It was explained to me, a long time ago, that WoW's traffic was originally unencrypted and a lot of it was reverse engineered from packet captures. Thats now roughly a standard and while people cant sniff modern games, they can just go back to the old mechanics and the old netcode clones are still good.
That was something an old WoW guy told me while he was setting up a local WoW server in college but it feels good.
It's a lot of work to replicate and no, dice rolls and quests are not client-side.
Beyond the graphics, pretty much everything in your post is wrong.
Even many of the events are implied, like how regular attacks continue at a fixed frequency once started, so other clients only need to know when the player started attacking and whether they are still in range, and player run speed is a constant so a player running in a straight line doesn't generate additional events.
I even suspect the dice rolls are coming from a shared RNG that each client maintains independently, but haven't researched it.
This is how WoW classic was playable over a 33K modem.
Funny fact that both Blizzard and GitHub nowadays owned by Microsoft, so in the end, Microsoft hosts private server code for its own game.
But if you're taking this code, host it on a powerful server for everyone to join, integrate shop to extract money from players, advertise it as a separate game. That's basically running a company which extracts money from Blizzard IP. That crossed the line.
I'm not the one to protect Blizzard, but in my opinion they're doing the right thing here. Turtle WoW attracts players who could be paying subscription to Blizzard and play WoW Classic.