xposed while Pokemon Go is running with Magisk.
  
• I proposed a draft on how to use an external device to keep running Pokemon Go on rooted devices without Magisk installed on the main device.
  
• I proposed two drafts to make APIs working again in the scenario described in the second point
  
• I exposed what SafetyNet may implement to become more resilient.
  

[/TL;DR]
Note: my first language is not English, overall I'm sleepy because of the long day at work. Please be gentle and point out my mistakes, I know there are many of them. I'm also sorry for the headache due to my bad English.
Let's start,
as everyone there know Nia decided to reduce the amount of cheater of any sort, from bot to fake gps and mappers. You guys did a great work creating interfaces wrapping requests made to the server and providing us well known APIs. But, since APIs are against ToS Nia is trying again to stop us from making automated requests. The last update is a great step they do in that direction.
Most of what I read in this subreddit up to now is that Nia blocked root users and this is true, but this is a dev subreddit and what should be discussed is not only how to make it run on rooted devices, but also how we will be able to make APIs requests in the near future?
Let's see it step by step.
0) SafetyNet is the tool Nia is using to prevent the use of root from android users. This is a Google Service provided with GooglePlayServices, is used in critical app to avoid alteration of data as an example AndroidPay, and it follows most of the guidelines to provide a safe "device authentication"; its main scope is to tell if a device is in a compatible state or in other words if there are no major alterations to the system. This is more or less the workflow:

• an apk register to GooglePlayServices obtaining an object that identify the apk in an unique way;
  
• the apk request a SafetyNet check on the device and provide a nonce (a unique number);
  
• GooglePlayServices make a request to Google Servers. This request is certificate pinned;
  
• a SafetyNet client is downloaded to the device, up to now this client is a Java executable that uses reflection. This client is often updated, so it's a cat mouse race scenario;
  
• the client performs some checks of the device and collect some data, then sends those data to Google Servers;
  
• the client overall read what application made the request, ask to GooglePlayServices what is the application and request also some checksum about the APK, also those data are sent to Google Servers;
  
• Google Servers analyze those data (we don't know what checks they do, but we can imagine from the nature of data collected on our device) and produce a compatibility check flag [true/false];
  
• Google Servers create a resulting string called JWS aka JSON web signature [I will call the result of SafetyNet JWS], this string is composed by:
  
  • the nonce provided by the APK
  • a timestamp
  • the name of the apk
  • the signature of the certificate of the apk
  • the hash of the apk
  • the flag, a simple true or false that will tell if the device is compatible.
• the SafetyNet client get the response and pass it to the calling apk;
  
• the apk check locally or even better on a remote server (Nia check on their servers) if the device is compatible, reading the response and sending a request to Google servers of the authenticity of the response;
  
• if Google servers receive a request of authenticity but they don't recognize the nonce and every other data in the JWS, they won't authenticate the JWS.
  

This is more or less the workflow, as you can see an attacker has a limited window for performing attacks. One of the most important thing is that SafetyNet Client run with user privileges!!!
Now let's see how this is related to pokemon.
1) Root and Xposed users aren't blocked, thanks to Magisk, if they don't want to interfere with Pokemon Go App or actuate interferences with other apps in the meanwhile Pokemon go is running. This is very convenient, since it allows us to run our adblocks or customize our system UI. But the easy way up to now described is "if you play pokemon just disable root and xposed, when you are done with pokemon then enable root and Xposed". This may be ok for most of us but it may be not ok for cheater or for users of advanced memory cleaner, as an example. Actually SafetyNet is called on startup of pokemon go and few other times (once every 30 minutes more or less), this give anyone a time window for having pokemon go and root functionality/xposed running at the same time. How to use this time window is discussed later. Just a last note, if you wanna try to decompile the apk, you need to know that the logical part is under [...].nia.platform.SafetyNetService.class and that the nonce and the reply from SafetyNet are passed to native code through nativeAttestResponse(). There the nonce and the response are passed to Niantic servers where they check and validate the response.
2) Now, in the past weeks 80% of topics in this reddit were focused on maps and scrapers, the remaining 20% was mostly related to IV calc. So why aren't we focused on changes that will impact maps? Apparently someone noticed some changes (https://www.reddit.com/pokemongodev/comments/526b96/unconfirmed_protobuf_seem_to_have_changed_a_lot/) and I bet that those won't be the only changes we will see in the next weeks. Most of us remember the great Unknown6 challenge and what will happen if they would modify Unknown6 again? Long story short, in this scenario maps and bots will stop working again. In the next (hopefully few) lines I will sum up what they will implements in my opinion in a very simplified way:

