I did not understand what was happening with the session keys.
Actually set_session_keys updates the session keys submitted as metadata in claim_membership, which does not check the metadata are valid. So don’t call set_session_keys, put your session keys in claim_membership directly.
set_session_keys is only needed for rotating the keys when you are already smith.
I’ll fix the docs, thanks!