• change protobufs (you know, mitm is a bit harder now, but not impossible)
  
• change authentication of requests (bye bye old dear modified AES-SHA256), implements checks based on SafetyNet output
  

Now if you are wandering why a reverse of the new Unknown6 generation is not easy as before, this is why:

• you may know what is the checksum algorithm used for generation of Unknown6 (ie. SHA256)
  
• you also know what are the elements used as input of the checksum function (ie. satellite, login data, android id, location, time, a random number [I will not call it nonce just to avoid confusion with the nonce of SafetyNet], ...), in particular you know that one of the input is the result of the call to safetyNet, the JWS.
  

You can spoof every input, but what actually you cannot easily spoof is JWS, because JWS is generated by Google Servers and checked by Nia servers against Google Servers.
So how can maps produce valid requests if they don't have a valid JWSs? They would need some ways to emulate a device, let run SafetyNet client on this emulated device, pass every check and get a valid JWS, overall they also need to generate a valid certificate for the APK and this may involve emulating a Play Store (I'm not totally sure about this last statement).
So, do you wanna make requests using APIs? You will probably need to crack in some ways SafetyNet workflow.
3) And there we are, those are some drafts of how to "crack" the workflow, some of those drafts may be used to run Xposed while pokemon go is running (yeah, cheater may be interested in this) other may be used as a solution to the map problem.
3.1) Android & Magisk
I will not spend words on this, just read one of the 6 guides that are in the hot page of this subreddit. What you are interested in is that you can run Xposed before and after Pokemon Go and, as said before, you can run it sometimes during the execution. Anyway, root users are ok. This is a preliminary step for most of the following drafts.
3.1.0) Xposed & Magisk
What is important to note is that any hook, any callback or anything created with Xposed before the temporary "unroot" performed by magisk is kept after "unroot". After "unroot" Xposed may or may not work.
3.1.1) Xposed & Pokemon Go
As seen we have some time windows in which Xposed can safely run, I will assume the system is running over Magisk. What we have to do in order to have Xposed running while pokemon go is running is the following:

• hook with Xposed a service with sufficient privileges to run commands into Magisk Manager and create a BroadcastReceiver or an IPC handler within it
  
• have Xposed hooked to Pokemon Go
  
• hook to a call to safetyNet (ie. SafetyNet.SafetyNetApi.attest() wrapper or abuse of the synchronization over "lock" Object) or hook directly to GooglePlayServices component that handle SafetyNet calls
  
• prepare an hook that will be called after the execution of the call to safetyNet, this hook will call the BroadcasReceiver into Magisk environment and enable root
  
• just before the call of SafetyNet disable root with a call to the BroadcasReceiver within Magisk environment. In such a way you have root and Xposed that constantly run unless a SafetyNet request has been made and when a SafetyNet request is made your device will result in a compatible state.
  

Please take note that creating BroadcastReceiver or IPC Handler needs a sacurity oriented design, else you may find some other app making call to your Receiver.
IV checkers can still run fine ;)
3.1.2) Xposed in memory
Another approach is to try to load an Xposed like environment in memory. I don't know how this may be possible, because I don't have a full understanding on how everything is handled in Xposed, but apart being complicated af I think it may be an interesting thing if possible.
You hook into android system package, there you hook into Zygote constructor and redirect any Xposed library request (they would need for xposed files in system) to a provider hosted into system package that you dinamically created thanks to Xposed. At this point Xposed files are no longer necessary and you can use directly your the provider in memory. Maybe in the future when I will have some spare time I will try to clear my mind about the whole xposed process and I will try to provide a real draft. If I just wrote tons of bull****, I just say sorry.
At this point if this is possible and an Xposed like env is in memory safetyNet checks are passed for free. (if you want to provide root, just hook to android process and create a SU provider from there for example)
3.2) Clean device approach
This is the first "vulnerability" of SafetyNet that I recognized some years ago when I gave a look to the protocol:

• There are no information of the device providing the request to Google Servers. This vulnerability can be used to overcome the problem of how to perform API request, this is the draft of the scenario, we assume that you know how the protocol work, protobufs and checksums, and that checksum relies on JWS:
  
• you want to perform an API request, so you prepare your request apart from the checksum;
  
• at this point you need a valid JWS provided by Google Servers;
  
• you get a "clean" device, where with clean device I mean a device that is able to pass SafetyNet check, maybe totally unrooted (but this may be a problem for data extraction) or with Xposed disabled during check.
  
• you install or have already installed pokemon go within "clean" device
  
• you force a request to safetyNet (ie. start Pokemon Go or Xposed -> Force check -> Self disable Xposed)
  
• you block the response from reaching Nia servers (packet dropping or Xposed hook on android net protocols prepared before launching pokemon go)
  
• you catch the response and desired JWS (there the easier approach is Xposed hook over attestResponse or nativeAttestResponse if you modify nia***.so)
  
• you redirect JWS to your mapping system
  
• map anywhere until your JWS is invalid
  

Obviously this may be used to keep root on your device without the need of Magisk, because you just hook pokemon go requests to SafetyNet, redirect those requests (in particular the nonce) to the external, clean device and retrieve a valid JWS to inject into Pokemon Go on your main device.
This has two problems, the first is the need for a dedicated device, the second is that this device has to pass SafetyNet checks and Mitm with certificate pinning over non rooted devices may be a problem (remember that a device may be clean with Magisk and prehooked methods with Xposed or with an approach like the one described in 3.1.1).
3.3) SafetyNet and GooglePlayServices hooking
This may be the "easiest" trick, but it's not trivial and it will create a cat and mouse game between SafetyNet crackers and SafetyNet developers.
As said safetyNet downloaded client has two major flaws, it run as user and it is a java executable. I will focus on the second flaw: Java executables may be manipulated with ease, what an attacker can do is simply hook to some parts of the executable code and modify the behaviour of the client. In such a way we can create an hook between GooglePlayServices and safetyNet client, alter both app calls (remember that GooglePlayServices calls methods of safetyNet client using reflection) and provide as a response an environment that is considered by Google Servers clean and compatible. This scenario may be expanded to provide an "emulated" environment where a fake GooglePlayServices download SafetyNet Client and send crafted responses to Google Servers; those responses may be generated by replicating those from a "clean" device. In this last scenario APIs may provide valid requests without any external device.
3.4) iOS environment
I know nothing about iOS environment, so this is just a hint. For what I know there is no Google SafetyNet for iOS, I believe there is an equivalent by Apple. But if there is no equivalent to SafetyNet for iOS, then simulating Apple requests in API may be the easiest way to keep APIs up to date.
4) Future SafetyNet approach + SafetyNet Root
Those are my "fears" for the future:

• as already said, Nia will use SafetyNet response to craft authentication of packets (and it would be stupid not doing this, since it would be a great wall against APIs, but Nia is Nia and we know how they work)
  
• SafetyNet will become more strong, they move to native code (hooking and reversing is still possible but it is a PITA) [actually this is what I would like to see in the future of Android, due to security concern]
  
• SafetyNet will go further user privileges gaining the ability to detect Magisk.
  
• Google team find a way to detect Magisk without the need for elevated privileges.
  
• SafetyNet will authenticate also the requesting device.